Wednesday, February 17, 2016

Cybersecurity: Be Suspicious, Be Smart, and Thwart the Would-Be Hacker

So you have taken steps to strengthen your passwords and verified you have a secure connection before entering your credit card information on store websites. Now you can relax and feel secure about interacting online, right?

Wrong! There are many other ways your information can be stolen. Even your smart phone can be at risk. Here are some tips to keep you cyber safe year-round.

How can I stay safe?

  • Hackers use the internet to go look for openings or chinks in a network system and take advantage of them. They might use malware, viruses, or Trojan programs buried in emails or a website that a user clicks.
  • Ways it can be spread: You can pick up this malware on a smart phone or app that you have installed. If you sync that phone with a work computer, you just might install that malware on your system’s network. That free or found USB drive may have come from an accidentally or deliberately infected source. 
  • Sometimes employees unwittingly disable anti-virus or malware protection, or pressures from business management can lead to a compromise between network security and efficiency that sets the security bar too low.
Year-Round Cybersecurity Tips

1.  Do look a gift horse in the mouth. Only use accessories and apps from trusted sources and manufacturers. USB thumb drives given out as random freebies are not a good deal. Craigslist sources for “free” recycled drives, motherboards, or other computers parts should be avoided.

Unless you know what you are doing and can safely and completely “scrub” these components, you are better off buying new. Any offer that is too good to be true should be avoided. Whether it’s online phishing or physical Trojan horses, free is usually bad.
2.  Be very wary of emails from people you do not know, and any file with an attachment should be viewed as possibly toxic. When in doubt, don’t open it or click on it. Don’t click on links in emails or open files, especially from someone you don’t know or contact frequently. Even if it is someone you know, but it’s an attachment or video that you weren’t expecting or is uncharacteristic of them to send; stop and email and ask them if they sent you something. Don’t use that email’s “reply to” feature; start a new clean email. Or pick up your phone and call.

3.  Stay away from sketchy or rogue websites. When you see the green “Lock” symbol, you have the best odds of reaching a legitimate safe site.

4.  On your smart phone, only use applications from trusted and secure sites. Don’t allow apps to access information they don't need to know. For example, a calorie-counting app should not need access to your location and should not be able to interact with other apps like Facebook or banking apps. The app should not have more permissions than necessary.

5.  Assume anyone who contacts you via phone, text, or internet and asks for identification, sensitive information, or a password is a crook.

6.  Don’t disable or turn down your firewall. Make sure it is on, connected, and regularly updated. Criminals are always looking for new vulnerabilities and opportunities, so you need to stay current.

7.  Make sure your data is backed up to an external hard drive or a secure cloud-based service. Often this is offered as a free perk for your security system/firewall: use it! Set this to happen automatically so you don't even have to think about it. 

For further information about the training TEEX Cybersecurity offers, visit our webpage, and bookmark Stop.Think.Connect.™ for more safety tips and resources.

Catherine Gibson is a Training Coordinator for the TEEX Cybersecurity Program. A graduate of Texas A&M University, she has been active in adult education and IT security for 16 years.