These 8 cybersecurity tips should keep you out of trouble when working and playing online.
Recently, I received a call from a small business-owner friend of mine who was frantically asking for advice on an unforeseen situation. Apparently, one of his staff had clicked on an illegitimate link in an email and the staff member’s computer was acting up. After asking a few probing questions about the behavior of the computer, I realized that the machine was in fact infected with malware. Luckily, we were able to take some immediate actions and contain the damage only to one machine.
Then I got to thinking perhaps incidents like this are more prevalent than many of us realize. Lo and behold, according to a report by Ponemon Institute, 75% of small businesses in the United States suffered from cyber attacks in 2019. Consequently, this article looks at some of the undesirable situations that can happen to any one of us who use computers throughout the day. I’ve also included a one-page infographic that you may find helpful around the office.
Internet was created with the idea of sharing knowledge and information with no locks and safeguards. Its creators did not anticipate Internet to become a mega-channel for commerce. They also did not expect that certain types of users would exploit this open library to cause harm to others, and make money doing so. Over time a number of factors has led to an increase in malicious activities on the Internet. These factors include availability and ease of access to the Internet, emergence of the dark web where stolen material and credentials are traded, and others.
Malware is a computer program created with malicious intents. A few common types of malware include viruses, spyware, and ransomware. Bloatware and adware are examples of less-malicious software. These types of software typically don’t cause damage to the device yet they impact the performance of the device and they track users’ behavior and habits.
Viruses are unwanted pieces of software that damage other programs and eventually make the computer unusable.
As the name suggests, spyware monitors the behavior of the user and reports to the mother-ship. People operating the spyware can then target the user with specific products and promotions. With the increasing popularity of the cloud services, spyware have branched out into ransomware and on-line adware.
Instead of just simply monitoring the users’ behavior, ransomware does something far more vicious. Engineers behind the ransomware break into the victim’s computer and encrypt the hard drive. In that case, the perpetrator is the owner of the data on the victim’s machine and only s/he has the key to unlock the encryption code. When hit by ransomware, the natural tendency is to pay the ransom and obtain the key form the hackers. However, the reality in that situation is that all the ethical gloves are off. There’s no guarantee that after paying the ransom, the attacker will share the key. And even if you receive the key, you may not know how to use the encryption key to unlock your files.
Typically carried out by fraudulent email messages or instant messaging, phishing often directs users to divulge personal information at a fake website, which matches the look-and-feel of the legitimate site.
Attackers use social engineering tactics to trick victims into revealing sensitive data. Perpetrators either sell victims’ data on dark web or use the data to directly exploit victim’s financial or other accounts.
Spear phishing is a phishing attack directed at high ranking individuals. Attackers often spend a great deal of time researching their victims, their lifestyles, family members and their connections. Once enough pieces of the information have been collected to build a comprehensive picture of the victim, the attacker strikes using a well-crafted email message.
In 2016, Group-4127 used spear phishing to exploit John Podesta’s email account, where contents of emails were released on WikiLeaks.
Whaling is a type of spear phishing attacks directed at senior executives and other high-profile targets. In these cases, the content is crafted to target upper managers and their roles in the company. The content of a whaling attack email may be an executive issue such as a subpoena or customer complaint.
Pharming is a form of social engineering cyberattack, where attackers redirect web traffic to a specially designed fraudulent website intended to mimic the appearance of a legitimate site.
Cyber criminals compromise the domain name system (DNS), redirecting Internet traffic to their pharming site. Once victims reach the fake site, attackers wait while the unsuspecting users log in as usual and submit their sensitive and personal information to fraudsters.
How Pharming Works
To understand the mechanics of a pharming attack and how they are carried out, we need to explore domain name system (DNS).
Web sites are identified by a series of numbers separated by periods, knows as Internet Protocol (IP) addresses such as 188.8.131.52. Since names are more easily understood and remembered by people, a special server maintains what is called a DNS table which translates web site names to numerical IP addresses needed to locate and identify services and devise on the Internet. When you enter the address of a website for the first time, your browser creates a DNS “cache” so you don’t have to return to the server every time you want to revisit the site.
Pharming through Malware – This pharming method plants malicious code via a malicious computer code delivered by means of an email or a download link. This code then corrupts the hosting files on your device, secretly rerouting you to a fraudulent pharming site set up by cyber criminals for the purposes of obtaining your personal data.
DNS Poisoning – This type of pharming “poisons” the DNS cache, corrupting the server and redirecting internet traffic to fraudulent pharming sites. The consequences of this type of attack are far more widespread than malware-based pharming as multiple websites can be compromised.
Virtual Private Network, or VPN is a software that creates a secure, point-to-point communication tunnel. A VPN service encrypts, or scrambles, data so that a hacker cannot understand what a person is doing online. In essence, a VPN creates a private network within a public network. While VPN does not provide 100% protection against hackers, it greatly reduces the risks that come with using public wi-fi. If you use a simple password combination to logon to the VPN service, hackers can also logon on to the same communication channel.
Ways to Reduce Risk
At this point, you might be thinking whether you can protect yourself on the Internet, and the answer is yes. Being vigilant instead of being paranoid is an effective approach to staying safe online. Always be aware of web sites you visit and pay attention to the address bar. If the address of the web site looks suspicions, or a web site you’re visiting redirects you to another unfamiliar address, close all instances of the browser. If you suspect your computer is being infected by a malicious code, scan the computer for viruses and other malicious software using a virus scanner.
Following approaches and recommendations should minimize the risk of falling victim to cybercriminals.
- Make sure your operating system, security and other software are up to date. Outdated software makes your computer vulnerable to exploitation.
- Change the default password on your wi-fi router. When a scammer tries to access your computer, the first place they check is the router. If the router still has the default password, your network is vulnerable to attack.
- Be cognizant of websites you visit. Fraudulent websites can install malicious software or browser extensions on your computer that will modify the DNS cache.
- Be mindful of any emails you open. An email attachment can also contain malware. Always make sure the email is from a known or reputable source. Although, spoofed email accounts can send infectious attachments, so ask yourself: “Am I expecting this email from a dear friend?” If not, either delete the email or verify with the friend whether s/he actually sent you the email with the attachment.
- Refrain from using public wi-fi. Free wi-fi is tempting but it can be costly. First off, these free networks are open to all kinds of vulnerabilities and eavesdropping. For instance, a coffee shop is not in the business of providing the most secured network. If you see two similar wi-fi networks such as Joes_wifi and Joes_Private_wifi, it is possible that a hacker sitting just a few chairs away has set up a wi-fi trap to capture uninformed patron’s information. You’d be much safer activating your phone’s hotspot service and connecting through that. If you absolutely must use a public wi-fi, make sure to have a reputable VPN service to go with it.
- Use strong passwords with a password manager. Days of using a combination of your dog’s name with the name of the city you were born in are over. Along with social engineering techniques, hackers use sophisticated dictionaries to arrive at all kinds of complex phrases. Strong passwords are at least 8 character long, employ a combination of upper and lower case letters with numbers and special characters such as #, &, @. Remembering such a password is not easy and that’s why you need to use password managers to track all your passwords. Of course, you should not use the same password for multiple web sites, especially if those web sites are critical to your lifestyle, and we’re not talking about social media web sites.
- Use 2-factor/multi factor authentication to access important web sites.
- Back up your critical data.
You can find these tips in the pdf document. Use it as a reminder to yourself and to your staff and keep your business safe from malicious activities.
Play Hard. Play Safe.