Robert Willis is “one of the top hackers in the world” and is featured in the best-selling Tribe of Hackers books from Wiley Publishing.
Georgetown is fortunate that Robert and his wife, Victoria, just purchased Georgetown’s oldest and highest rated Tattoo Shop — Needlewerx
GeorgetownTattoo.com
Our new Georgetown resident and business owner deployed last August with the Army and Air National Guard during the Ransomware attack that impacted State agencies across Texas. He made history as the first member of the Texas State Guard to be deployed on a joint mission that included all branches of the Texas Military Department in a cyber event, and just last month, received the Texas Medal of Merit for his efforts. He is also the managing partner of 1337, Inc., a security defense provider in Austin.
Everything is Hackable
Robert assures us every electronic device has the potential to be hacked. “To protect yourself, it’s important to understand how an attacker would be able to access it. If the device is not attached to something that can be exploited remotely; e.g., the Internet, protection rests with physical controls. This requires physical access to the device.”
If your device is attached to a Network, Wi-Fi, or Bluetooth, it can be easily visible. There is software and devices attackers can use to easily view and query your device; everything from cars, cell phones, to medical devices. He says attackers use various methods to find vulnerabilities—and exploit them—to take control.
To protect yourself, stay up to date on patches (updates) for your device, and keep your security and visibility to others in mind when you’re online.
Don’t attach your device to untrusted public networks, don’t open suspicious emails, and don’t download untrusted items
Nothing is Hack-Proof
We are all familiar with the updates our providers send to protect users from vulnerabilities identified by security researchers. Robert says, “One of these popular updates is known as ‘Patch Tuesday’, which usually occurs on the 2nd and 4th Tuesday of the month.” Microsoft regularly releases patches for new vulnerabilities, and each update may involve dozens. of patches. He adds, “Unfortunately, the following day is known as ‘Exploit Wednesday’, because those who don’t patch—a huge number of people and businesses—are susceptible to previously undisclosed vulnerabilities that are now public.”
While nothing is absolutely secure, it is critical to maintain proper security maintenance and invest in proper security because it eliminates “low hanging fruit” for less experienced attackers to exploit.
What’s on my device?
Robert explains there are many variants of Malware (Malicious Software) that spy on you, feed unwanted ads, and even hijack your computer; making it into a “zombie” to do an attacker’s bidding.
Recently, the news has been full of Ransomware attacks. These hackers demand money by threatening to release information on a victim, or encrypting files on a computer and making them unreachable to the owner.
Encrypting files on a computer can have a major impact on businesses that do not have backups and are faced with a standstill. He says, “Many companies and governments have paid the ransoms, sometimes in the millions of dollars. This is the type of hack that affected state agencies across Texas last summer. Many local governments have fallen victim, and the threat isn’t going away.”
The Good Guys
Robert is just one of the real-life “Ethical Hackers” or “White Hat” hackers. Companies hire him to perform vulnerability assessments or penetration tests, which are defined depending on the scope of work.
White Hats find vulnerabilities in clients’ networks or software so they can fix them before an attacker finds them. The critical nature of these tests has resulted in their regularity being a legal requirement for different organizations, particularly those that handle credit card information.
He adds, “Ethical hackers put themselves in an attacker’s shoes, to look at a company as an attacker would, which keep the client a step ahead. This is something my company, 1337 Defense specializes in; I do this with my team on a daily basis.”
But I’m Not a Business
Robert says all of us have most likely already been victims of stolen information; including social security numbers, passwords, and credit cards. “This is shocking to people who don’t follow company breaches, but in 2017, Equifax announced the data breach of 148 million Americans. This included social security and driver’s license numbers, and more than 200,000 credit cards.”
News agencies don’t report the countless breaches with major companies where individuals’ emails and passwords have been leaked; much of that information is readily available to attackers. Just a sample of the companies breached includes LinkedIn, TicketFly, Adobe, and MySpace.
To see if you’ve been compromised, visit “haveibeenpwned.com”
and type in your email address
“If you use the same password for multiple accounts, attackers can seize control over them all if just one becomes compromised. This happens a lot more than you could imagine.”
You Can Help
Robert says cybersecurity is a great career field; one of the most in-demand and fastest growing in the tech sector. There is a massive shortage in individuals with cybersecurity skills as well, making high paying jobs easily found.
“For those interested in getting into the field, it’s important to build a good foundation before branching off into a specific area of cybersecurity. You don’t need to go to college for jobs in the tech field, like Elon Musk has said, it’s all about your skills.”
Robert recommends obtaining industry-recognized certifications because in most cases they are the only way for an HR department to verify your knowledge.
- 600,000 Facebook accounts are compromised every day.
- Hackers use out of date versions of software to launch attacks.
- View a simple, real-time cyber attack map at threatbutt.com/map or a multi-faceted view at talosintelligence.com/fullpage_maps/
- Lenovo Computers is partially owned by the Chinese government and their computers come preloaded with secret backdoor access. As a result MI6, the CIA and other spy agencies have banned their use.
- A hacker attack occurs every 39 seconds.