Want to Evade Cyber Criminals? Use These Three Tactics
By Brian Calkin, VP of Operations and Gina Chapman, Senior Director of Operations, MS-ISAC®
Cyber criminals often go for the low-hanging fruit – so to get Cyber Security Awareness Month (CSAM) started, we’re sharing three tips to avoid becoming their next victim.
Use Smart Passwords
Too many of us rely on passwords that are easy to break with brute-force programs and dictionary attacks. Birthdays, common pet names, and common nouns make easily-guessable passwords, so try these techniques instead:
1) Use a password manager: It’s 2017, and sticky note passwords should be a thing of the past. Password managers allow you to maintain complex and unique passwords without wracking your brain trying to remember each one.
2) Enable two-factor authentication: Many websites and applications now make it easy to implement two-factor authentication, which typically requires something you know (your password) + something you have (usually a text message, email, or app notification). Even if a cybercriminal guesses your password, they’re unlikely to have access to your text messages or inbox.
For more information, check out this newsletter: Why Strong Passwords Matter
Think Before You Click
It’s easy to be tempted by cool programs and free apps, but there are a few things to consider before you download a file – or even open an email.
First, consider the source: if it’s an email, do you know the sender? Cyber criminals will often imitate trusted sources, like banks, utilities, or even your employer or manager. If the email looks suspicious, contact the sender to verify. Be cautious if the sender asks you to provide financial information, download a file, or click on a link – these are all signs of phishing, a tactic used by cyber criminals.
For more information on phishing, check out this CIS Cybersecurity Minute video.
You’ll also want to consider the source any time you download a program or application. Are you getting files direct from the owner/developer, or using a third-party vendor? If you’re relying on a vendor, be sure to verify the authenticity of programs before you install.
When downloading phone applications, look at the permissions carefully before installing. A simple calculator app, for example, should not need access to your photos or contacts.
One of the most pervasive issues in cybersecurity is a failure to update or “patch” systems. Yes, it can be frustrating to have to restart your computer, phone, or app – but maintaining up-to-date systems is an important routine for protecting our online lives (what we at CIS call “cyber hygiene”).
The Multi-State Information Sharing and Analysis Center ® (MS-ISAC®) provides cybersecurity advisories with important information about updates that address critical vulnerabilities.
By following these techniques, you’ll reduce your chances of being a cybercriminal’s next target. Check out our blog throughout October as we share more cybersecurity tips and ideas for CSAM.