Log Out | Member Center

56°F

82°/54°

Cyber private investigator in Wichita: No one has secrets anymore

  • The Wichita Eagle
  • Published Sunday, Oct. 13, 2013, at 8:02 a.m.
  • Updated Saturday, April 12, 2014, at 10:43 a.m.

How to help protect your data

Cyber-security tips from Emery Goad and Ravi Pendse

* Use only one or two credit cards. “Why do people need six or more credit cards?” Goad asked. “You only need one, really.”

* Check your bank statement at least every other day. “I know that can be annoying,” Pendse said. “But so is losing money. ”

* Consider using “virtual credit cards” when you shop online. Also known as temporary, disposable, or “one-time-use” cards. “They take only a few extra clicks when you use them,” Pendse said.

* Change your passwords regularly, on your home computer, on your Amazon accounts, on every online entity where you’ve trusted someone with your bank card and other information. “Yes, that can be annoying, it adds all these clicks,” Pendse said. “But it also adds work when you lock your doors at night. Or when you go Christmas shopping, and put your presents in the trunk instead of the back seat in the open when you go shop at another store.”

* Make sure your card company always has your current phone number. “Your card company is your friend,” Pendse said.

Emery Goad, a private investigator and one of the possible victims of the cyberhacking attack on Wichita’s City Hall this week, was shredding paper containing his private information on Thursday.

And he was wondering, with a laugh: “What’s the point?”

The story that broke out of Wichita last week was that Turkish cyberthieves hacked into a City Hall procurement website. Two Internet news sites claim bank files and Social Security numbers were taken in an invasion still being investigated by authorities.

Goad, though a supposed victim, says this kind of thing is just one of our worries. More important: It raises larger questions, again, that we really need to think about, he said.

Goad is a cybersavvy private investigator who has encountered many of the lies and scam artist and back-channel thievery stories ever concocted. Ravi Pendse has studied hacking worldwide as a Ph.D. researcher and expert on the Internet, database storage and cybersecurity.

Both say we are under surveillance of various kinds now and under threat from hackers. We are being photographed, video-recorded, our keystrokes recorded, Goad said. Which is why Goad was chuckling as he destroyed data. Why shred it when somebody has it anyway?

“I hate to sound so scary,” Pendse said. “But we all are surrounded by malicious actors now.”

They both have suggestions about how to watch our backs.

Pendse says in a cheerful voice that it isn’t that hard. “All it takes is Kansas common sense.”

Goad is not so sure. Or so cheerful.

‘No one is safe’

“It’s like an arms race,” Pendse said. “Malicious actors are constantly developing new ideas, and you need to hope that those who protect you are always one step ahead.”

“No one is safe. The Pentagon has been hacked. Banks in New York have been hacked.

“There is a thing called Shodan,” he said. “Shodan is the Google for hackers. It searches the back channels, looks for open unsecure ports, and publishes those addresses. If I am a new person to hacking, I look at Shodan.”

This is relevant because we all have shopping, personal or business relationships with places to whom we’ve shared our credit card numbers and sometimes Social Security numbers. Businesses, city halls, online shopping sites, insurance companies, banks: if they get hacked, we get hacked.

“There are now YouTube videos to teach you how to hack,” Pendse said. “If you Google how to hack, you might get 9 million hits, with YouTube videos teaching you step by step.”

Pendse, former vice president for information technology at Wichita State University, began a similar role at Brown University in Rhode Island a few weeks ago. Because of his work with big Internet companies like Cisco and NetApp, he’s considered an authority on data security.

“In the early days of hacking, the person hacking might be some 14-year-old trying to see what he could do,” Pendse said. “But now state actors (countries) do it. The Chinese do it. When the Russian army fought the country of Georgia, they first launched a cyberattack and took down all communications in Georgia.”

“Criminal gangs hire very intelligent people to steal money from banks. There is now a large black market, involving data miners buying and selling credit card information.

“It is a really interesting and scary world all over the map.”

Spying, surveillance are everywhere

Goad does not believe that a group of Turks hacked into City Hall, even though Cyber War News reported this week that an outfit called @AgentCorporatio claimed on Twitter to have done the deed to retaliate against U.S. support of Israel.

He thinks that tale was “a joke” planted by perpetrators who are more likely data miners, a relatively new species of entrepreneur. “They were probably harmless, and took data that they’ll then sell to other data miners, who then will sell some of it back someday to people like me.”

Data miners are usually legitimate, he said. Some, not so much. He works with some of them, and so do businesses, governments, insurance companies, credit card companies and many other entities. Data miners acquire, buy and sell information, including information on us and our buying habits.

“The old right to privacy – it’s pretty much gone.”

We are spied on everywhere, he said. There are now thousands of road cameras, building cameras, surveillance cameras and data entry points, he said.

There has been a story run repeatedly on the news in recent days that Goad finds fascinating: A motorist recently plowed through a group of motorcyclists, and got chased and beat up. This was video-recorded, Goad pointed out, by a helmet camera worn by one of the motorcyclists. We can now constantly video-record each other, Goad said.

There are companies compiling databases showing where millions of license plates have been “seen,” (recorded by road cameras and other cameras). That’s a way to track a car’s movements, he said. The American Civil Liberties Union recently reported on its website a story (picked up by Virginia newspapers), that the Virginia State Police since 2010 gathered license plates showing which political rallies private citizens had attended.

Inside homes, where children and spouses have smartphones and other devices, images and voices can be recorded and sent elsewhere, depending on how everyone is getting along, or not, Goad said.

“Make the assumption that you have no secrets,” Goad said. “Because you don’t have any secrets, not anymore. Assume at all times, at work, at home, at the casino, at any public place, on your smartphone, that you are being surveilled.

“Because you are.”

Reach Roy Wenzl at 316-268-6219 or rwenzl@wichitaeagle.com. Follow him on Twitter: @roywenzl.

Subscribe to our newsletters

The Wichita Eagle welcomes your comments on news of the day. The more voices engaged in conversation, the better for us all, but do keep it civil. Please refrain from profanity, obscenity, spam, name-calling or attacking others for their views. Please see our commenting policy for more information.

Have a news tip? You can send it to wenews@wichitaeagle.com or consider joining the Public Insight Network and become a source for The Wichita Eagle.

Search for a job

in

Top jobs