Friday, July 24, 2020

The Great Toilet Paper Cyber Hack of 2020: Part 2 - Lessons Learned

Stop! Before proceeding, check out Part 1 of the Great Toilet Paper Cyber Hack of 2020 - posted on July 10, 2020.

Lessons Learned

When I reached out to Hal several weeks later to ask all the questions that kept nagging me about this activity, I learned that Hal had taken several actions to ensure this would never happen again. Hal and I agreed that we should share those as lessons learned.

1) Shop From Known Merchants

As mentioned in Part 1, it’s always best to be suspicious of unsolicited advertisements on social media sites, in emails, and anyplace encountered. No doubt, many of these sites are legitimate with legitimate products to sell; however, as Hal experienced, many of these are created for malicious purposes. Some of these purposes might include:
  • obtaining your credit card, your password, or other personal information;
  • enticing you to donate to a fake charitable cause;
  • or to download malware onto your system.

In Hal’s case, he got a double dose - the site he accessed sold him a fraudulent product and downloaded malware onto his system.

Another point - pay attention to where the items are coming from and where the business is located. Unless you specifically desire a foreign-made product, it’s probably safer to buy from U.S. suppliers.

2) Use Two-Factor Authentication

Use two-factor authentication on all accounts where it is offered, such as social media, bank, shopping, and - most importantly - email accounts. This will help prevent access to your accounts should your credentials be stolen. Additionally, never reuse your passwords across multiple accounts. If the account credentials for one site are obtained, you don’t want them to be used to compromise other accounts.

3) Don’t Store Account Credentials in Your Browser

This one is challenging, I know, but refrain from allowing your browser to store your account credentials. It may seem a convenience but as Hal experienced, if an attacker gains access to your computer, it’s relatively easy to extract and decrypt those credentials out of your browser. Even a rookie can do it! Use a password manager to safeguard your passwords, and ensure you authenticate to that tool using two-factor authentication.

4) Lock Your Computer

Additionally, Hal mentioned that he now locks his computer when he isn’t using it, and for good measure, he never leaves his browser windows open and logged in to his accounts.

5) Backup Your Files

Reloading his computer didn’t concern Hal at all because he had a regular backup schedule and was confident he wouldn't lose any important pictures, documents, or other data. I know many people who back up their data to a cloud service, and many others who use a USB-connected drive. Either of these will work as long as you appropriately safeguard access to your backups. This means two-factor authenticated access to your cloud provider, or ensuring that you disconnect the USB drive and store it somewhere safe. Do not keep it connected to your computer or in your laptop bag once you are done with the backup!

A Happy Ending

Hal assured me that his reloaded computer is working better than ever and that he’s confident this will not happen to him again. Additionally, his cabinets are now stocked full of Charmin Ultra Soft Mega rolls - the authentic product! He committed to never allow his supply get low enough during a global crisis to be tempted to order from any previously unheard of Chinese site! Oh, and subsequently, we learned that Charmin makes their product right here in the U.S.A., so there is no need to send away to China to get this essential product!

Today's blog comes from State of Colorado Chief Information Security Officer Debbi Blyth.

No comments:

Post a Comment

OIT encourages open discussion, and we invite you to share your opinion on our issues. By commenting on this blog, you are agreeing to our commenting policy, outlined below.

We reserve the right not to publish comments on our blog containing any of the following elements: profanity, misinformation, spam, off-topic/irrelevant (including self promotional posts not having to do with IT or the organization), personal attacks, promotion of violence, or the promotion illegal or questionable activities.

If you repeatedly violate this policy, you will be blocked from commenting.

If you have a question regarding this blog or anything on it, please email us at

We appreciate your cooperation and support, and look forward to connecting with you!