When Google Ads Deliver Malware, Will Your Employees Download It?

A new method is out for distributing BumbleBee malware: Google Ads. Researchers at Secureworks discovered Google Ads campaigns and downloads promoted through high-ranking sites in Google Organic Search that included malware along with downloads of popular software, including Zoom and ChatGPT.

When Google Ads Deliver Malware, Will Your Employees Download It?Employees who search for installation packages for popular programs may come across these downloads through ads or Organic Search listings. The downloads do contain the software installer, but they also contain a second file that deploys BumbleBee malware, a back-door program that can give hackers the access they need to steal business data or deploy ransomware. BumbleBee is one of the more dangerous malware trojans, as it can install itself without setting off antivirus software.

Why This Malware Scam Works

Most employees are not software experts and may not detect the presence of malware in a download. If they see an ad or a search listing for software they need, they will click. In this case, a compromised WordPress site was used to create phony pages that mirrored the look of the actual software makers. The only way to discover the malware was to examine the download file.

Scams like this rely on a lack of employee sophistication, an urgent need for the employee to install or update software and the appearance of legitimacy to trick people into installing malware. If a Google ad or a top search listing looks legitimate and points to a legitimate-looking site, the download must be legitimate. If the download works and the software installs correctly, why would anyone suspect a scam? An employee who downloaded this malware would find the experience so ordinary and problem-free that they may not even consider it when asked by IT if they experienced anything unusual ahead of a ransomware attack.

Every Business Should Take These Steps to Prevent Malware Attacks

Google has an obligation, and considerable financial incentive, to protect its users from advertising and search-based scams. The company has protections in place to prevent hackers from promoting malicious software, but the same hackers that target businesses with malware also work to circumvent Google’s protections. Fraudulent sites do not last long, but they are a risk, which puts the ultimate responsibility for stopping these malware attacks on individuals.

There are three levels of defense that businesses can use to prevent malware downloads, with varying levels of success.

  1. Prevent employees from downloading software. If you have the resources and a central IT department, this is the highest level of security available. All employee software downloads can be blocked, which prevents these types of scams. The tradeoff may be a very busy schedule for IT employees, who will need to handle every software download request. Depending on the size of your business, this may result in delays for employees who need to download new software or updates.
  2. Discourage employees from downloading software. Company policy can be set to discourage downloads or to download software only from sources supplied by IT professionals within the organization. This is less effective than a ban, as some employees may circumvent the policy, so it works best in conjunction with employee cyber security training.
  3. Train employees to download only from trusted sites. Employees should be trained to only download software from the manufacturer, and to go directly to the manufacturer’s site whenever they need a new installation or update. Businesses can reinforce this practice by providing all employees with a list of links to software sites, either by email or through a company Intranet, so that employees do not rely on search to find software publishers.

These legitimate-looking malware attacks are the stuff of nightmares for cyber security professionals because they can deceive almost anyone, even well-trained employees, into downloading malicious software. Business policies can go a long way toward thwarting these hacking attempts, but they work best when combined with vigilant, empowered employees who value company security and speak up when something seems wrong. Protect Now can help you develop a vigilant workforce through our CSI Protection Certification program. To learn more, contact us online or call us at 1-800-658-8311.

DOJ Alleges $8 Million Familiar Fraud at Transit Authority

Would Your Employees Notice Millions in Fraud?

The United States Department of Justice (DOJ) announced indictments against two individuals suspected of familiar fraud schemes that led to $8 million in losses for Massachusetts Bay Transit Authority commuter rail operator Keolis between July 2014 and November 2021. Both the scope and the longevity of these schemes are exceptional, although the methods used to steal the money are very common, raising questions about why the individual charged was able to commit this fraud for so long.

What Happened in the Keolis Familiar Fraud Case?

John P. Pigsley of Beverly, Massachusetts, a former Assistant Chief Engineer of Facilities for Keolis Commuter Services, has been accused of running two schemes that netted $8 million. In the first scheme, Pigsley is accused of conspiring with John Rafferty of Hale’s Location, New Hampshire, the former General Manager of LJ Electric, to create fraudulent invoices for vehicles and equipment, leading to more than $4 million in losses.

In the second scheme, Pigsley is accused of ordering copper wire for Keolis projects, picking it up himself or delivering it to his home address, then selling it to scrap yards. Over the course of several years, Pigsley is alleged to have made more than $4.5 million from the scheme. The actual value of the stolen material was not disclosed.

In a statement, Keolis Commuter Services said, “In late 2021, our enhanced financial controls and project management oversight identified project anomalies linked with the practices of an employee.” According to the DOJ indictment, this was 7 years after the fraud began.

Employees Must Be Empowered to Recognize Risks

Cyber threats are not the only challenges that businesses face. Familiar fraud, committed by an employee, family member or trusted business partner, can be more devastating and more difficult to detect. As with cyber security, employee training is essential to prevent losses. Employees must know how to recognize fraud and trust their instincts. They must also feel empowered to call out anything suspicious.

In the DOJ indictment against Pigsley, three common familiar fraud techniques that should have been caught stand out:

  1. Phony invoices: This is one of the most common types of familiar fraud. An employee with purchasing authority may conspire with a third party to create fake invoices and split the proceeds, or set up shell companies to invoice for goods and services that do not exist. This type of fraud can be difficult to detect in large, complex organizations, such as a railway operations company, or in businesses that frequently order large volumes of material from multiple vendors. Strong vendor approval and verification processes must be in place to detect this type of fraud; all new vendors should be verified by someone other than the person placing the orders. Shipments should be tracked and matched against invoices for at least the first 90 days of any new relationship. Any changes in volume or frequency in orders with a particular vendor should be flagged for follow up.
  2. Home deliveries. There are very few circumstances where an employee should receive materials shipments at home. Home addresses for all employees with purchasing authority should be kept on file by accounting staff. Any deliveries that match against a home address should be flagged for review. Any changes in regular delivery addresses, even if they only account for a portion of a shipment, should also be flagged for review.
  3. Personal pickup. Some employees may pick up and deliver materials as a regular part of their job. In an ideal world, purchasing and pickup are separate, so that no single employee has the ability to order and collect goods. When this is not practical, regular audits must be conducted of employees who can both order and deliver supplies, services and materials. Employees should be able to provide invoices for what was ordered, receipts for what was received and documentation for what was delivered.

Familiar fraud is one of the most difficult challenges that businesses face, because it comes not from external actors, but from trusted co-workers, friends and family. Proper business controls can prevent it, but only if employees understand what to look for and how to respond. Protect Now’s CSI Protection Certification training focuses on cyber crime but enables employees to spot any kind of suspicious behavior by teaching them to trust and act on their instincts. To learn more about our training programs, contact us online or call us at 1-800-658-8311.

2013 Boston Marathon Bombing: My Best Worst Day Ever

Like Big Papi said “This is our f–king city.” It’s the 10th anniversary of that beautiful – tragic day. The new Netflix documentary “American Manhunt; The Boston Marathon Bombing”, 

No alt text provided for this image

Front Page Boston Globe Robert Siciliano Above the Fold

has me sobbing in my kitchen. I’ve watched the movie Patriots Day with Mark Wahlberg countless times. This week I was asked to speak at a high school on my 12 years of Boston Marathon preparation, fundraising and the planner asked about the possibility of me discussing my experience on Boylston St that day, which I wasn’t expecting to do. And leading up to the moment I got on stage, I didn’t realize how shaken I still am. I could barely talk without my voice cracking. Thankfully, the moderator kept the dialog light and we talked about the training, fundraising and fun memories.

And heres the thing, NOTHING HAPPENED TO ME. Nothing happened to anyone in my family. My wife and two little girls, my dad, my sister-in-law, and some friends were all at the finish line, 100 yards away from the first bomb, which scared the hell out of me, but still. Completely unscratched. I just saw some sh#t. Ran right by it actually, which is part of the problem. That’s it. But it haunts me. And it makes me think about actual front line military, law enforcement and paramedics who deal with violence, trauma, and tragedy as a vocation. How do they even deal?

Training for a marathon is a taxing, physical, emotional and expensive process. For me personally, that has meant multiple cortisone shots, almost a hundred physical therapy appointments and a few arguments with my wife. Why do it? Why climb a mountain? Why be a police officer? Why be an emergency room nurse? Why detonate a bomb in a crowd of innocent people? We all make choices others wouldn’t and we justify our decisions based on our interests, options and perspective.

For me, I just wanted to lose weight, get fit and finally give back to a charity. When you’re 50 with a young family and your health and marriage are good, bills are paid and life is settled, words like “health,” “gratitude” and “grace” begin to have more meaning. And when you become a runner, you join a special club of conscious people who enjoy challenging themselves and understand our time is limited .

In 2013 I was on my way to run about a 4:10 (my best time ever), but was stopped at mile 26 due to some terrorists’ agenda.

During the 2013 Boston Marathon, my improved time put me on Boylston Street shortly after the blasts. There were two loud bangs, and as I rounded the corner I saw the finish line through dissipating smoke. Boston police immediately corralled runners from going any farther down Boylston because it was now a volatile area and potential crime scene. At 2:52 PM I called my wife, who was at the finish line, about 100 yards from the first bomb, and got no answer. A minute later, I got my dad on the phone; he was with my wife and the kids and he confirmed they were OK. I instructed him to leave ASAP, as another bomb could go off any moment. I told him to “walk down the center of the street and avoid any cars!”

But nothing was going to keep me away from them; I couldn’t just sit there and wait. In my mind, there were bombs going off between my family and myself. As a father, son and husband, the instinctual need to get your family to safety overpowers every sense of reason. I dodged a couple of police officers and ran down Boylston, the only runner on the field, putting myself in jeopardy and now also causing law enforcement to chase after me. At the 26-mile mark, I saw people on the ground, bloody and getting medical attention from the few paramedics that were on hand to take care of runners expected to be injured in more predictable, less violent ways. I made a decision to keep going. Which still doesn’t sit well. It felt like a 3D movie where the scene was pushing me back in my chair, but the sound was off. I know the scene was loud with sirens and screams, but I heard nothing.

Then I heard an angry cop (rightly so) blasting his voice in my ear before he wrestled me off the course. Eluding further apprehension, but onward to my family, I hopped a fence and ran down a back alley behind the restaurants, bars and shops that were evacuating people through their back doors. What I saw was people—many victims who must have made their way on their own or with the assistance of others—screaming, crying and making frantic phone calls…and there was blood. Some victims I saw lost anywhere from pints to whatever; I don’t know. I just remember freaking out and not wanting to run in it.

I ended up behind the finish line and found a way to cross Boylston. I made my way to the Weston Hotel, where I found my family, scooped up my four-year-old and hiked another half mile to my vehicle. Leaving behind two vehicles, we piled nine adults and children into my Yukon and evacuated.

No alt text provided for this image

Evacuating the city, carrying my 40lb child after running 26 miles.

Out of relative danger, our attention now turned to our two children and damage control. To gauge my seven-year-old’s feelings, I calmly asked her, “Did you have fun today?” She said, “Yes, today was awesome! Until the bombs went off!” Knowing she was shaken, the radio stayed off and adults did what they could to speak in code. Note to adults who may try this: It doesn’t fool a seven-year-old.

By this time my phone was going nuts, Facebook and Twitter were buzzing and my mother, who couldn’t get in touch with us, was in complete meltdown.

Once I got home and got the kids situated, we ordered a bunch of pizza because that’s what you do when a bomb goes off. People need to feel normal.

My mom showed up at our home shortly after we got there. She was a total mess, and after the kids saw her emotional state, they understood the gravity of the situation. Today, they are showing a tremendous amount of affection and gratitude, which seems to be a side effect of their trauma.

I posted a brief note on Facebook: “Im OK, I was on Boylston St. when it happened. I saw smoke, I saw blood and people on the ground. My family was 300 yards away, waiting for me and I got to them and evacuated from the city. More later.” And the comments and “likes” poured in.

Shortly after, I provided an update: “I was right there, bomb went off. Boston police removed everyone, I kept running toward the bombs because my family was at the finish line. Police got me off the road, I resisted then another cop almost tackled me (rightly so). I ran in the back alleys, people spilling into the alleys from the explosion, screaming, crying, blood, got my dad to get my wife and kids out of there concerned for another explosion. I’m telling it to Dr. Drew on CNN between 9:15ish and 9:30ish tonight.”

Again, comments poured onto my page like never before. People offering an outpouring of help and support. I never knew I had that many real friends.

I feel I have to explain the part about Dr. Drew and CNN. It may seem opportunistic, but frankly, for me, it’s therapy. I do lots of media as the expert. My network is “the media.” So when I send a blast email to raise money for charity, my network knows I’m running the Boston Marathon. When I logged into Facebook and email, the requests came in from CNN, Extra and Canadian TV, along with a few radio shows too. So I spent the evening after the run as an eyewitness. And, because it’s who I am, I gave security tips too.

No alt text provided for this image

Maria Menounos and Me at the Media Compound the day after

My Rockstar cousin, who is an Iraq and Afghanistan soldier and flies one of those crazy killer helicopters, reached out to me via Facebook and said, “I think your situation was much worse than many Middle East situations I’ve been in.” Which I thought odd because he’s had his best buddy blown up right next to him. Then he said, “When I deploy I’m armed, geared up and expecting to fight. You were at a peaceful gathering around families and innocent civilians, not expecting bombs. That makes it much worse.”

We accept the possibility of death and destruction when we sign our contracts. I’m sure no one who signed up for the marathon expected this.

This completely messed me up, putting into perspective just how awful this situation is.

I only slept three hours that night, on edge, emotional and fragile. The next day, I headed to the media compound near Boylston to meet with Maria Menounos from Extra, who is a Greek Boston girl.

I connected with Maria, and within two minutes we were both crying. She started talking about how she loves Boston so much, then I started crying, then she started crying…which completely messed me up. I tell you this because she told me people should know this is real and they can’t forget. She was professional, but she was real. She put me at ease and we got through the interview.

Since then I’ve done more media on this than I wished, including the Boston GlobeDr. DrewExtraCurrent TVCanadian TVagain and againFox Boston and some radio.

In early May after the blasts, I was asked to speak to the North Eastern Massachusetts Law Enforcement Council on the benefits of social media to law enforcement and how social can help get the word out in a tragedy. When I walked into the room to speak, everyone was in uniform. What I didn’t know was many of the men and women attending were the first responders saving lives at the finish line, and others who were involved in the capture of the bombers. That was a very emotional speech for me. Check out the Huffington Posts blog on how the Boston Police did a stellar job using Twitter during the bombing.

No alt text provided for this image

Cowboy Hat-Wearing Boston Marathon Hero Carlos Arredondo and Robert Siciliano

At this point, my family and I are safe. Emotions are still high for some. Even as I update this post from 10 years ago its messing me up. We were and still are angry. This celebratory event will forever be marked by the visual of a plume of smoke that symbolized the evil intent of misguided people that do not value human life and have no regard for our freedoms.

We caught the bastards and while there are no real answers, we may never get them. The movie Patriots Day actually did an amazing job of telling the tragic story through a composite character. And the Netflix doc really brings it home.

On behalf of my Boston, we are proud of our city, its first responders and its people, who showed the true measure of the human spirit through powerful acts of kindness and displays of citizen courage.

 

We are strong as a city, undivided as a country and unbowed by this attack. No terrorist will be allowed to alter our nation’s course.

 

Robert is running his 12th Boston Marathon for Dana-Farber Cancer Research Institute. Please consider a donation: http://danafarber.jimmyfund.org/goto/robertsiciliano

Robert Siciliano personal security and Cyber Security Expert and speaker, is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud.

ChatGPT Breach: What You Need to Know

It took less than 5 months for a significant ChatGPT breach. This is not surprising, given the incredible pace of the software’s adoption. On February 1, Reuters reported that ChatGPT had reached 100 million active monthly users in the two months since its launch, citing data from UBS.

Any platform as new as ChatGPT with a userbase the size of ChatGPT’s will be a target for cyber criminals hoping to find new vulnerabilities to exploit. Businesses and individuals who use ChatGPT need to understand the risks, and to recognize that the unprecedented growth of ChatGPT may make the platform uniquely vulnerable in the short term as its developers rush to keep up with demand.

What Happened in the ChatGPT Breach?

Around March 20,  payment information for some ChatGPT Plus subscribers was exposed, including names, emails, billing addresses, card expiration dates and the last four digits of the card used to subscribe to the service. OpenAI, the creators of ChatGPT, contacted the affected users, estimated at 1.2% of the overall subscriber base. OpenAI patched the vulnerability that enabled the breach.

There is no reason to stop using ChatGPT, and unless you were notified of the breach, there is no immediate cause for concern. Those who were impacted by the ChatGPT breach may want to consider canceling and replacing affected credit cards, as the exposed digits and expiration date could be combined with other data on the Dark Web to commit identity fraud.

Is ChatGPT Safe to Use?

If you use ChatGPT as a standalone application, it should not present a risk to your overall cyber security. If you attempt to integrate ChatGPT with other systems, do so with caution.

Security researchers identified a vulnerability in a ChatGPT plugin that allows the software to collect information by connecting directly to third-party systems. In this case, the threat came not from ChatGPT but from outdated code used to facilitate communications. ChatGPT integrations with existing business systems or databases should only be undertaken by a developer with considerable experience in cross-platform vulnerabilities and up-to-date awareness of cyber threats. Cyber criminals love software integrations, because they create complex vulnerabilities and may rely on communication methods with known exploits. Remember that data must be protected at every stage of its use: storage, processing and communication between systems.

Chat GPT as a Phishing Lure

The greater danger of ChatGPT to most organizations may be its use in phishing scams. We have seen this previously with every popular platform and service online: Users receive an email claiming to be from a service provider, asking them to click a link to solve a phony problem. Examples include:

  • Your (Gmail, Yahoo, Microsoft) account has been suspended. Please click this link to restore access.
  • We were unable to deliver your package. Please click this link to reschedule delivery.
  • Your (PayPal) payment has been rejected. Please click this link to update your payment method.
  • Please log in to update your password.

Popular services inevitably find themselves targeted in these spoofing attacks, where criminals send official-looking emails, often with company branding and some legitimate links, in an attempt to steal usernames and passwords. As one of the fastest-growing services in history, it is inevitable that ChatGPT will be targeted as well.

Fortunately, there is a simple way to avoid these phishing attacks: Never click on links in emails. If you get an email indicating a problem with an online account or service, go directly to the provider’s web page and log in to your account directly. Do not click on any link that you receive via email, even if it looks legitimate.

Protect Now offers cyber security employee training that changes attitudes toward cyber security by making it personal for every employee. With in-person, virtual and eLearning options, our employee training programs offer an effective and affordable solution for every business and organization. Contact us online to learn more, or call us at 1-800-658-8311 to learn more.

Protect Now Announces Agreement to Bring Cyber Social Identity (CSI) and Personal Protection Certification to RE/MAX University®

Comprehensive Program Includes Personal Security and Cyber Security Certification

DENVER, CO – April 4, 2023 – Protect Now, a leading provider of cyber security training and solutions, today announced an agreement with RE/MAX, LLC, a global real estate franchisor with more than 140,000 agents in almost 9,000 offices and a presence in more than 110 countries and territories.

Through this agreement, RE/MAX will add Protect Now’s Cyber Social Identity (CSI) and Personal Protection Certification to the programs offered through RE/MAX University, an exclusive-to-RE/MAX learning hub designed to help each agent level-up their professional expertise. Through this new security awareness training program, real estate professionals will have the opportunity to learn strategies to keep themselves, their businesses and the clients’ data safe.

Developed by Protect Now, the CSI Protection Certification training offers the most current best practices in cyber security to prevent wire fraud, identity theft and breaches, paired with practical advice real estate professionals can use to stay safe in the field. CSI Certification helps to meet FTC Safeguards Rule compliance and delivers a marketing tool to help professionals grow market access, reputation and sales. REALTORS® with a professional designation earn a median income 74% higher than those without, according to an NAR Member Survey.

“We are proud to bring this exceptional safety and cyber security program to the real estate professionals we support,” said Bryson Creighton, Vice President, RE/MAX University Learning & Education. “This is a critical tool that will help our agents and franchisees build trust with their clients and provide the exceptional service that RE/MAX is known for.”

The 2021 National Association of Realtors Annual Safety Report found that 5% of REALTORS® had been a victim of a crime while working as a real estate professional. Cyber-attacks are a growing threat to the real estate industry, where many agencies operate as small- or mid-sized businesses, and where regular email, text and telephone contact with buyers and sellers occurs daily. Criminals have stepped up their attacks on smaller businesses in recent years. Data from 2019 showed that cyber criminals made small businesses their top target, accounting for 43% of data breaches.

“Criminals will always go after the easiest targets,” said Protect Now Co-Founder and Head Security Awareness Trainer Robert Siciliano. “They’ve learned that they can’t make the ‘big hits’ going after large companies, so they now look for small business with lower levels of cyber security. They launch thousands of attacks each month, because it’s a numbers game. They can make a good amount of money from a few hundred breaches with far less risk and effort.”

Protect Now closes the gap between small- and large-business cyber security awareness with training that emphasizes the individual role each employee plays in cyber security. Brokers and agents are taught to see their personal role in protecting access and data, which has proven an effective tool in changing organizational attitudes toward cyber security.

“Wire fraud has surpassed a $200 million a year, which decimates the buyer’s bank account, kills the sale, shatters commissions, ruins the agency’s reputation and can lead to lengthy, expensive lawsuits for everyone involved in the transaction. We are also entering an era where the Federal government will demand more accountability from everyone who handles financial information. These are powerful reasons for real estate professionals to attend this training,” Siciliano said.

###

About Protect Now
Protect Now is a leading provider of cyber security training and solutions for business, municipal and nonprofit clients, with an emphasis on organizations that process sensitive information from the general public. Protect now delivers a suite of cyber security services, including Virtual CISOs, Dark Web Monitoring and FTC Compliance, backed by personal security, cyber security and anti-phishing training that creates meaningful change in employee attitudes toward cyber security by emphasizing the importance of personal security. To learn more about Protect Now’s cyber security solutions, visit https://protectnowllc.com/.

2013 Boston Marathon: My Best Worst Day Ever

Like Big Papi said “This is our f–king city.”  It’s the 10th anniversary of that beautiful – tragic day. The new Netflix documentary “American Manhunt; The Boston Marathon Bombing” 

Front Page Boston Globe Robert Siciliano Above the Fold

has me sobbing in my kitchen. I’ve watched the movie Patriots Day with Mark Wahlberg countless times. This week I was asked to speak at a high school on my 12 years of Boston Marathon preparation, fundraising and the planner asked about the possibility of me discussing my experience on Boylston St that day, which I wasn’t expecting to do. And leading up to the moment I got on stage, I didn’t realize how shaken I still am. I could barely talk without my voice cracking. Thankfully, the moderator kept the dialog light and we talked about the training, fundraising and fun memories.

And heres the thing, NOTHING HAPPENED TO ME. Nothing happened to anyone in my family. My wife and two little girls, my dad, my sister-in-law, and some friends were all at the finish line, 100 yards away from the first bomb, which scared the hell out of me, but still. Completely unscratched. I just saw some sh#t. Ran right by it actually, which is part of the problem. Thats it. But it haunts me. And it makes me think about actual front line military, law enforcement and paramedics who deal with violence, trauma, and tragedy as a vocation. How do they even deal?

Training for a marathon is a taxing, physical, emotional and expensive process. For me personally, that has meant multiple cortisone shots, almost a hundred physical therapy appointments and a few arguments with my wife. Why do it? Why climb a mountain? Why be a police officer? Why be an emergency room nurse? Why detonate a bomb in a crowd of innocent people? We all make choices others wouldn’t and we justify our decisions based on our interests, options and perspective.

Shortly after the bombings, evacuating the city, carrying my 40lb child after running 26 miles. Hurt, angered, saddened and grateful to get to my family.

Shortly after the bombings, evacuating the city, carrying my 40lb child after running 26 miles. Hurt, angered, saddened and grateful to get to my family.

For me, I just wanted to lose weight, get fit and finally give back to a charity. When you’re 50 with a young family and your health and marriage are good, bills are paid and life is settled, words like “health,” “gratitude” and “grace” begin to have more meaning. And when you become a runner, you join a special club of conscious people who enjoy challenging themselves and understand our time is limited .

In 2013 I was on my way to run about a 4:10 (my best time ever), but was stopped at mile 26 due to some terrorists’ agenda.

During the 2013 Boston Marathon, my improved time put me on Boylston Street shortly after the blasts. There were two loud bangs, and as I rounded the corner I saw the finish line through dissipating smoke. Boston police immediately corralled runners from going any farther down Boylston because it was now a volatile area and potential crime scene. At 2:52 PM I called my wife, who was at the finish line, about 100 yards from the first bomb, and got no answer. A minute later, I got my dad on the phone; he was with my wife and the kids and he confirmed they were OK. I instructed him to leave ASAP, as another bomb could go off any moment. I told him to “walk down the center of the street and avoid any cars!”

But nothing was going to keep me away from them; I couldn’t just sit there and wait. In my mind, there were bombs going off between my family and myself. As a father, son and husband, the instinctual need to get your family to safety overpowers every sense of reason. I dodged a couple of police officers and ran down Boylston, the only runner on the field, putting myself in jeopardy and now also causing law enforcement to chase after me. At the 26-mile mark, I saw people on the ground, bloody and getting medical attention from the few paramedics that were on hand to take care of runners expected to be injured in more predictable, less violent ways. I made a decision to keep going. Which still doesn’t sit well. It felt like a 3D movie where the scene was pushing me back in my chair, but the sound was off. I know the scene was loud with sirens and screams, but I heard nothing.

Then I heard an angry cop (rightly so) blasting his voice in my ear before he wrestled me off the course. Eluding further apprehension, but onward to my family, I hopped a fence and ran down a back alley behind the restaurants, bars and shops that were evacuating people through their back doors. What I saw was people—many victims who must have made their way on their own or with the assistance of others—screaming, crying and making frantic phone calls…and there was blood. Some victims I saw lost anywhere from pints to whatever; I don’t know. I just remember freaking out and not wanting to run in it.

I ended up behind the finish line and found a way to cross Boylston. I made my way to the Weston Hotel, where I found my family, scooped up my four-year-old and hiked another half mile to my vehicle. Leaving behind two vehicles, we piled nine adults and children into my Yukon and evacuated.

Maria Menounos and Robert Siciliano

Maria Menounos and Me at the Media Compound the day after.

Out of relative danger, our attention now turned to our two children and damage control. To gauge my seven-year-old’s feelings, I calmly asked her, “Did you have fun today?” She said, “Yes, today was awesome! Until the bombs went off!” Knowing she was shaken, the radio stayed off and adults did what they could to speak in code. Note to adults who may try this: It doesn’t fool a seven-year-old.

By this time my phone was going nuts, Facebook and Twitter were buzzing and my mother, who couldn’t get in touch with us, was in complete meltdown.

Once I got home and got the kids situated, we ordered a bunch of pizza because that’s what you do when a bomb goes off. People need to feel normal.

My mom showed up at our home shortly after we got there. She was a total mess, and after the kids saw her emotional state, they understood the gravity of the situation. Today, they are showing a tremendous amount of affection and gratitude, which seems to be a side effect of their trauma.

I posted a brief note on Facebook: “Im OK, I was on Boylston St. when it happened. I saw smoke, I saw blood and people on the ground. My family was 300 yards away, waiting for me and I got to them and evacuated from the city. More later.” And the comments and “likes” poured in.

Shortly after, I provided an update: “I was right there, bomb went off. Boston police removed everyone, I kept running toward the bombs because my family was at the finish line. Police got me off the road, I resisted then another cop almost tackled me (rightly so). I ran in the back alleys, people spilling into the alleys from the explosion, screaming, crying, blood, got my dad to get my wife and kids out of there concerned for another explosion. I’m telling it to Dr. Drew on CNN between 9:15ish and 9:30ish tonight.”

Again, comments poured onto my page like never before. People offering an outpouring of help and support. I never knew I had that many real friends.

I feel I have to explain the part about Dr. Drew and CNN. It may seem opportunistic, but frankly, for me, it’s therapy. I do lots of media as the expert. My network is “the media.” So when I send a blast email to raise money for charity, my network knows I’m running the Boston Marathon. When I logged into Facebook and email, the requests came in from CNN, Extra and Canadian TV, along with a few radio shows too. So I spent the evening after the run as an eyewitness. And, because it’s who I am, I gave security tips too.

My Rockstar cousin, who is an Iraq and Afghanistan soldier and flies one of those crazy killer helicopters, reached out to me via Facebook and said, “I think your situation was much worse than many Middle East situations I’ve been in.” Which I thought odd because he’s had his best buddy blown up right next to him. Then he said, “When I deploy I’m armed, geared up and expecting to fight. You were at a peaceful gathering around families and innocent civilians, not expecting bombs. That makes it much worse.”

We accept the possibility of death and destruction when we sign our contracts. I’m sure no one who signed up for the marathon expected this.

This completely messed me up, putting into perspective just how awful this situation is.

I only slept three hours that night, on edge, emotional and fragile. The next day, I headed to the media compound near Boylston to meet with Maria Menounos from Extra, who is a Greek Boston girl. I connected with Maria, and within two minutes we were both crying. She started talking about how she loves Boston so much, then I started crying, then she started crying…which completely messed me up. I tell you this because she told me people should know this is real and they can’t forget. She was professional, but she was real. She put me at ease and we got through the interview.

Since then I’ve done more media on this than I wished, including the Boston Globe,  Dr. Drew, Extra, Current TV, Canadian TVagain and again, Fox Boston and some radio.

In early May after the blasts, I was asked to speak to the North Eastern Massachusetts Law Enforcement Council on the benefits of social media to law enforcement and how social can help get the word out in a tragedy. When I walked into the room to speak, everyone was in uniform. What I didn’t know was many of the men and women attending were the first responders saving lives at the finish line, and others who were involved in the capture of the bombers.

That was a very emotional speech for me. Check out the Huffington Posts blog on how the Boston Police did a stellar job using Twitter during the bombing.

Cowboy Hat-Wearing Boston Marathon Hero Carlos Arredondo and Robert Siciliano

At this point, my family and I are safe, like most of America. Emotions are still high for some. Even as I update this post from 10 years ago its messing me up. We were and still are angry.  This celebratory event will forever be marked by the visual of a plume of smoke that symbolized the evil intent of misguided people that do not value human life and have no regard for our freedoms.

We caught the bastards and while there are no real answers, we may never get them. The movie Patriots Day actually did an amazing job of telling the tragic story through a composite character. And the Netflix doc really brings it home.

On behalf of my Boston, we are proud of our city, its first responders and its people, who showed the true measure of the human spirit through powerful acts of kindness and displays of citizen courage. We are strong as a city, undivided as a country and unbowed by this attack. No terrorist will be allowed to alter our nation’s course.

Robert is running his 12th Boston Marathon for Dana-Farber Cancer Research Institute. Please consider a donation: http://danafarber.jimmyfund.org/goto/robertsiciliano