Steve's 2 Cents - Cyber Security Best Practices

Authors note: You may not think of yourself as a business but you are! You have or are working hard to increase your audience, I know I am, and you have likely created a website and newsletter. Both are important to your success, but pale in comparison to your social media and email contacts lists. Protection of these valuable assets is a top priority. Fortunately, there are simple and effective steps to take which cost little to nothing to implement. I will get to those in a minute, but first let’s talk about a recent hack.

Mailchimp Hack
Many author newsletters I subscribe to use Mailchimp as the tool to interact with their readers. Unfortunately, Mailchimp was hacked. According to TechCrunch about 300 user accounts were compromised and customer data was extracted for 102.

In a statement given to TechCrunch, Mailchimp CISO Siobhan Smyth said the company became aware of the intrusion on March 26 after it identified a malicious actor accessing a tool used by the company’s customer support and account administration teams. Access was gained following a successful social engineering attack, a type of attack that exploits human error and uses manipulation techniques to gain private information, access or valuables.

“We acted swiftly to address the situation by terminating access for the compromised employee accounts and took steps to prevent additional employees from being affected,” Smyth said.

But not quickly enough, as hackers viewed approximately 300 Mailchimp accounts, and successfully exported audience data from 102 of those, the company said. Mailchimp declined to say exactly what data was accessed but told TechCrunch that the hackers targeted customers in the cryptocurrency and finance sectors. In addition to viewing accounts and exporting data, the threat actors gained access to API keys for an undisclosed number of customers, allowing the attackers to potentially send spoofed emails, but which have now been disabled and can no longer be used. But Smyth said that Mailchimp received some reports of the hackers using the information they obtained from user accounts to send phishing campaigns to their contacts.

“When we become aware of any unauthorized account access, we notify the account owner and immediately take steps to suspend any further access,” Smyth told TechCrunch. “We also recommend two-factor authentication and other account security measures for our users as added measures to keep accounts and passwords secure.”

What are three things you can do to help prevent data theft? Let’s start with the common password:
1Use passphrases versus passwords. Example – W0lf!998Elle – simple to remember and has a 0 replacing the o in Wolf and a ! replacing the 1 in 1998 along with upper and lower case. Hack the hackers – misspell one of the words 😊.

2 – If your service offers it, turn on two-factor authentication. It can seem a pain to have to wait for the text and then enter the code, but the extra security is well worth the minor inconvenience.

3 – Do not use the same passphrase everywhere. If your passphrase is hacked, the bad actors have access to everything. Pick a theme and create variations on the theme.

Additional information:
5 Password Security Best Practices You Can't Live Without in 2022 (swisscyberinstitute.com)

If you have trouble remembering passphrases for all your devices, web and apps you use consider a manager.

The Best Free Password Managers for 2022 (PCMag)

About Steve: My Path To Becoming An Author

The event which formed the basis for Shadow Tier happened in October 1993. Between then and 2019 (26 yrs.), when I started writing, I would make many attempts to turn the event into a story/movie.

Being the tech nerd and visual person I am, I thought flow charting the major plot lines made sense. I still have the original on paper.

 
 

I still do this, but with sticky notes and plot lines taped to my wife’s wall of cookbooks.

Time passed, and life was busy. I wrote proposals for government contracts, and we used storyboards to lay out our response. The movie industry followed a similar practice, so my second attempt was to put plot ideas on to storyboards. For those who do not know, a storyboard is a combination of words about the scene and a graphic portraying its core theme. Here is an early Star Wars version.

 
 

Time passed, and life was even busier. During the intervening years I wrote a scene here and a chapter there. In 2017 I moved from northern Virginia to Colorado. I was looking at going home to California, but stopped in the Denver area after two years of massive fires in California. Then I met my wife, told her about my story and she gave me the push I needed to just start writing. I started Thanksgiving break November 27th 2019. It took six months for the first draft, then a year to polish. During that year of editing and rewriting, I jumped into the writing community. But more on that another day.

Best,
Steve

5 Steps To Landing A Good Literary Agent

From the website of Mike Wells

Mike provides a detail list of the steps and actions to take on the way to landing an agent. A short outline of the steps pre-work looks like this: Is your book complete. Is it the right length? Is your manuscript polished? And last but most important — Are you sure you need an agent? If so then the work does not stop. 1 – Write a Strong Query Letter, 2 – Build Your Query List, 3 – Send Out Your Queries, 4 – Adjust Your Query/Manuscript (may not be necessary), 5 – Sign the Contract and Celebrate!

Of course there is a lot more to each of these elements and that’s why I suggest your go to Mike’s website to get all her expertise.

Best Steve

Visit Mike’s website.

Signed A 3-Book Deal With Force Posiedon

As you may have heard during my cover reveal I have signed a 3 book deal with Force Poseidon. Shadow Tier is in editing with a June 14th 2022 publication date. ST-2 (Title TBD) is complete and in beta reader review. ST-3 is in development. I just completed my first draft of Chapter 65. As you can see I’m staying busy working to bring you exciting and interesting stories and characters.

Force Poseidon is a traditional publishing house founded in 2018 and dedicated to finding and nurturing talented military oriented authors who, in today’s hyper-competitive market, can’t get the attention of overwhelmed agents or Big Publishers. We especially like the idea of finding new voices that have been rejected by others, and bringing their worthy projects to bookshelves.

We’re proud that our fast-growing roster includes an active duty US Air Force officer; a former US Navy flight surgeon; a former US Navy chief petty officer; a civilian intelligence operator; and a former Green Beret. That said, we appreciate good stories from non-military authors, too, including a former automotive journalist, one former high school teacher, and even “just a guy with a good story.”

Our press was formed specifically to acknowledge such talents. We are nimble because we’re small, and we have the same skills as those big guys but without their crushing overhead. That means we can make faster decisions on acquisitions and accelerate a project’s time to market.

The Dichotomy of Leadership - Book Review

The best selling follow on to Extreme Ownership answers the many questions of new practitioners with an approach to recognize and maintain the balance required to become an effective leader and developer of new leaders. I am lucky to lead a small band of professionals to whom I have all given Extreme Ownership. I also provide the Dichotomy of Leadership to those I believe are ready to take on a leadership role. The book gives no quarter as Jocko WIllink and Leif Babin dive into the three critical leadership domains.

Balancing People – Own it all, but empower others

Balancing the Mission – Aggressive, not reckless

Balancing Yourself – A Leader and a Follower

Do yourself a favor and read both books if you haven’t. it doesn’t matter if you are a leader, manager or CEO. These books will make you a better leader, teammate, and increase your value in any setting.