12 Crucial Lessons to Be Learned From the Russian Hacking Scandal

Once again, hacking is front and center in the news, a reminder that businesses and individuals need to fear the long reach of cyber theft.

Here is a 12-point checklist -- six steps for businesses and six for individuals -- to enhance cyber security. 

Democratic National Committee emails were leaked this month, revealing that staffers conspired against Vermont Sen. Bernie Sanders' presidential campaign in favor of the eventual Democratic nominee Hillary Clinton.

The evidence is clear that hackers in Russia were behind the cyber attack against the DNC. Less clear is whether this brazen cyber espionage was initiated at the behest of Russian President Vladimir Putin, to help Republican presidential nominee Donald Trump. 

Both Putin and Trump have expressed great admiration for each other. In addition to their budding bromance, the Russian dictator and the former reality television star also share extensive financial ties.

The two men seem united in their desire to defeat Clinton.

Shocking the norms of civil discourse is customary for Trump.

He did so again at a press conference this week by urging Russian hackers to unearth Hillary Clinton's emails from her tenure as Secretary of State. Amid the fallout, in which Trump came under a lot of fire, he now claims that he was only joking.

But hacking is no joking matter. Major breaches of corporate data are occurring more frequently, and they are getting larger in scope.

And don't think that hacking attacks only affect major corporations. Companies of all shapes and sizes are vulnerable.

Cyber crooks could steal customers' credit card numbers, generating an expensive disaster and PR nightmare that could shutter a business. And once a business has lost the trust of customers, it is hard to regain that trust.

Hackers also could steal employees' Social Security data and private medical details, among other things. The list of vulnerabilities is a long one.

Confidential information such as employee files, intellectual property, and legal and trade secrets are the crown jewels of an organization's data repository.

Some of this information is housed in customer relationship management systems, databases, enterprise resource planning applications and financial systems. These data are called structured content.

Other data, referred to as unstructured, resides in emails, Excel spreadsheets, image files (JPEG/PDF/TIFF), PowerPoint presentations, videos and Word documents. This information is located throughout all levels of the organization in content management repositories, employee laptops, FTP sites, network and cloud shared drives, and storage area networks,to name a few.

The technology consulting firm IDC reported that most of an organization's overall data are unstructured.

IDC also determined that this unstructured information is on track to account for 90% of all data created over the next decade. Organizations must protect this unstructured content from different types of challenges and threats.

This unstructured information is highly valuable but diffuse, giving rise to several security threats. It is the weak link in the chain.

Case in point: A former engineer at E. I. du Pont de Nemours was found guilty in 2014 of stealing manufacturing and formulary trade secrets related to a white pigment commonly found in paper and plastic products. He then sold these secrets to China's Pangang, allowing that company to directly compete with DuPont for this $14 billion-a-year business.

The cyber spy downloaded content from DuPont's ERP system and created new unstructured content from the structured system to make it portable. He also stole engineering notes and documents related to DuPont's intellectual property and research and development, making it possible for Pangang to replicate DuPont's manufacturing capabilities.

These types of breaches are increasingly prevalent.

General Electric's GE Healthcare division recently experienced a cyber breach similar to DuPont's. And in a now famous incident, Alphabet's Google got clobbered four years ago by a data breach when its earnings were released a day early by a partner.

Alphabet is a holding in Jim Cramer's Action Alerts PLUS Charitable Trust Portfolio. See how Cramer rates the stock here. Want to be alerted before Cramer buys or sells GOOGL? Learn more now.

If you liked this article you might like

Despite the Coming Pentagon Bonanza, Avoid This Defense Stock

Don't Forget, the Barrage of Bad News for Wells Fargo Will Soon Become a Distant Memory

Retirement Withdrawal Strategies That Keep the IRS at Bay

2 Hospital Stocks Set to Gain as Trumpcare's New Iteration Collapses

Southwest Could Jump 31% This Year