It seems that almost every week we hear of another cyber attack or hack on a business in the U.S. It is estimated that cyber crimes cost the economy over $100 Billion each year and that trend is expected to continue. Some estimates peg that number as high as $1 Trillion dollars in total damages. Most cyber attacks that make the news are targeting information such as account numbers, passwords, and social security numbers. Other attacks target intellectual property or information like the widely reported theft of massive amounts of data about NATO's Joint Strike Fighter by China. More ominous are malicious attacks intended to do harm to a business or organization such as Denial of Service (DDoS) that can bring down a website to attacks like the recent attack on Sony Pictures by North Korea.
Researchers at Symantec have confirmed infections of the Duqu Virus in Switzerland, Ukraine, the Netherlands, Vietnam, Sudan, India, and Iran. The Duqu Virus, rumored to be the “son of Stuxnet”, has been found in Microsoft Word files sent as attachments in emails and has been used to target companies involved in the manufacture of parts for industrial control systems. In 2010 an Iranian Nuclear Facility containing centrifuges was damaged by a similar type of virus called the Stuxnet Virus. Stuxnet was discovered in June of 2010 and targets Siemens Industrial Control software running on Microsoft Windows and it is widely believed that the United States with the help of Israel, developed the virus to cause damage to the Iranian Nuclear Program.
In a 2007 test at the Idaho National Laboratories, called Aurora, government hackers were able to insert a virus into the industrial control software of a large diesel generator causing it to self destruct in a cloud of smoke. The test showed how vulnerable the US power grid is to cyber attack.
Should you be concerned?
Yes you should be concerned. Should you run out and withdraw all your money from your bank and retirement accounts? No. These types of viruses so far seem to be designed to target industrial control software used by electric utilities, water treatment plants, and industrial manufacturing facilities. The reason you should be concerned is that if an attack was successful on an electric utility it could have a devastating impact on a large area, cause massive economic damage, and take days or even weeks to repair.
What should you do to be prepared for such an event?
Have an Emergency Preparedness Plan prepared in case of an extended power outage. The scope of this article is how to prepare your finances for an emergency however, an event such as a coordinated attack on the US power grid is unprecedented. Some things that you need to think about are:
- List of account numbers, monthly payment, and contact information for banks, credit cards, investments, mortgage, utilities, cable, internet, telephone, insurance, etc.
- Online account numbers and passwords for internet accounts you need access to.
- Enough cash to cover expenses during a power outage. If you did not have access to your financial institution would you have enough cash on hand to cover necessary expenses? Do you even know what your necessary expenses are?
- What if your financial institution was the target of a cyber attack? Do they have a plan? Do you have a plan?
- What if you live in area such as Phoenix where the temperatures can reach 110 during the Summer months? Do you have the cash necessary for travel? Most businesses now are not prepared to process credit cards during power outages so you will need cash, travelers checks, or a money order.
- How are you paying your bills currently? Would you be able to pay your bills if the power was out for an extended period of time?
- If your financial institution was the target of a cyber attack, do you have access to other funds to cover your expenses?