JOINT BASE LANGLEY-EUSTIS, Va., Oct. 9, 2019 —
Every October the U.S. government and additional organizations bring attention to National Cybersecurity Awareness Month.
NCSAM was created to raise awareness about the importance of cybersecurity and to ensure that people have the proper resources to be safer and more secure online.
To further the initiative, the 633rd Communications Squadron Cyber Security Office will be emailing weekly bulletins throughout the month of October with information on different topics about cybersecurity awareness.
Social media & ransomware
While using social media, it is important to keep privacy settings updated and recommended to set privacy settings to what someone is comfortable sharing.
Users are also advised to turn off location settings to ensure others can’t track one’s whereabouts at any time.
Remember to connect and communicate only with trusted people and report any suspicious or harassing activity.
There is no delete button on the internet. Even if a post is deleted from a profile, the data is still stored on servers and viewers can take a screenshot of the post before it is deleted.
Some common threats on social media are:
- Virus/other malware and network attacks
- Personally identifiable information breach
- Victim of social engineering/scams
- Harassment and cyberbullying
In addition, users are warned about ransomware, a type of malware targeting both human and technical weaknesses in an effort to make critical data and/or systems inaccessible until a ransom is paid.
The best ways to protect data and preserve assets are to back up important files frequently and perform regular software updates.
Mobile security & cloud computing security
Mobile security involves protecting both personal and business information stored and transmitted on smartphones, laptops, tablets, and other mobile devices.
Some security concerns about mobile devices are:
- Losing a device
- Application security
- Malware attacks
- Out-of-date devices
- Juice jacking – data being extracted while charging on a Universal Serial Bus (USB) connection
Cloud computing, also known as the cloud, is a way to deliver files, documents and other information over the internet, as well as storing it all on servers.
Many cloud services provide strong security and technology allowing them to be a good place to back and send data.
Cookies & spyware
Cookies are small text files placed on a computer by a web server when it is visited, they’re used to store data about the user and their preferences so that the web server doesn’t have to repeatedly request this information.
While they can make internet life easier there can be some negatives. Allowing cookies onto a computer can allow someone to track a user and track what websites they use, which search engine they prefer and even collect personal information.
The information collected can secretively be transferred to other websites without permission and without warning. Cookies can also be a cause of advertisements following a user around the Internet.
Also known as adware, spyware refers to software that, when installed on a computer, may send pop-up ads, redirect a user’s browser to certain web sites, or monitor the web sites they visit.
How to know if spyware is on a computer:
- The user is subjected to endless pop-up windows
- Users are redirected to websites other than the one typed into the browser
- New, unexpected tool-bars appear in the web browser
- The browser’s home page suddenly changed
- Random Windows error messages begin to appear
- The user’s computer suddenly seems very slow when opening programs or processing tasks
Insider threat & digital signatures
Insider threat can happen when someone close to an organization misuses their authorized access to negatively affect the organization.
Some characteristics of an insider at risk:
- Greed or financial need
- Vulnerability to blackmail
- Compulsive and destructive behavior
- Rebellious or passive aggressive
- Ethical flexibility
- Reduced loyalty
- Minimizing their mistakes or faults
- Inability to assume responsibility for their actions
- Intolerance of criticism
- Self-perceived value exceeds performance
- Lack of empathy
- Predisposition towards law enforcement
- Pattern of frustration and disappointment
- History of managing crises ineffectively
Digital signatures rely on private and public keys, so protecting them is important. Encryption keys and certificates should be secured at work by maintaining positive control of an individual’s CAC and SIPR tokens.
While at home, Trust Service Providers are responsible for ensuring the security of digital and electronic signatures.
Identity theft & internet scams
As technology further allows people to connect with each other easier and faster, it comes with some added risks.
Identity theft, phishing attacks and healthcare scams are more common threats that people may face.
Malicious websites or people may attempt to gather someone’s personal information by email, phone call or malware and viruses. Sometimes they even offer the user a better deal on insurance or other deals in exchange for the user’s healthcare information, social security number or financial information in order to take advantage of the deal.
For more information on cybersecurity and how to better avoid threats, call the 633rd Communications Squadron Cyber Security Office at (757) 764-2776 or email their organization box at firstname.lastname@example.org