While the Boy Scout Motto is, “Be Prepared” – and I was very serious about Scouting back in the day – I am always amused when I happen by NatGeo’s “Doomsday Preppers,” a show that “explores the lives of otherwise ordinary Americans who are preparing for the end of the world as we know it.” The show has lost its ratings mojo, but the Prepper movement seems to be going strong.
According to prepper website, Secrets of Survival, the Top 10 Biggest Threats to America are:
- Nuclear War
- World War III Starts with Invasion from Within
- Biological Agent / Deadly Highly Contagious Virus
- Dirty Bombs
- New Madrid Earthquake
- Yellowstone Supervolcano
- Comet Collision
- Asteroid Impact
- Solar Flare
If this is what serious preppers are prepping for, I can say with certainty that they are missing the biggest, most obvious threat: Data Doomsday!
There are an infinite number of Data Doomsday scenarios, let’s outline one…
- 20 million Americans wake up to find their bank account balances at zero.
- 20 million other Americans wake up to find random balances that exceed their wildest expectations. For example: A $25,000 balance where the day before it was $3,800 (The Federal Reserve, US Census Bureau, Internal Revenue Service’s 2014 estimate for the Average American family savings account balance.)
- 30 million other Americans wake up to find out their hard drives have been erased and their data is gone.
- Retailers or financial institutions tell 30 million other Americans that their credit cards are canceled because of a data breach, and they will not be replaced for weeks because of the sheer volume of cards that need to be reissued.
- The 500 top websites are all hit with massive, unrelenting DDOS attacks.
- The top 10 health insurance providers lose 30 percent of their patient records due to the release of a super cyber weapon.
- 25 percent of federal prison records are erased or altered.
- $300 Billion in cash goes missing from the US financial system.
- And, just for fun, hackers cause an algo-trading flash crash that takes 50 percent off the DJIA by 11am. (As if any of the above would not be enough to cause a regular stock market crash.)
That feels like a pretty good Data Doomsday scenario to me. You only need a fraction of this to happen to see a total breakdown of social services, and people picking up weapons to defend themselves and their possessions.
How likely is it to happen?
Any one of these cyber attacks could occur at any time. Oddly enough, having 30 million Americans wake up to erased hard drives is one of the most likely and easiest Data Doomsday scenarios to imagine. The technology to do this is ubiquitous and, while anti-virus software could protect against it, far too few people actually consistently backup their data, use the available safeguards or keep their anti-virus software up to date.
To be fair, every bank in America has significantly invested in cyber-security and business continuity planning. But none of that stopped criminals from using a malware program called Carbanak to steal an estimated $1 Billion from over 100 financial institutions. It was reported last week, but the attack was a long-term, ongoing operation. And, considering what has happened this past few months, having 100 million credit card numbers stolen from a big corporation is now practically commonplace.
Looking at the available attack surfaces, going from a fixable and insured business loss to Data Doomsday seems to only require coordination and synchronization by the attackers.
So, how do you become a Data Doomsday Prepper?
If you choose to remain part of the 21st century, you have to risk manage your data portfolio the same way you risk manage your investment portfolio. The old adage, “Don’t put all your eggs in one basket,” is a metaphor for the ages. If your data is distributed in lots of places, it is less likely that you will lose all of it at one time.
Physical hard drives detached from the network, CD-ROMs, even high capacity jump drives are great places to store important, irreplaceable data. Some people will be tempted to print and store important documents. Others might actually have digital pictures printed on archival (acid free) paper and stored in an album. If you’re a serious prepper, you will make more than one copy of everything and store the physical media in different locations. If you are an obsessed prepper, you’ll create a ritual backup routine, conscript friends to help hoard your treasures, and keep several different safe deposit boxes filled with data on physical media.
Data Doomsday Preppers should assume that every computer exposed to the public Internet is vulnerable to attack, even if it predominantly attaches to the outside world through a VPN (virtual private network). Remember, Joseph Heller’s famous phrase: “Just because you’re paranoid doesn’t mean they aren’t after you.”
What do you really need to preserve?
Banking and financial/insurance records, medical records, family records, real estate, etc. The list is long, but it is not endless.
Importantly, Data Doomsday Prepping is not a replacement for vigilant cyber security measures. You should encrypt your data, and use every practical security tool to help keep the amateur bad guys at bay. Data Doomsday Preppers fear weapons-grade super cyber attacks and professional bad guys. After all, you can’t have a serious breakdown of social services and live in a post-apocalyptic world unless something really bad happens.
Which begs for the question, “Is Data Doomsday even possible?”
Not only do I think it’s possible… I think it’s likely. Why? It’s a question I’m happy to answer. Drop me an email or visit our Cyber War Games site and ask me about it.