It has been a tough week at Professor Carol. We were in Germany when sudden malfunctions hit our website: error messages, odd formatting, and the like. And then the site went completely down at several points. The problem was simple to describe. It dominates the news today, yet the danger can seem far away. But not this time—we were hacked—and it wasn’t so simple to correct.
PLEASE NOTE: We do not keep any sensitive customer data on our site that could be compromised. Still, we encourage you to change your password. We now require complex passwords and will be introducing some additional security measures soon.
Why were we targeted? Was it our courses in the Fine Arts, webinars, and countless curated performances? It would be nice to think the hackers had a profound interest in Arts Education.
Of course, hackers cared nothing for such content. Their first goal is to sow chaos anywhere they can. And they are amazingly adept at finding vulnerabilities to do that. Their second goal, if they are able, is to gain control over your site—a particularly insidious purpose if they are successful. But they were not.
Before writing more, let me say that we are confident the hack has been thwarted, although there can still be glitches and abnormalities that need attention. Our site, like any content provider, has tens of thousands of links, and many have had to be individually restored. So, if you do encounter a problem, please let us know.
Here’s why we are confident. Here’s where the good fortune came in.
A couple of years ago, our booth at a conference was situated next to a company called ArkCybr and its creator Sean Arridzonne. A most genial fellow with an intense and inspiring story of his own, he made a terrific “booth neighbor.” He even generously entertained our two grandchildren who had accompanied us, surely trying his patience, but you’d never have known it from his kind demeanor and love of children. Since that convention, we stayed in touch with him, addressing technological questions to him here and there.
But then the hack occurred. We put the problem in Sean’s hands and he went to work repairing the site immediately. You may know this, but once hackers are in a site, the problems spread like wildfire. Fortunately, Sean knew how to get ahead of them (think “Special Op” techno-genius). He built virtual walls to shut them out and then set about to clean up the mess. He spoke the language of our website host, which vastly shortened the timeframe for the fixes. Truth be told, he still poured hours into helping us and a few more hours explaining step-by-step how hackers perniciously exploit vulnerabilities and equipping us with better ways to defend against them in the future.
As critical as this episode was to us, the story of “a website hacked and restored” pales in comparison to Sean’s own story and why he provides his services at ArkCybr. His expertise is extended not just to website owners and content developers, but to individual families who struggle to keep the internet as a positive tool, rather than a curse.
And another thing, Sean’s services are free. Yes, free. He is crowd-funded and, of course, accepts donations, but he does not send out bills. It’s all about paying it forward. If you investigate ArkCybr, you will find out how that has come about (hint: his wife had something to do with it!).
So, if you want to be as fortunate as we were in getting to know Sean at a conference, let Sean help you. Explore ArkCybr. Listen to his first podcast: The Origin Story of an Ethical Hacker and ArkCybr.
No matter what, we would encourage you to take his advice very seriously. Revisit your sites. Change your passwords . . . everywhere. Make them less obvious. A hacker’s purpose is not to steal a course on American music or Opera. Their purpose is to get your passwords and worm a way into your bank accounts. Gone are the days when we could use our birthdays, the names of our elementary schools, or our dogs’ names as passwords. Gone, too, are the days when we can find a nice password and keep it because we like it. Sean has plenty of advice for how to rethink password strategies and add layers of defense.
The internet is a prime example of the proverbial double-edged sword. With all the benefits it brings (starting with me knowing you!), it is like a grenade sitting in the corner of a room, patiently waiting for someone to jostle the pin. We need to treat it like that, because plenty of people out there are doing exactly that.