Home > Cyber Warfare, Security > White Hours Proclaims Cyber Security Awareness Month

White Hours Proclaims Cyber Security Awareness Month

The now official national event aims to make everyone aware that they are indeed part of national security. You, yes you! Securing your home wireless connection, making a strong Facebook password, not writing down your passwords at work, all play part.

http://www.dodbuzz.com/2011/10/03/wh-proclaims-cyber-security-awareness-month/

Some things you can do to make your life more secure in todays’ technology driven world:
1. Create strong passwords making use of uppercase & lowercase letters, numbers, and even symbols. SdkjC_E@3@23r is a much stronger password than september80
2. When logging into your favorite website or entering sensitive information such as credit card information, make sure the site is SSL encrypted. Check that the address begins with https:// and not http:// and look for the little lock icon that most browsers have next to the address or at the bottom of the window.
3. Use different passwords for each site that you log into.
4. Change passwords frequently, of course theres a limit where password maintenance can become inconvenient but having your browser remember your password can help, or better yet, use a password utility. http://www.zampin.com/5-best-and-free-utilities-to-manage-your-passwords-online/
5. Install and update antivirus on every computer and smartphone that you use. Of course you can’t install it on your work computer or atleast you should leave that up to whoever manages the network to do that. But if you believe your computer is missing protection or isn’t up to date, let your manager or IT person know. If you’re one of those small business owners that can’t afford real IT maintenance, be sure to reach out to me and I will even help you out.
6. Keep software up-to-date. Other than phishing, most attackers seek vulnerabilities to access and escalate priviledge on your computer or network. Keeping your computer up-to-date with microsoft updates and making sure you install the latest updates for flash, java, adobe reader, and other software vendors will help decrease your vulnerable attack surface. A scanner like Secunia PSI will scan software installed on your computer and let you know what software requires updates.
7. Phishing and social engineering are becoming more targeted, meaning people will pretend to be official people and pretend to get information from you. BEWARE WHO YOU GIVE INFORMATION TO! It’s better to be paranoid about this.
8. Be more open to Murphy’s Law, whatever can happen, will happen. Assume certain accounts will be compromised, what do you do? Do you know who to call? How do you limit how much these ‘people’ who stole your information have access to? What can they do with that information?

Let’s assume a common scenario, someone requests to be a ‘friend’ on facebook. You’re weary about adding people you don’t know but you go for it anyway. Most settings allow friends to see details in your profile such as cell phone number, email addresses, personal websites, affiliations, friends, places of work. I read through your statuses, see how much your boss pressures you to get things done and how much you hate it so i do a little research on your company and decide to give you a call on your cell phone that you gave me from your profile
Stranger: “Hi, this is Jane Doe from Where You Work, Mr. AngryMeanBoss really needs a document from you and he asked me to call you and get the password for your computer”
You: “What? Well I shouldn’t…”
Stranger: “Please I understand if you really don’t want to but he’s very frustrated and I want to keep him from calling other people, especially you on your day off. I don’t want him to fire me, please”
You: “Ok, password123”
Stranger:[click…]

You’d be surprised how often this happens in the modern workplace and as silly as it seems, in the moment you may actually regard it as truth. Only to in a few minutes or more realize what you have just done.

But you’re smarter than that….so someone ‘guesses’ or ‘hacks’ your facebook password, they have access to the same information including your birthdate. I see that you ‘like’ MyRichBank so I send you an email pretending to be from MyRichBank. “Hello John Doe, we have detected that your account has recorded some suspicious activity. To assure you that you information is secure, we have identified your personal identifier as your birthdate being 4/1/1972. Please click here to log into your account and cancel suspicious activity before your account is overdrawn.”

Normal Reaction: Wow, they know my birthdate, it must be my bank, i don’t want to pay overdraft fees, i better check it out!
Correct Reaction: If you are ever in doubt, just go directly to the banks website by typing the address into your browser. Do not rely on emails to tell you the address.

Advertisements
Categories: Cyber Warfare, Security
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: