octo

Office of the Chief Technology Officer
 

DC Agency Top Menu


-A +A
Bookmark and Share

Cybersecurity

What Is CyberSecurity?

What Is Cybersecurity?

Cybersecurity refers to the technologies and processes designed to protect computers, networks and data from unauthorized access, vulnerabilities and attacks delivered via the Internet by cybercriminals.

One of the most challenging aspects of cybersecurity is the ever-changing and evolving nature of security risks.

Cyber threats can be defined as the possibility of a malicious attempt to damage or disrupt a computer network or system.

 

Online Shopping Don'ts

Online Shopping - Things NOT to Do

DON'T share your passwords with anyone.

DON'T wait for paper statements. Check your credit card and bank statements regularly for suspicious activity.

DON'T respond to unsolicited email or pop-up ads. Shop only at websites you know and trust. Look for "https" at the beginning of the web site address - "s" means secure.

DON'T provide merchants with personal information such as your Social Security number, birth date, or mother's maiden name.

DON'T get drawn in by emails offering cheap deals on popular items and gifts. If the offer sounds too good to be true, it probably is.

DON’T use your debit card to make purchases. Instead, use a credit card. Getting a fraudulent charge reversed on your credit card is infinitely less stressful than restoring a balance to your checking account.

 

Online Shopping - Things TO Do

Online Shopping - Things TO Do

DO check with your parents to make sure it's ok for you to shop online if you are a minor.

DO check Internet merchants' refund policies; some merchants set a deadline for returns or charge a fee to accept returned merchandise.

DO keep in mind you often pay shipping fees to have your purchases delivered.

DO make sure your computer has the latest anti-virus software installed.

DO print and save the confirmation page (your receipt) when completing an online purchase.

DO be responsible. Remember, once you make a transaction online you have legally committed to purchasing that item.

 

Tip 1: Be Aware of Cybercrime and Malware

Be Aware of Cybercrime and Malware

Malware is malicious software code developed by cybercriminals to infect PCs, networks and mobile devices for the purpose of gaining access to and extracting sensitive data, typically for financial gain. You are their #1 target. Whether you're using a PC at home or at work, you are just a tool for cybercriminals to gain access to the data they want to steal or the systems they want to hijack.

Some malware types – like viruses and Trojans – are tools for breaking into your PC, while others – like worms, spyware and key loggers – are all about snooping through a PC or network looking for particular systems to compromise and data to steal.

Still other malware – like bots or bot nets – are all about hijacking PCs to steal computing resources to launch other cyber-attacks. Scammers often secretly use a network of infected PCs around the world to distribute malicious email without users ever knowing.

 

Tip 2: Don't Fall for Scams and Tricks

Don't Fall for Scams and Tricks

It's called phishing, and it often involves using social engineering tactics to trick users into thinking they have been contacted by a service they know and trust – like a bank, online retailer, airline or social media platform – typically via a fraudulent email requesting that a user disclose sensitive information like passwords, credit card details and even social security numbers.

Social engineering refers to the practice of creating deceptive attacks based on what is known about the targeted user. For example, cybercriminals scour users' social media accounts like Facebook and LinkedIn to create phishing emails that look and read real enough to trick users into responding to fraudulent requests to change passwords, confirm payment options or divulge other personal information.

Phishing emails and the websites they link to look like the real thing and can be difficult to identify as malicious right away. It is common for many people re-use the same password for multiple accounts - a user's login credentials for a bank account is often the same one they use to log on to the network at work every day.

 

Tip 3: Resist Your Curiosity

Tip 3: Resist Your Curiosity

Malicious spam remains a major threat to both the user and businesses. These aren’t those annoying marketing emails we’re tired of deleting from our inboxes all day long. Think of malicious spam as a precursor to phishing, employing similar tricks of deception – stealing logos and designs from well-respected brands – to trick users into clicking malicious links or downloading infected files. Malicious spam could even come from an email address spoofed (manipulated) to appear as if it is from someone you know. But one click of the mouse to open an infected Word document or PDF, and your PC may be infected.

Just about any type of malware can be delivered via malicious spam. Often these emails are disguised as shipping confirmation notices, alarming notices from banks, tantalizing photos, mortgage scams, fake news alerts and more – anything to raise our curiosity and get us to open an email and click an attachment or link that only leads to trouble.

 

Tip 4: Browse the Internet with Care

Browse the Internet with Care

A favorite trick of cybercriminals is to poison internet search results. Cyber criminals use our curiosity against us by exploiting high-profile events like a celebrity scandal, new tech gadget or major events like the Olympics, , an election or sports championship. Cybercriminals know what people are searching for online and talking about via social media, and use that information to develop fake sites within hours of sensational news breaking to deliver malware.

While search engines like Google are very good at protecting us from these threats, it may take Google a few hours to identify and remove these sites from its search results, but in that time plenty of users can be infected.

 

Tip 5: Update Software to the Latest Updates

Update Software to the Latest Updates

Two types of malware known as exploits and Zero-day attacks refer to cybercriminals taking advantage of vulnerabilities in the software products we use every day. These include operating systems like Windows, web browsers like Chrome, Internet Explorer and Firefox, and a wide range of popular applications like Adobe Flash and Reader, Java and Skype.

Hackers invest a lot of time and energy searching for faulty software code they can exploit and use as a backdoor into your PC to deliver malware for any number of malicious purposes. Zero-day attacks are named as they are because at the time of their discovery there is no fix for the vulnerability they are exploiting, leaving software companies scrambling to release updates within a few days, which is plenty of time for cybercriminals to spread malware.

 

Tip 6: Don't Be Click Happy

Don't Be Click Happy

Cybercriminals know that users are concerned about security and often employ messages and pop-up screens that appear to be legit programs on your PC requesting updates. Clicking on these links can lead to downloading malware and installing rogue applications.

These rogue software may claim to be antivirus products or system cleaning programs. Some even claim to be from the FBI. They look authentic, but they are designed to infect your PC to extort money from you, or to install additional malware on your computer.

 

Tip 7: Back up All Critical Files

Back up All Critical Files

There is a family of malware known as ransomware, and just like the name implies, these malicious programs take your PC hostage. By clicking on the wrong link in an email or by visiting an infected website, your PC can fall victim to malware that demands payment to be removed, or even worse large sums of money to regain access to your files. Hijacking users' PCs and encrypting files so they are no longer accessible is an increasingly popular tool in the bad guys' arsenal.

 

Tip 8: Stay Safe While Using Mobile Devices

Stay Safe While Using Mobile Devices

Malware is no longer limited to just PCs. With the rise of mobile devices and their proliferation in the workplace, hackers have switched tactics to take advantage of these inviting targets. Malicious Android and iOS apps can cause all sorts of headaches – from running up international text charges to stealing personal data and passwords to transmitting infections to other devices, like your PC.

 

Tip 9: Don't Be a Carrier

Don't Be a Carrier

Just like people can spread the flu or a cold to colleagues, users can spread malware infections to their work PC and network. Two common ways this happens is by sharing files between a work and home PC that may not be as secure or is used by other family members who do not practice safe online habits.

Users may work on an infected document on their home PC and email it to their work computer or upload to the cloud where other users may access it, getting infected themselves. Sharing devices between users is also risky as this can carry a virus from one machine to another resulting in multiple infections.

Phishing emails and the websites they link to look like the real thing and can be difficult to identify as malicious right away. It is common for many people re-use the same password for multiple accounts - a user's login credentials for a bank account is often the same one they use to log on to the network at work every day.

 

Tip 10: Know Your Friends

Know Your Friends

Security threats on social media continue to grow exponentially. Shortened links are effective tools to hide malicious URLs, and threats tied to compelling images and videos shared on Facebook can spread quickly among friends.

Cybercriminals can quickly set up fake accounts and profiles to spread malware, typically employing the same social engineering tactics they've perfected. Moreover, cybercriminals can hijack your profiles and accounts to spread malware under your name to people you're connected to.

 

Attachment(s):