Another year on the internet of things means another yearly reminder of how we need to be more cognizant of the Internet and do our part to “secure our world”. Ironically, the “secure our world” quote is the theme for this year.
The concept of “secure our world”, was brought on by the recognition of our 20th year, the CISA (Cybersecurity and Infrastructure Security Agencies), has announced a new cybersecurity awareness program, “Secure Our World”. This reflects a new message that needs to be integrated across CISA awareness campaigns and programs. In our opinion, it shouldn’t only be CISA but everyone else’s prerogative as well. Albeit the direct target is for the nation of the United States and the CISA programs within it, we think fellow North Americans, and the rest of the world could take a page out of this book.
Under this new message, we have some tips and tricks to staying safe online:
Using Strong Passwords
- Under this are the helpful instructions to use long, random, and unique passwords, as well as include all 4-character types (uppercase, lowercase, numbers, and symbols). Password managers are also a helpful tool to create and store passwords for each of your accounts.
- To reinforce this the Cybersecurity community recommends not using known passwords to be easily broken into via a “Brute Force Attack” (a brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly.) Including but not limited to: “Password” “Password1” “(your_name)123” or such things like names of your kids, pets, or partners.
- Some free software is available for password management, including Google’s password manager, and another great one is LastPass which is free for individuals use and a yearly subscription for company use.
Turn on MFA (Multi-factor Authentication)
- The use of MFA has been a staple across the security industry because security on the internet as well as in real life is based on: What you know, what you are, and what you have (this being Authentication). Enabling this on your account makes it trickier for bad actors to gain access or hack your accounts and services.
- The additional reminder is to especially enable MFA on your emails, social media, and financial accounts.
Recognize and Report Phishing Attempts
- Be cautious of the many unsolicited messages asking for private information. Avoid sharing your sensitive info or credentials with unknown sources. You should report all phishing attempts and delete messages. Do not open attachments or links, because malware or malicious software may download and attach itself to your devices.
- Phishing takes many forms, whether it’s the Nigerian Prince asking for you to send money, or its your long-lost relative sending you a text message asking if you can provide your SIN to help them get on a flight. Phishing has grown since the era of scam telephone calls and emails. Bad actors will even use voice audio recordings from phone calls to attempt to hack into your financial accounts will auditory AI generated voice software.
- Forms of phishing to be aware of and immerse yourself in: Spear phishing, CEO Fraud, SMS phishing, Cloning, Social Media Phishing, Vishing, Pharming and Man-in-the-Middle Attacks. There are still more forms but these few list off the general idea of the many different forms of cross hacking/social engineering tactics, bad actors will employ to exploit you and your company’s information.
- Ensuring your software is up to date and reading/researching patch notes and updates. Is the best way to make sure you have the latest security patches and updates on your devices. Regularly go into your settings on your devices and check to see if automatic updates are available or not.
- Be aware that sometimes software updates are not always secure, sometimes bad actors will find exploits in newly updated systems that may be considered Zero-Day exploits. (A zero-day is a vulnerability in a computer system that was previously unknown to its developers or anyone capable of mitigating it.)
Backing up your Data
- Whether it’s personal device data, or corporate data, a secure way to ensure information is kept safe is by backing it up. In many cases, there are instances where companies and individuals will get hacked and exploited based on information. A bad-actor will lock out your Operating system, hard-drives and servers and then hold them for random. This is known as a ransomware attack. Ransomware is a type of crypto virologic malware that threatens to publish the victim’s personal data or permanently block access to it unless a ransom is paid.
- The result of this may lead to hundreds if not thousands of damages, and the loss of reputation to companies and for the honest individual, hundreds of dollars in damages. This is why its important to use Anti-malware software, although you may be paying a yearly subscription, its cheaper than having to replace entire machines, and priceless memories or information.
- As we have done here, the security of the internet also includes you, by sharing this information with friends, family and loved ones, opens the opportunity to educate those around you. By doing this, creating a safer environment over the internet for all of us, including us here at Atlas news.
The internet is indeed an incredible tool, but it relies on the collective efforts of its users to remain safe and enjoyable. By taking cybersecurity seriously and practicing safe online behaviors, we can help ensure that the internet continues to be a powerful force for good in our lives while minimizing its risks. Together, we can make the internet a safer place for all.