What have you been up to this October? When you think about the month, a lot comes to mind. But aside from the pumpkins, Halloween and your favorite seasonal beverage, it’s important to remember that October is cyber security awareness month. This month Cybersecurity & Infrastructure Security Agency’s (CISA) theme is “See Yourself in Cyber.”
Did you know that CISA has been around for 19 years? It was developed to help educate, fight and assist the United States’s other crime-fighting divisions in learning about cybercrime, understanding what it looks like, how to stop or prevent it, and more.
But what exactly is cybercrime? It’s defined by CISA as “any crime which is committed electronically.” This can include identity theft, financial theft, malware, malicious social engineering, intellectual property violations and more. In this article, we’ll remind you of cyber security best practices and cover some of the main points from CISA this year.
Think Before You Click: Recognize and Report Phishing
In terms of email, stop and think before you click on a link or download an attachment. Were you expecting the email? Does it contain any red flags or strange verbiage from the sender? Verbally verify with the sender that they sent the email.
This can also apply to users in a public space. Stop and think before connecting to an open Wi-Fi network. Most networks require you to authenticate to join them, so any open networks could be a red flag where attackers are trying to spoof or imitate another legit network.
What if you come across a random USB drive? Stop and think before you connect it to your laptop. In fact, don’t connect it at all—that drive could have malware, ransomware or worse on it!
Shake Up Your Password Protocol
This one is simple. Keep your passwords different, and where possible, protect the accounts with multi-factor authentication (MFA). Use a password manager like LastPass to help manage your passwords and keep them secure.
Scary Story Time!
Ready for a true, spooky story from one of our clients?
This client had the same password for over 130 accounts, and that single password became compromised (who knows from where with that number of accounts!). It took this user over a week to change all the passwords. While the passwords were being changed, other important accounts, like banking, were accessed.
Keeping different passwords for each site and enabling MFA would have prevented this from happening.
Are You Playing Hard to Get?
You should be! Cybercriminals are pros at using social engineering to trick you into providing sensitive information such as credentials, bank account numbers or personally identifiable information. Always make sure to verbally double-check changes included in bank information emails or payroll information.
Hopefully, you’re smart about following cyber best practices, but that doesn’t mean everyone else is. It’s up to you to be diligent and verify everything to ensure a sender was not compromised.
Stay Protected While Connected
Whether it’s laptops, desktops or mobile phones, all internet-connected devices should have some anti-malware or zero trust protection. Zero trust apps will check programs to see if they are “known good” or “known bad.” They will allow known good applications to run and keep unknown or untrusted applications out until verified.
Other hardware appliances like Bitdefender’s BOX 2 can help keep your home network safe and free from rogue internet of things (IoT) devices from phoning home to a malicious server. It’s easy for unpatched smart bulbs, smart plugs, smart thermostats, smart cameras, Alexa and Google devices to be compromised and start a malicious botnet attack either on your network or against someone else’s.
Stay Up to Date
I know, I know, you hate updating your iPhone because something may look different, change, or introduce an issue you don’t know how to resolve. Most of the time, software bugs (major ones at least) have been fixed before most releases, but there are times something falls through the cracks.
That’s why patches are crucial. Patches are the manufacturer’s way of fixing vulnerabilities in the software, and it’s important to keep things up to date and patched.
If you follow the basic tips, tricks and best practices to help keep you and your company safe online, you will be in good cyber health! And remember to spread the word about good cyber health to friends, family and colleagues.
Our Technology Solutions Group includes a team of cyber security experts. We’re happy to meet with you for a free cyber security assessment of your organization’s IT infrastructure. Or, you can contact us online or call 410.685.5512 with any questions.