It’s National Cybersecurity Awareness Month

Standard

The following article was published in todays Fosters and Seacoast Sunday.

oct-is-ncsam-twitter-v2.png

Every October the National Cyber Security Alliance and Department of Homeland Security declare National Cybersecurity Awareness Month. In this age of ever-increasing cyber threats, this is such an important initiative everyone should pay attention to at home and work.

This year is the 15th year for National Cybersecurity Awareness Month. The themes this year are about our shared responsibility for protecting ourselves online. Each week has a specific theme with useful recommendations to help you be more secure. Week 1 is just wrapping up and the theme was “Make Your Home a Haven for Online Safety.” The following are some suggestions for doing this:

Lock down your login: Visit www.lockdownyourlogin.org for recommendations to improve the safety of your logins. Where ever you are able, you should enable multi-factor authentication and leverage biometrics to secure your login so it’s just not your login name and password that’s required to access your accounts and systems.

Back it up: Back up your important information. Large-capacity external USB hard drives are affordable. At a minimum, you should back up your data to an external drive and store it outside your home for safe keeping. Even better, an online Cloud backup solution can back up your data in real time and safely store it offsite.

Personal information is like money. Value it. Protect it: Be careful with what you share online, especially on social media. You should always safeguard your personal details, not just online, but even over the phone. Be careful what information you share and be absolutely certain of who you are sharing it with.

Keep a clean machine: Always keep computers, mobile phones and tablets up to date and protected with proper security tools. If you no longer need a previously installed software application, remove it. Don’t let it sit there as over time, it may become a risk.

Pay attention to the WiFi router in your home: Change the factory password to something very secure and enable the highest level of security for your wireless password to keep non-authorized people from connecting to your wireless network. Lastly, keep the router software up to date so any known risks are patched and eliminated.

Share with care: Those online games that ask you how many states you’ve been to or naming your first pet, the street you grew up on, etc. can be used to steal your identity. Just don’t play them.

Next week’s theme is “Millions of Rewarding Jobs: Educating for a Career in Cybersecurity.” The IT workforce is experiencing a massive shortage of skilled talent. IT careers, especially cybersecurity, are widely available. Encourage schools to expand curriculum beyond coding. We need to get our kids interested in IT careers as our economy continues to evolve to a technology driven engine. We are importing more technical talent than we are developing at home. This is an economic and national security risk. We need a grassroots effort to change the mindset of parents and teachers so kids are exposed to all of the opportunities available to them.

The week of Oct. 15 has the theme “It’s Everyone’s Job to Ensure Online Safety at Work.” No matter where you work or the size of your company, you play a critical role in ensuring your business is safe. All employees need to be aware of your company’s most important data. You handle easily replaced material very differently from material that is expensive or hard to replace. The same should hold true for your digital data. Every person in the company has a responsibility to protect the data they work with even it’s as simple as swiping a customer’s credit card on care reader in a restaurant.

Companies need to have processes to identify potential cybersecurity risks and trigger a response plan should an incident occur. It’s critically important for your teams to know how to detect an event and how to respond. It’s also critically important for your teams to know what they are authorized to do or say in these situations and who needs to be made aware.

The final week has the theme “Safeguarding the Nation’s Critical Infrastructure.” Critical infrastructure encompasses a wide range of industries. Public utilities, the financial system, health care entities and information technology firms make up some of the major components of our nation’s critical infrastructure. These firms must have robust and cybersecurity plans and collaborate with many government agencies in real time to ensure the safety of these systems for the good of all.

For more about National Cybersecurity Awareness Month, visit https://staysafeonline.org/ncsam/ and follow the hashtag #CyberAware on social media.

Your Facebook Account May Not Be Hacked

Standard

But telling all your Facebook friends not to accept your fake friend requests may actually be helping the hackers, so you may want to think about deleting those posts.

Facebook Fake AccountI don’t know about you, but my Facebook feed was inundated with friends warning me not to accept friend requests from them as their account got hacked and these are fake.  While the requests may be fake, the account has probably not been hacked.  Yes, Facebook had a significant security breach recently, with over 50 million accounts potentially impacted.  You may have noticed after that news broke, that you were logged out of your Facebook account and had to log back in and create a new password.  This was Facebook’s proactive response after the breach, to try to require all its members to be safe.

Here’s the reality of the situation:

  1. Your account may not be actually hacked.  An account does not have to be actually hacked in order for a hacker to copy your profile picture and pretend to be you and send out friend requests.
  2. Your friends should know if they are already friends with you.  They should not accept a friend request from you if you are already friends.  This is simply common sense.
  3. By posting not to accept friend requests, you may be playing in to the hackers hands.  They want to disrupt Facebook and clutter feeds to make people frustrated with Facebook.  Don’t help them.
  4. Definitely don’t forward messages on Facebook messenger.  Those could spread a potential virus without you knowing.  Just ignore and delete the messages.
  5. You should never copy and report Facebook statuses like this or others that seem innocent enough.  These often let the hackers know who is vulnerable to their ploys and they will use this against you, now or in the future.
  6. If you want to know if you account has actually be duplicated, just search Facebook for your name.  If you see more than one of you, then someone is trying to impersonate you.  Follow Facebook’s process to report a fake account.  That’s the best way to deal with these things.

At the end of the day, just use common sense.  Ignore friend requests from people you are already friends with.  Don’t help the hackers out by telling all your friends to ignore those requests, just ignore them and move on.