Cyber Attacks: 5 Ways to Prepare Now

The New Face of War

“I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones” — Albert Einstein.

We know that the new wars being waged are far from battle zones.  Cyberattacks on financial institutions, municipal utility services, ransomware, and just hacks meant to disrupt scheduled processes can plunge you into darkness, shutdown services you rely upon, or bring the supply chain to a grinding halt.  As much as technology makes so many facets of our lives so much easier, it also makes us vulnerable to suffering from the damaging effects of cyberattacks.  This blog will examine a few of the glaring vulnerabilities and how those could escalate into a major crisis very rapidly. Still, we received several emails recently asking how folks could protect themselves from the cyberattacks that are clearly going to come out of the Russo-Ukrainian conflict.  In this blog, we’ll go into detail discussing 5 things you can do now to prepare for what will very likely come next.

Download the How to Protect Yourself from Cyberattacks guide today.  We’ll post a link below or visit cityprepping.com/cybersafe for a free guide to help you get started on your journey of preparedness. 

UNDERSTAND THE REAL THREAT

If you only ever have a few dollars in your checking account, it’s not likely anyone will specifically target you.  Your account may be swept up en masse with other accounts like a school of fish trapped in the cyberattacker’s net.  Your ability to access your account pages on the internet or conduct any transactions on the internet may be halted.  You cannot just dismiss this with a “Well, I don’t interact on the internet, so no big deal.”  It is a big deal.  You might not access your accounts online, but your banks and stores often access the same systems over the same networks.  Have you ever been in a store and had to wait on your transaction because systems were down?  It’s like that.  Even if you are only paying in cash, that point of sale is tied to a more extensive network.  We don’t live in a time where things can just be written down in a ledger and transacted in cash.  When was the last time you had a clerk who could count back change appropriately without seeing the calculated total of your change on their computer terminal?

The real threat to you is the larger targets that impact your life directly and indirectly.  We have seen in recent years water treatment plants knocked offline because the computer systems they were operating were programmed in the late 80s.  That’s over 40 years of missed updates and OS releases meant to harden systems against attack.  Trains, planes, automobiles, traffic systems, tracking systems, transaction systems, logistics and shipping systems, utilities, medical records, and databases at major corporations that provide you anything and everything from physical products to services are all vulnerable.  We would be mistaken to think that they have invested heavily in securing their systems against outside attacks.  In reality, recent hacks and ransomware attacks have soberly proven otherwise.  Anyone system can stop a multitude of other systems, and the house of cards could quickly come crashing down around you, bring down your grid, your networks you rely upon, or plunge the world into chaos and dark ages.  It’s not a pretty picture when you spell it all out, but there are still things you can do.

#1 – HACKING STARTS WITH YOU

While you cannot get your region’s electrical provider to upgrade their systems, you can still do your part to protect yourself from those that would exploit you and to recover your assets after systems are restored.  You have to start by securing your corner of the system, and here is a quick list of four ways you can do that.  Again, consider downloading the FREE How to Protect Yourself from Cyberattacks document, as we will put an additional six ways in there.  

Let me start by explaining that we have worked in the IT industry for years, even as the owner of our own digital development company.  Some of the people who have worked for us started programming, web design, and web security back when building webpages could only be done in Microsoft notepad.  If you don’t know what we mean by that, just know that there’s a long history and understanding of network security and the internet here.  These more prominent hacks you hear about on the news, the millions of other breaches you don’t hear about, and the hacks already made, laying dormant and ready to be initiated, all started with a single user or a single port accessed.  The CIA’s exploit of the Iranian nuclear processing system resulted from one user plugging his infected thumbdrive into one of the centrifuges networked computers.  Often the larger financial institution exploits come from one user on a secure system clicking a link they weren’t supposed to or unknowingly providing access to their username and password.  Malicious actors gain higher-level permissions on a system or network by piggybacking off that one unknowing user.  From emails allegedly sent from your company’s CEO with exploitive links and files to stolen federal laptops that lack good user security to disgruntled employees selling information and databases, larger exploits come from individual users.  Don’t be that guy, and also harden yourself off from being exploited with these basic steps:

UPDATE YOUR SYSTEMS AND APPS

If you are like me, you hate updating your systems.  It’s a big time suck, and it can sometimes change the way you navigate or the look and feel of your operating system.  Every time I update my system or an application, it’s always with a deep breath and with my fingers crossed.  Still, updates often result from the providing company realizing an actual or potential vulnerability.  They are trying to get ahead of it with the fix.  That being said, one of the largest hacks in recent history, the SolarWinds hack, was through an update on systems.  That hack impacted numerous companies, even the Departmental Offices division of Treasury, home to the department’s highest-ranking officials.  If your update notification comes through your computer or on your phone, wait a few days before allowing the installation and switch off automatic updates on your systems until the threat of cyberattacks lessens a bit.  That pop-up on your computer warning you about the critical updates you need to make may be bogus.  Most software companies don’t communicate like that with their consumers, and most provide you the option not to update.  If it’s an exploitive update, you will probably hear about it on the news within a few days.  The best way to update your systems is to go to the sites that provide you the software and actively seek out their “Check for Updates” pages.  Do update your systems in this way if you are running old operating systems or frequently use the same Apps.  One recent study found that the latest version of Microsoft Windows had a total of 907 vulnerabilities.  One hundred thirty-two of those vulnerabilities were classified as critical.  You can bet that the company is shutting down vulnerabilities as they find them, but you leave your door unlocked if you don’t update your system regularly.  

PASSWORD1234

Update every one of your passwords right now, especially if you use the same password wherever you can.  If your password is already compromised from a previous hack, it won’t be usable anymore in that earlier version of stolen data when the hackers flip the switches on their exploit.  Second, stop using the same passwords.  Many critical systems have two-layer authentication, PINs, biometric, password vaults, or authenticator Apps like Google Authenticator.  It’s a hassle, for sure, but you need to take advantage of these protections.  Not using them is like buying locks for your house but never installing them.  When you make a password, take advantage of all the numbers and special characters available to you.  Make it complex and avoid any familiarities.  

Many years ago, we had a simple  simple password that used my pet’s name and some other memorable numbers and words.  We mainly used it for simple apps for health and diet, but sometimes for other sites too.  These simple apps often lack security and protection and get hacked.  That password that was associated with various online accounts which had anyone of them been hacked, could have been used to hack my other accounts.  Don’t reuse passwords.  If you have to write it down, write it down in two places, one secure at home and one for your wallet if it’s something you need to access when away from home.  For very important accounts, we put the password on paper and store these in my vault.  If you have it in an electronic file on your computer or a thumbdrive, make that file password protected too.  

Run something like Google Account Password Checkup.  This will inform you as to which passwords may have been compromised.  A password checker will also tell you where you are re-using passwords and where your passwords are weak.  You may find some old accounts that you don’t use anymore.  Shut them down and delete your profile.  At the very least, make sure they don’t share email addresses and passwords with your critical accounts.  Finally, get in the habit of changing your way-too-complex-too remember password on a regular schedule, like every 3 to 6 months.  We recommend a paid tool like lastpass.com or 1password.com.  We have used these services over the years to secure passwords and they have tools to alert you if there’s been a compromise.

UPDATE ACCOUNT PROFILES

Have you moved or changed cellphone numbers or email accounts?  If you have, you want to update all your account profiles online.  Even if you haven’t, you will still want to do this.  About two years ago, we were doing this at our primary banking site, and we noticed the email address they had was some weird address we had never heard of or used.  We thought, “That’s weird.” So, we changed it to what it should be and made a mental note to circle back and recheck it in a few days.  A few days later, we went back into the account, to my profile page, and it was changed back to that weird address.  We called the bank, and we discussed it.  We told them we didn’t know that address, and we had corrected it and changed it back to what it should have been.  Long story short, after a lengthy call with my bank and them reaching out to their IT folks, they had to shut my account down entirely and open a new account for me.  That was likely an exploit in their system, unmonitored but awaiting activation.  It was changing my email to that other email, even overwriting my corrections, so when their system implemented a password update, the email would go to that weird address, and voila–they were in my account.  We hope my bank was able to audit their systems for other customers that may have been affected, but the whole event underscores the need for you to conduct your own audit of all of your profile pages and settings at every major site that you use.  This keeps you one step ahead of any hackers who may have already acquired your information but don’t know how to use it or any who are lying in wait for official orders like a sleeper cell.

SWITCH TO ONLINE BANKING AND CASH

It may seem counterintuitive to protect yourself from cyberattacks by switching to online banking for some of your transactions, but you protect yourself a bit from fraud when you do.  This is a 360-degree approach to your fiscal survival that also means you should have your assets spread out to survive significant calamities and minor infractions.  We‘ll give you an example here.  We were working late one night when my wife was out of town, and we got an alert on my cellphone asking if we had just made a transaction at the Microsoft Store.  Well, my son does play games online, but he shouldn’t have access to the ability to pay for anything, and he better be asleep at 11:39 PM.  My wife was out of town and sometimes expenses pop-up in weird places, but we just texted her to confirm it wasn’t her.  What we think happened since we watch my card so closely, again watch every transaction, is that when we were coming back from his practice, we stopped at a fast-food restaurant’s drive-through.  We were talking, so it barely registered when the worker took my card and set it on the counter next to the register.  We figured he would run it in a minute, and we were talking to my son.  We think, though, maybe he had his phone propped up and filmed the front and the CVV number on the back.  That’s all he would have needed.  

We guess it could have happened anywhere, and it does millions of times per day.  We can’t prove anything, but the first thing we did was not reply to the alert we got on my phone.  That’s a known phishing hack too.  We logged into my bank from my computer and saw almost 700 dollars of transactions in the last two hours.  The bad guys were on a spending spree from the Apple store to Tacos in Las Vegas to groceries in West Covina and a few places we couldn’t discern.  Though we could easily eat $56 of tacos in Vegas, we were at home.  Within minutes of calling the bank, though, the card was knocked out of service, a new card was on its way to me in the mail, and once the transactions cleared or failed, we could file online the fraud claim and was reimbursed 100% of all the lost money.

So, within 2 hours, my account was drained $700, and it took a week to get it back, but there are two takeaways here.  First, we were  protected because so many of my transactions are electronic, and we bank online with my electronic devices and safeguards in place.  If they could take $700 in under two hours, they could have drained my entire account by morning.  If we didn’t bank online, we might not have known until my balance hit zero or my own transactions failed.  Second, the bank reimbursed our losses within a week.  They see it all the time.  They know the score, so they act fast and hope to minimize their losses while retaining me as a customer.  If you still send paper checks, realize you are sending account details, addresses, names, and routing numbers through the mail, handled by many hands and potentially stolen right out of your or someone else’s mailbox.  At the same time, most banks offer online bill pay that connects right up to the provider’s account.  Companies that don’t have an account can often be issued and mailed a check right from your bank.  Shift the liability over to the institution in charge of keeping your money safe.  Limit the exposure of your information in the world by focusing it in with your online banking.  Let them handle the security. 

This is not to say that you shouldn’t have cash on hand.  When it all goes down, and systems fail, you will be glad to have $300-$600 in low denomination bills.  When your check or credit isn’t accepted, your greenbacks may still hold perceived value.

#2 – FINANCES

Let’s assume for a moment that a more extensive cyberattack has occurred against the financial institutions or the Treasury, or the banking systems as a whole.  When it comes to getting your money back, at what point in the line are you compared to the millionaire across town?  The bank is probably still going to want whatever payment you owe them monthly, but they aren’t exactly going to prioritize your savings account.  In a more significant economic collapse, your currency could become worthless. However, I think debt collectors would still call you even knowing that the currency and economy have tanked.

Even after a significant cyberattack that brings a partial grid-down, finances are still critical.  Assuming systems will eventually be restored, you will need records of what you had where.  From bank accounts to credit card statements to loan papers, you will need to prove what was yours and what was owed and what was owned.  My Survival Binder that comes with my Prepper’s Roadmap course has some of this information in it, but for the specific instance of making it through and restoring your life after a significant cyberattack on fiscal systems, have these things in place.  First, have recent pay stubs and banking statements to show the regular patterns of your income and expenses, and balances.  Also, have printouts of the first page and balance statements of major accounts updated with some regularity.  It will be nice to prove you lost everything in your IRA or 401k if you ever have to do that.  

If the attack leads to a grid-down, partial grid-down situation, or even just significant supply chain disruptions, you will want to have between $300 and $600 or more in denominations of $20 and under.  Even if the dollar is worthless tomorrow, it will retain some value for those who hold on to the hope of a recovery.  Even if it doesn’t get that bad, cash is still king, as they say.  That store is likely to do that small transaction for you in cash even if the point-of-sale system isn’t working.  You are instantly trustable to them with $40 in hand, whereas that piece of plastic that doesn’t work doesn’t lend you any credibility in their eyes.

Build your bartering skills and network.  Sure, now you can buy a dozen eggs at the grocery store for a few dollars, but what will you do when the egg ranches go offline?  Do you think those farmers who are barely making a living wage from their corporate bosses are going to jump through extra hoops to get eggs they don’t actually own to you?  You would be much better off if you knew someone with a few chickens and you made something, hunted and processed game, or had some skill or knowledge you could trade for a dozen or more eggs.  You would be even better off if you had chickens of your own and thereby had a commodity to barter with in fresh eggs.  Understand the value of things and skills when the ordinary means of measuring value, your currency, is worthless.

We are not a financial consultant, and we don’t give financial advice, but we will tell you this final point on your finances, and that’s to lock up any abundance.  If you have thousands in savings, it is losing money for you every day, whatever the paltry interest rate you are getting on it.   Inflation and deflation will make it worth less in the future than it is right now.  Far better would you be to have it tucked away in a retirement account, savings bonds, or use it to pay down your mortgage, debt, or your car.  This converts your money now into future money, provides you resources now and in the future, and takes it off the table when cyber hackers rob your institution where you keep it.  You could keep it under your mattress or in a wall or buried in a mason jar on your property as your great grandparents did.  Heck, the ancient Romans used to bury it outside the castle, city, or estate walls just because invaders and robbers would look within the walls.  The problem with this strategy, though, is it’s just sitting there losing value until some successive generation stumbles upon it.

That’s everything we will say about your online presence and your finances here.  We will leave the rest for the FREE download.  Here we have to discuss something more germane to your survival. No talk of protecting yourself from cyberattacks would be complete without addressing what you need to truly survive these events: water, food, and energy.

#3 – WATER

On a planet that’s blue from space because of the amount of water, it’s important to realize that only .3 percent of it is drinkable.  Of that amount, much of that will still make you sick from viral, toxic, or bacterial contaminants.  Humans do a great job all on their own polluting that small amount.  So there’s more than 97.7 percent of the water that won’t do you a bit of good when you are thirsty.  We cannot stress the need for water more, especially with the type of disaster that comes with cyberattacks.  These large-scale operations are on infrastructure targets because they cause the populous the most chaos, pain, immediacy, and anxiety.  Still, most people are entirely reliant upon their municipal water sources.  When it rains, that rain is swept away from their property, and not a drop is retained.

These big companies that control the flow of water to your tap have made it illegal in some states even to put a rain barrel under your gutter to collect water for your lawn or garden.  These are also the same companies that have spent so little on hardening off their systems that they are running Windows 98 to mix the proper chemicals to treat your drinking water.  These are the same big companies that don’t upgrade their systems, and we hear about their huge profits and high levels of lead or other toxins in the drinking water.  The water system is incredibly vulnerable as it is and more so because so many are utterly reliant upon it.

At the risk of repeating myself ad nauseam, take steps now to store 3-months of drinking water for each person and pet in your home.  Beyond that, have the means to filter and treat the water you collect from the wild.  Many will die of dysentery in their very private lakeside communities in a grid-down situation.  Others will be so desperate for a drink of water that they will steal it from anywhere they can get it.  Don’t depend on getting the water you need to survive from the government relief truck that may or may not come into your neighborhood with drinkable water for the masses.  It might not come.  It might not have enough for you after the thousands of desperate people clamor to get theirs.  Survive a largescale cyberattack by having the water you need to survive stored in your home.  Cans and bottles of water from the store to replace your flowing tap will be the first thing depleted and looted from those stores.

This is a small thing.  When we look at it now, it’s a small task, but it will rise to a matter of life and death the moment the grid goes down in even a partial way.

#4 – FOOD

Just like water, you need food to survive a large-scale cyberattack that could render the supply chain from farm to table useless.  Corporate farmers might have bigger hearts than the corporations they answer to, but they don’t own that grain or that harvest.  Here is another example of what we mean.  In the recent shutdowns from the pandemic, millions of people were no longer eating out.  The demand for potatoes for everything from fries to chips plummeted.  Did those farmers process those potatoes into dehydrated mash potatoes?  They didn’t have the means to do so.  Even the companies that do that didn’t have the means to process that overabundance.  Did they give the potatoes away?  In some cases, they gave tons of them away to local residents.  We don’t live near a potato farm, and you probably don’t either, so I didn’t get any of those free potatoes.  You probably didn’t either.  In many cases, the farmers dug giant pits with costly backhoes and simply buried all those potatoes and wrote off the loss.

Your food supply chain is vulnerable.  From production to logistics, there are many exploitable points along the way.  So, what can you do?  First, start storing enough food to get you by for an incredibly long period, and know how to cook it when the power goes out.  Canned goods are great and not as susceptible to inflationary forces in the short term, but they come with an expiration date.  Dehydrating food will give you up to a year on that expiration date– sometimes longer and sometimes shorter.  Knowing how to can or pickle food can not only extend shelf life but provide you with a useful skill when your refrigeration no longer works, or you are collecting your own food.  Freeze-drying your own food or buying freeze-dried foods comes with a heftier price tag upfront but can give you meals that will taste fresh and last for 25-years or more.  We cannot imagine what 20 pounds of beef will cost in the year 2047.  It might cost the same as a freeze-dryer purchased today.

It may seem odd to fight a cyberwar by growing your own food, but you need to start a victory garden of your own, either on your land or someone else’s.  You need to know the edible plants in your area, and you need to know how to preserve, freeze-dry, dehydrate, and pickle every scrap of food you acquire.  Get to the point of zero waste.  If you only grow patio plants, it’s something.  It may not sustain you entirely on its own, but it will stretch and supplement your foods.  It will give you something to trade and barter with.  Build a supply of shelf-stable foods.  It may not end up being enough to keep you for months or years after a significant breakdown of systems, but it may be enough to help you survive through to a better day.  The ultimate goal is always self-sufficiency, of course, but that isn’t always a possibility for most on limited land and with limited resources.  Focus on your 3-week, 3-month, then a year or more supply like I outline in my Prepper’s Roadmap course and work from there.

#5 – ENERGY

There are other pillars of survival that we could cover, but water, food, and energy are the three biggies when it comes to insulating yourself from cyberattacks.  That is because these three pillars of survival are also the most vulnerable systems that we have exposed to cyberattackers.  When it comes to energy, we mean all forms of personal energy that you use.  If the grid goes down tomorrow and remains ransomed for weeks or systems are simply destroyed by hackers, your problems become much bigger than flipping a switch and realizing the lights are out.  Your phones will be down.  Security systems will be down.  Medical, EMS, fire, and police services will be down.  All forms of utilities beyond electricity will eventually be down.  Even natural gas isn’t a magical delivery system of flowing air.  It relies on pumping stations and monitoring equipment.  Some of those run generators on the natural gas they produce, but the same isn’t necessarily true at the furthest points on the capillaries from the pumping stations.  Water is often fed to communities through gravity from those massive hillside water towers. Still, those are replenished and continually filled by electric pumps that push the water up to them.

When the energy stops flowing, just consider that all systems as you currently know them will eventually fail.  We don’t have a well or a natural gas main.  We don’t even have a forest nearby to provide me and everyone else with burnable wood.  You need energy from refrigeration to charging radios, flashlights, walkie-talkies, or reusable batteries.  At the very least, you may need biomass energy to boil water you obtained in the wild.  You may not be in a position to install a home power solar system and battery like we just showed in a recent blog. Still, Jackery solar-charged battery systems like we reviewed a few months ago are on sale at Costco right now, according to their most recent circular.  You can also get one from the link provided below.  Maybe that system or an even smaller system with a few other products could keep you cooking, boiling water, charging phones, and whatever else you absolutely need to survive.  We’ll post links below to some solar generators we would recommend that we’ve recently reviewed.

We would recommend you watch the video we created a few months ago to help you determine your power needs.  If you haven’t watched it yet, we’ll post a link below.  Definitely start there. Approach your energy needs first by assessing what you absolutely need.   Understand the vulnerability of the current system.  Fill out the energy assessment we made available through City Prepping (LINK), and understand what you will need to get by on your own.  Then, start building the same way you approach the other preps.  Get your self-sufficiency to 3-weeks at the bare minimum.  Maybe rechargeable battery systems will handle the basics.  Then get to 3-months or more. Perhaps a solar battery or other renewable system is what you need.  Simply having a gas generator as backup won’t be enough after 3-months when gasoline is scarce.  You may be surprised with how little you need to get by, but energy provides us light and heat when properly harnessed.  Do you have hurricane candles, a means to heat or cool your living space?  Do you have the means to cook and purify water for three or more months?  Don’t overlook your energy needs.  Look at it from all angles and make yourself as infrastructure independent as you can be for the longest amount of time.

Conclusion

You will find more information on what you should be preparing in the FREE downloadable How to Protect Yourself from Cyberattacks PDF, which you can download via the link in the description and comment section below.  We want you to have a solid printable version of it all in hand.  Feel free to forward it share the link with other family members, co-workers, or friends to help spread the word about prepping for cyber attacks.

There are casual preppers and hardcore preppers.  There are people who craft or can or cook for their enjoyment and people who do it as a business.  There are people you know who prep, and there are a thousand for every one of them prepping that you don’t know about.  There are rich people looking to escape into space or in their triple insulated bomb shelters far underground, and there are those who, on meager funds, are learning to do for themselves and how to survive, even thrive after life throws the worst at them.  We don’t know where you are on any of those scales, but we know it doesn’t matter.  If you look at the long arc of history and you look at how recent global upheaval has predictably panned out, you would be foolish not to brace for even more tribulation and chaos.

We are engaged in what can only be characterized as World War III.  We can’t imagine that when Albert Einstein said, “I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones” that he ever thought one of the weapons of World War III would be cyberwarfare; yet, here we are.  We have already seen the weapon wielded in many ways over the years. From individuals to state-sponsored operations, many cyber groups openly threaten to attack for one side or another.  This isn’t a question of if.  It is a question of when.  

We would like to say that things will get better tomorrow.  We would also like to say that the price of gasoline will one day go back under two dollars.  Both statements would probably be lies or, at least, gross understatements of the realities we are facing.  Many cyberattacks have already been launched since the start of the Russo-Ukrainian war, and many more are to be expected.  Most people will be blindsided when one of these attacks impacts them directly.  Some people will even criticize the advice and explanations I am giving here as fear mongering.  That’s okay.  There’s lots of opinions and information on all sorts of matters, but that doesn’t change the fact that some, as again my great grandfather used to say, would “Miss the forest for the trees.”  You don’t have to be most people if you start diligently and methodically prepping today.  We tell you this because, if it all goes, as my great grandfather also used to say (he was full of aphorisms), to “Hell in a handbasket,” we would like to think that we helped a few people make it through to better days.  We would like to believe that others will be standing with me on brighter days when we rebuild a better future together.

What do you think?  What’s the most vulnerable system you see and how are you addressing that?  Let us know your thoughts in the comments below. We try to read the comments and respond to them when we can, typically within the first hour of releasing a blog. Please consider subscribing to the channel if you’d like to be notified when we release a video and give this video a thumb-up to help the channel grow.

As always, stay safe out there.