Learning Security from Chinese Rebels
It was the fall of 2000 and we still hosted our own website. I walked into the server room one morning, sat down at the web server to modify something on the web page and was shocked to see a big red screen with a notice to “free the Chinese rebels.” It is not that I did not support their cause, but I sure did not want that on our firm server. I called the FBI in Dallas. They did not have a cyber unit (did not even know that term), but Special Agent Lydia Maese offered to come out to see what had happened. I showed her team what was up and she did what she could to help but they had few tools then to trace the problem. We tightened our server and moved our webpage offsite, of course, but that was about it.
A few months later, Lydia called me and asked if I wanted to be part of a new cybersecurity group they were forming. They would keep me informed of incidents via email and I could always pick up the phone and call them for assistance. I jumped at the opportunity. That group was part of what became InfraGard and cybersecurity has now become a major part of the FBI’s job.
From that incident, I became security conscious because I realized anyone could be hacked; it did not matter that we were a small law firm in Fort Worth, Texas. I sought out free resources, like everything SANS had to offer. Back in those days, SANS President Alan Paller and I exchanged emails; he sent out a newsletter and I gave him tips on how to make it more readable for our users, plus the odd grammatical edit (could not help it). That newsletter became the OUCH newsletter you probably receive today. This ongoing exchange with Alan kept my interest piqued in all things security. I continue to read SANS newsletters weekly and their SANS Newsbites provides the most up-to-date patch information I have found.
Saving People from Themselves
In spite of the hack, I have always had a hard time convincing some of our people that security is their problem, not just mine, and definitely not just a big law problem. They could not believe that a hacker would want what a law firm in Cowtown, Texas has, and I felt a personal and professional need to protect them from themselves. This is where being the only IT person in the firm has its benefits: no one knows what I am talking about, so I can do what needs to be done. I beefed up our firewall and our anti-spam, anti-malware systems. I sent out the OUCH report every month, which was read by a few people. I work a lot just to keep up.
In spite of my efforts, the universe took over again and an attorney called me in a total panic one afternoon. Remember those web popup things? Well he got a good one and was so afraid he had leaked something into our network that he became a believer in security that day. That is all it takes, right? One shocking experience and an unbeliever becomes a believer.
I keep preaching security and keep making the work lives of our users a bit more difficult every day. We continue to be targets, even “little old us” in Fort Worth, Texas - not because of who we are, but because of who our clients are, or who their clients are. Finally our people start to understand the magnitude of the problem. The Target breach helped break down the “it can’t happen here” mentality. Oh, and then there was that day the CryptoLocker ransomware got in but was not able to phone home because of OpenDNS. Another unbeliever became a believer.
I may be in a small pond here but I am big on security because I know just how bad it can be. I have never been lucky enough to learn from others’ mistakes; I always get to deal with my own. For my efforts, my integrators awarded me a “Security Ninja” award, my most prized possession. As we used to say in the 60s’, it can happen here.
About the author...
Betsy Horn has been the solo IT department for Harris, Finley & Bogle, P.C., Fort Worth, Texas, since 1998, where she previously worked as both a certified paralegal and a legal secretary. She wears all the IT hats managing all of the firm’s equipment, software, user training, and disaster recovery, supporting approximately 70 personnel and two offices. She handles the boring business end or budgeting, purchasing, and forecasting, too. Betsy and the firm experienced a tornado tearing through their offices in 2000, resulting in a succession of moves and a deep dive into disaster recovery. Betsy is known among her peers as the Netwitch.