Cyber Smart is a book about protecting money and information from cyber criminals by cybersecurity expert Bart R. McDonough. The book explains what bad actors are trying to accomplish through their uses of technology, as well as whom they target, where and when they strike, and how they operate so that people may take effective countermeasures. The introduction mentions the various attack vectors to be examined in detail later, then presents the five basic steps to cybersecurity that he repeatedly advocates throughout the book: keep devices updated, use two-factor authentication, use a password manager, use up-to-date antivirus software, and create data backups. This bit becomes a bit tedious as the book goes on, but each of these five points is good advice. He then lists several myths about cybersecurity that will be debunked throughout the book. McDonough finishes the introduction with a brief overview of the two parts of the book.

The first part contains nine chapters which cover the targets, goals, and methods of cybercriminals. This section is really only necessary for beginners in cybersecurity and other uninformed people, but it is good to have all of its information in one place as a go-to reference to refresh one’s memory even if one is well-versed in its subject matter. Chapter 1 begins with a story of wire transfer fraud, then tells the reader how to prevent oneself from being scammed in this manner. After providing some statistics, McDonough explains the differences and relationships between data breaches, hacks, and cyberattacks. The second chapter tells the story of notorious hacker Albert Gonzalez, then delves into hacker demographics, motivations, and methods. McDonough discusses white-hat and black-hat hackers, but does not mention grey-hats. He gives a brief overview of nation-state attackers, but mostly saves this subject for the final chapter of the book, as this is not the primary cyberattacker for most people. Hacktivism is discussed, then the chapter concludes with several stories of hackers who were caught.

In the third and fourth chapters, McDonough explains that the goal of hackers is usually profit and that their methods are different means toward that end, even for black-hats who served prison time and became white-hats. He tells the reader how stolen credentials are used and sold on black markets, then calls attention to medical identity theft, a rising threat in recent years. The various types of malware that afflict computers gets a thorough overview, as does the concept of social engineering, which is the use of deception to obtain personal information. The rest of Chapter 4 details the various types of scams that one may encounter. It is here that one sees the link between cybersecurity and security in the physical world.

Read the entire article at