Everyday Steps Towards Online Safety with Stop.Think.Connect.™
Since its establishment in 2004, October has been recognized as National Cybersecurity Awareness Month (NCSAM) by President Barack Obama and the Department of Homeland Security (DHS). NCSAM is a country-wide campaign to assist in raising awareness surrounding cybersecurity. Every day, more devices connect to the internet and more parts of US Citizens lives become increasingly intertwined. It’s our responsibility to take steps to move forward in securing our personal information, as we are our own front line of defense. It’s our job to remain #CyberAware.
Week one of October has been established as “Every Day Steps Towards Online Safety with Stop.Think.Connect.™ As consumers, we have more control over the devices and technology that we purchase than we normally realize. Here are some steps Americans can take to ensure the integrity of their technology, and the information they maintain.
- Run Antivirus and Anti-Malware: Antivirus and anti-malware software work to identify any malicious software (malware) or inappropriate processes running at an unnoticeable level to a normal user. Running scans to identify anomalous behavior can assist in minimizing a potentially detrimental incident. Some good examples of antivirus and anti-malware are Kaspersky, McAfee, Sophos, AVG, and MalwareBytes. This software should be updated regularly to ensure that it has the ability to detect the latest version of different strains of malware.
- Change Default Credentials: If you have a home router and you are not a technical person, chances are you have never logged into the administrative console of the box itself. This portal, which requires administrative credentials, holds valuable information, such as the wireless network password and your firewall configuration. Internet service providers, like Comcast, will leave default credentials in place for users to log in and configure settings. Unfortunately, not many people change these. It’s important to browse to the router’s login page, located at (e.g. http://10.0.0.1 or http://192.168.1.1 typed in a web browser), and search online for the default credentials for your router (often username: admin, password: password). Default credentials for all technologies that we use should be changed.
- Don’t Click on Foreign Links or Open Unknown Attachments: Often times, a hacker will send a mass or targeted email to unsuspecting potential victims. This attack is known as phishing or spear-phishing. Malicious individuals will often add a link to a hijacked website or will upload an infected attachment with the goal of having the email recipient click the link or download an attachment. This is a one-way trip to obtaining a virus or another kind of malware. It’s best to avoid clicking links, in particular, altogether, and browsing to the valid website on your own.
- Passwords: Utilizing strong passwords is critical to online security. The industry standard that we at OCD Tech like to follow and recommend to our customers is that passwords should have eight (8) character minimum character requirements if multi-factor authentication (MFA) is in place (such as a password and a finger print), or fourteen (14) character passwords if standing alone. Furthermore, passwords should contain complexity requirements, such as numbers, letters, and special characters; avoid dictionary words. Passwords should be changed regularly, between thirty (30) to ninety (90) days, and should not be reused for a minimum of 15 password changes. Lastly, passwords should differ per application in regards to consumer online presence.
- Cover Laptop Cameras: If your computer has a camera, this camera is likely susceptible to hijacking. A hacker could be watching you as you read this post! It’s very important to cover these cameras when they are not in use. Different companies sell laptop covers, or a piece of paper taped over the lens will suffice for an inexpensive solution (do not place tape directly on the lens).
- Patch Systems and Update Software: Often times, when software updates are released by a vendor, the new version has fixed to a bug or a vulnerability. Maintaining and utilizing an older version of software could expose it to an exploit by a hacker.
Don’t Access Sensitive Data on Public WiFi: Public WiFi is dangerous when accessing sensitive information, such as bank accounts or bill pay. It’s quite simple for a malicious individual to snoop traffic traversing a network, and if the network is publicly accessible, it’s even easier. Make sure the wireless network that is being used to access financial or health related information is protected and trusted.