This year marks the tenth anniversary of October being National Cyber Security Awareness Month. In order to create a safe and secure cyber environment everyone has to play a role in cybersecurity. Cyber threats are constantly evolving requiring all of us to do our part and remain vigilant.
To quote from the Department of Homeland Security website, “Cyberspace is woven into the fabric of our daily lives and the world is more interconnected today than ever before. We enjoy the benefits and convenience that cyberspace provides as we shop from home online, bank using our smart phones, and interact with friends from around the world through social networks.”
Unlike physical threats that prompt immediate action—like stop, drop and roll if you catch on fire—cyber threats are often difficult to identify and understand. Cyber threats include dangers such as viruses erasing entire systems, intruders breaking into systems and altering files, intruders using your computer or device to attack others, and intruders stealing confidential information. The spectrum of cyber risks is limitless; threats, some more serious and sophisticated than others, can have wide-ranging effects on the individual, community, organizational and national level.
Before a Cyber Attack
You can increase your chances of avoiding cyber risks by setting up the proper controls. The following are things you can do to protect yourself, your family and your property before a cyber incident occurs.
Only connect to the Internet over secure, password-protected networks.
Do not click on links or pop-ups, open attachments or respond to emails from strangers.
Always enter a URL by hand instead of following links if you are unsure of the sender.
Do not respond to online requests for personally identifiable information (PII); most organizations—banks, universities, companies, etc.—will never ask for your personal information over the Internet.
Limit who you are sharing information with by reviewing the privacy settings on your social media accounts.
Trust your instincts; if you think an offer is too good to be true, it probably is.
Password-protect all devices that connect to the Internet and user accounts.
Do not use the same password twice—choose a password that means something to you and you only. Change your passwords on a regular basis (every 90 days or so).
If you see something suspicious, report it to the proper authorities.
The extent, nature and timing of cyber incidents are impossible to predict. There may or may not be any warning. Some cyber incidents take a long time (weeks, months or years) to be discovered and identified.
More About PII
PII is information that can be used to uniquely identify, contact or locate a single person. PII includes but is not limited to:
Social Security number
Date of birth
Place of birth
Driver’s license number
Vehicle registration plate number
Credit card numbers
Gender or race
If You Believe Your PII Has Been Compromised:
Immediately change all passwords, and change your financial passwords first. If you used the same password for multiple resources, make sure to change it for each account, and do not use that password in the future.
If you believe the compromise was caused by malicious code, disconnect your computer from the Internet.
Restart your computer in safe mode and perform a full system restore.
Contact companies, including banks, where you have accounts as well as credit reporting companies.
Close any accounts that may have been compromised. Watch for any unexplainable or unauthorized charges to your accounts.
During a Cyber Attack
Check to make sure the software on all of your systems is up to date.
Run a scan to make sure your system is not infected or acting suspiciously.
If you find a problem, disconnect your device from the Internet and perform a full system restore.
Disconnect your device (computer, gaming system, tablet, etc.) from the Internet. By removing the Internet connection, you prevent an attacker or virus from being able to access your computer and perform tasks such as locating personal data, manipulating or deleting files, or using your device to attack others.
If you have anti-virus software installed on your computer, update the virus definitions (if possible), and perform a manual scan of your entire system. Install all of the appropriate patches to fix known vulnerabilities.
If you have access to an IT department, contact someone in it immediately. The sooner someone can investigate and clean your computer, the less damage to your computer and other computers on the network.
If you believe you might have revealed sensitive information about your organization, report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity.
At a Public Place (Library, School, etc.)
Immediately inform a librarian, teacher or manager in charge. If someone has access to an IT department, contact the department immediately.
After a Cyber Attack
File a report with the local police so there is an official record of the incident.
Report online crime or fraud to your local United States Secret Service (USSS) Electronic Crimes Task Force or the Internet Crime Complaint Center.
Report identity theft to the Federal Trade Commission.
If your PII was compromised, consider other information that may be at risk. Depending what information was stolen, you may need to contact other agencies; for example, if someone has gained access to your Social Security number, contact the Social Security Administration. You should also contact the Department of Motor Vehicles if your driver’s license or car registration has been stolen.
For further information on preventing and identifying threats, visit US-CERT’s Alerts and Tips page.
The Department of Homeland Security website is a valuable resource with regard to Cybersecurity and has dedicated each week in the month of October to a different cybersecurity issue. The site also contains links to other resources and downloadable materials to help keep you informed of Cyber threats and issues.
In addition to insuring your home and business, McSweeney & Ricci Insurance Agency is committed to helping you and your loved ones stay safe when disaster strikes. If you would like more information on how to protect yourself from a cyber attack, please contact us at (800) 843-6143.