Cybersecurity

Cybersecurity Awareness Month

October is Cybersecurity Awareness Month

Launched by the National Cyber Security Alliance and the U.S. Department of Homeland Security (DHS) in 2004, this designated month has grown in reach and participation to a grassroots campaign, emphasizing the role we all – from large enterprises to individual computer users – have in maintaining safety and security online. Although protecting your online presence is imperative all year long, October reinforces the collective effort that is required to stop these ever-increasing cybercriminals.

As school, socializing and many aspects of our lives have moved online over the past year and a half, due to the pandemic, it’s more important than ever to protect your digital devices from cybercriminals. So, during the month of October, the FBI, the premier investigative agency, and other partner agencies want to remind you to do your part and #BeCyberSmart.

Below are several cyber safety tips to help protect you and your family from falling prey to cybercriminals:

  1. Keep software systems up to date. This is one of the most important cyber security tips for warding off ransomware. Check the update settings on your devices and make sure they’re being automatically updated.

  • Use a good anti-virus program and firewall. Anti-virus (AV) protection software is the most wide-spread solution against malicious attacks. This software blocks malware and other viruses from entering your device and compromising your personal data. In addition, using a firewall will help screen out hackers, viruses and other malicious activity occurring over the Internet.

  • Use strong passwords. Strong passwords are critical in keeping hackers out of your personal data. Here are some suggestions from Norton, one of the leading, anti-virus software companies https://us.norton.com/internetsecurity-how-to-how-to-secure-your-passwords.html.

  • Use two-factor or multi-factor authentication. This is a service that provides additional layers of security to the standard username/password method of online identification. With two-factor or multi-factor authentication, you would be prompted to enter additional authentication like a Personal Identification Code, another password, fingerprints, etc.

  • Be knowledgeable about phishing scams. Recent cybercrime statistics indicate that 90 percent of ransomware attacks originate from phishing schemes. So, in general, be wary of emails or texts sent to you even from people you know (they could’ve been infected too). Determine where the email or text has come from and examine it for suspicious grammatical errors and/or links (hover over the link to see where it is being directed).

  • Protect your sensitive personal identification information (PII). PII is any information that can be used by cybercriminals to locate or identify an individual like your name, address, phone numbers, date of birth, social security number, IP address, etc. In today’s social media world, you should be very cautious about the information you include or share online. Minimize the information you share about yourself on social media sites. Review your privacy settings on all your social media accounts. The more information you share about yourself drastically increases your risk of being “hacked.”

  • Use your mobile devices safely. According to a recent study by McAfee, another leading computer security software company, mobile devices are now target to more than 1.5 million new incidents of mobile malware. Some tips to help keep your mobile devices safe include create difficult passwords, only install apps from trusted sources, keep devices updated, avoid sending PII or sensitive information over text message or email and perform routine mobile backups using iCloud or Enabling Backup & Synch from Android.

October: National Cyber Security Awareness Month

October is National Cyber Security Awareness Month.  This annual campaign, which began in 2003 as a collaborative effort between government and industry, was created to raise awareness about the importance of cyber security.

Whether we realize it or not, today, the Internet touches almost every aspect of our daily lives. National Cyber Security Awareness Month (NCSAM) serves to engage and educate both the private and public sectors, through events and initiatives, of the importance of cyber security. Through tools and resources the objective of NCSAM is to increase the awareness of safe online practices and resiliency of our nation in the event of a cyber incident.

With recent legislation and support from the White House, there is an even stronger focus on consumers and their cyber safety. Consequently, this month also marks the 7th anniversary of the STOP. THINK. CONNECT. campaign.  Each year, NCSAM highlights the overall message and capstones of this campaign – Keep a Clean Machine, Protect Your Personal Information, Connect with Care, Be Web Wise, Be a Good Online Citizen, Own Your Online Presence and Lock Down Your Login – and offers the following tips to stay safe online.

Watch for Malicious Email/Spear Phishing

A malicious email can be disguised, looking just like it comes from a financial institution, an e-commerce site, a government agency or any business. It typically urges you to act quickly, often by supplying a link in the email, because one of your accounts has been compromised or your online order cannot be fulfilled without additional information or some other urgent matter requiring your immediate attention.

Spear Phishing involves highly specialized attacks against specific targets or small groups to collect information or gain access to data systems. Once they’ve gained access to the network (e.g. a business’ list of customers), they can launch a phishing attack, posing as the business, and sending emails to their customers that look authentic.

If you are unsure if an email is legitimate, try verifying it by contacting the company directly and/or searching for the company online. But, be sure to do this by not using the information provided in the questionable email.

Protect Yourself When Shopping Online

With the convenience of making purchases with the click of a mouse and next-day delivery to obtaining great deals on an endless catalogue of items, online shopping continues to grow in popularity. This convenience, however, also makes it lucrative for scammers to trick buyers into paying for merchandise they will never receive and obtain your personal information for their financial gain.

Take the following safety precautions when shopping online:

  1. When purchasing items from a new website, read the customers reviews.
  2. When making purchases online, be alert to the kinds of information being collected to complete your transaction.
  3. Use safe payment options. Credit cards are usually the safest option when making purchases online. Credit card companies allow buyers to receive a credit if the product isn’t delivered or isn’t what was ordered.
  4. Always read the return policies to know what to expect if your purchase experience doesn’t go as planned.
  5. When shopping online, make sure the site is security enabled.

In addition to the safety precautions mentioned above, limit the type of business you conduct over open public Wi-Fi connections, including logging into accounts like email and banking, and adjust the security settings on your phone or tablet to limit who can access them.

Keep Security Software Current 

Having the latest security software, web browser and operating system is the best defense against viruses, malware and other online threats. In addition to computers, your smartphones, gaming systems and other web-enabled devices also need protection.

Use Unique Passwords 

The best passwords are the random ones…the ones that are the most difficult for you to remember and the cyber criminal to crack. So, mix it up – use variations on capitalization, spelling, numbers and punctuation. Avoid using names, places and dictionary words and never reuse the same password.

With this said, don’t leave notes with your passwords on your computer or your desk. If you choose to save passwords in a file on your computer, create a name for the file that won’t give it away. If you have a difficult time remembering multiple, unique passwords, use a trusted password manager. Be sure to check out the reviews and reputation of the service.

Data Backup 

Today, our digital devices house vast amounts of our important and cherished data. While very convenient, storing all this on our computer or mobile device comes with the risk of being lost. Data can be lost in many ways including computer malfunctions, theft, viruses, spyware, accidental deleting and even natural causes.

So, it’s important to back up your files – make copies of your data, select the hardware or method of storage and safely store the device that holds your copied files – on a regular basis.

 

Ransomware – A Rising Cyber Threat

The ransom business is booming. However, today’s threat doesn’t come in the form of a note composed of letters clipped out of a newspaper. It’s a new spin on the ransom note where criminals unleash an attack on your PC and its data through malicious software called ransomware.

What is ransomware?

Ransomware is a malware that locks your computer keyboard or computer to prevent you from accessing your data until you pay these data kidnappers a ransom. This digital extortion is not new – it’s been around since about 2005. But, the ransom cryptware that encrypts your file using a private key, which only the attacker possesses, has greatly improved.

Is ransomware on the rise?

Ransomware has come a long way since it first showed up in Russia and other parts of Eastern Europe. The growth in digital payment methods, particularly Bitcoin, the most popular method for demanding ransom because it prevents extortionists from being tracked, has greatly contributed to ransomware’s spread.

The FBI recently issued an alert, which included ransomware and fake antivirus scareware scams. The FBI estimates that criminals are netting an estimated $150 million a year through these scams. However, according to identity theft experts, ransomware is far scarier than the scareware scams because when an attack occurs, it can easily escalate from a potential data loss to potential identity theft to a data breach in the form of extortion.

How does ransomware work?

Similar to scareware, this digital assault begins by duping its victim by persuading him/her to click on an infected popup advertisement or taking him/her to an infected website. But, instead of trying to trick their victim into buying fake antivirus software, these criminals hold their victim’s computer hostage and attempt to extort a payment to return his/her data. Very often the ransomware attacker puts pressure on the victim, stating that his/her data will be destroyed in a specified time period if the ransom is not paid.

Often, the criminals only ask for a nominal payment, figuring that the victim will more likely pay to avoid the hassles and heartache (e.g. losing irreplaceable pictures) of dealing with the virus. Yet, when multiplied by thousands, this nominal payment quickly turns into a healthy income for these aggressive attackers.

Ransomware doesn’t just affect desktops or laptops, it also targets mobile phones. In 2015, masquerading as a porn app, ransomware targeted Android users and allowed attackers to lock up the victim’s phone while demanding $500 ransom to regain access.

Today, individuals, businesses, government agencies, academic institutions and even law enforcement agents have been victims. This vicious malware can infect a victim’s digital device via a malicious email or website, or even become infected straight through someone’s computer via a backdoor.

These types of attacks can have a devastating impact, from losing precious personal data to shutting down hospital services in the middle of emergency procedures. That’s why it’s so important to prevent ransomware attacks from happening in the first place.

How to avoid these ransomware attacks?

1.  Use reputable antivirus software and a firewall. Maintaining a strong firewall and up to date antivirus software is critical to preventing a ransomware attack. It is equally important to use reputable antivirus software from a reputable company because of all the fake antivirus software out there.
2.  Back up often. By backing up files to an external hard drive or an online backup service, the threat of a ransomware attack is greatly diminished.
3.  Enable the popup blocker. Popups are the prime tactic used by digital criminals. If a popup appears, click on the “X” in the right-hand corner.
4.  Always exercise caution. Don’t click on links in emails and avoid suspicious websites.
5. If attacked, immediately disconnect from the Internet. Disconnect from the Internet to keep your personal data from being transmitted back to the criminals. Simply shut down your computer and start fresh – re-installing software and downloading backed-up data. If you’re wary about doing this, take your computer to a reputable computer repair shop.
6.  Alert authorities. If you are the victim of ransomware, don’t be tempted to give in and pay the ransom. Ransomware is a serious form of extortion…crime…and your local FBI will want to know about it.

As these cyber criminals become more and more savvy…and potentially threatening, the best offense is still a good defense. Taking precautions to protect your information and continually being alert are the best solutions to avoid becoming a ransomware victim in the first place.

Recent Comments