As the nation’s premier information technology combat support agency and trusted provider to connect and protect the warfighter in cyberspace, DISA is marking National Cybersecurity Awareness Month by sharing tips and resources to remind its global workforce of the role it plays in defending against cybersecurity threats.
This year’s theme, “Do Your Part. #BeCyberSmart,” aims to help individuals implement the appropriate cybersecurity practices at work and at home by highlighting the tricks scammers and hackers use to steal personal information and infiltrate computer networks.
National Cybersecurity Awareness Month, observed each October, highlights a different security theme each week and offers tips to avoid a variety of unique cyber threats. Themes this year include securing devices at home and at work, and staying secure while teleworking.
“Throughout October, we will share information on our website, public.cyber.mil, as well as on our social media platforms which include Facebook and Twitter,” said David Still, DISA’s cybersecurity awareness project manager.
Expanded telework during the COVID-19 pandemic present increased opportunities for stealing sensitive data or spreading malicious software. Common methods include sending links to fake job offers via email, an example of a “phishing” attempt and phony emails appearing to come from a colleague targeted to senior leaders, an example of “whaling.”
According to the Cybersecurity and Infrastructure Security Agency, cyber fraud increased 20% during the first three months of 2020 as cyber criminals took advantage of the global pandemic.
Cybercrimes are costly, with an estimated $3.5 billion lost globally in 2019, according to CISA.
“Every day, our adversaries actively seek to harm our nation and its standing in the world by constantly attacking us in the cyber domain,” said DISA Director and Joint Force Headquarters – Department of Defense Information Network Commander Navy Vice Adm. Nancy A. Norton. “Whether from nation-states, cybercriminals or sport-hackers, our ability to rapidly identify and secure cyber vulnerabilities and defend our cyber terrain from threats is critical to increasing lethality and operating effectively across all warfighting domains.”
While DISA works to prevent hackers and other cybercriminals from disrupting crucial networks necessary to protect the warfighter and the nation, individuals are also responsible to ensure collective safety in cyberspace.
Tips to help guard against cyber-attacks at work and home include:
- Don’t share passwords. Don’t ever reuse the same password for work computers or mobile devices that you use on personal devices or accounts or with family or friends. If one account is compromised, passwords are quickly traded or sold on the dark web and can compromise many accounts inadvertently, for you, family and friends.
- Keep software up to date. Install all software patches so that attackers cannot take advantage of known problems or vulnerabilities.
- Run up-to-date antivirus software. Antivirus software applications can automatically detect, quarantine and remove various types of malware.
- Use strong passwords and multifactor authentication. Create passwords that will be difficult for attackers to guess, and use different passwords for different programs and devices. A strong passphrase or password consists of at least 16 characters. Use multifactor authentication, such as a text authentication or token whenever possible.
- Be suspicious of unexpected emails or text messages. Never click on hyperlinks in email or text messages, especially from unknown senders. These emails may be a phishing or whaling attempt to gain personal information, steal money or install malware on a device.
- Limit the information posted on social media. Keep Social Security numbers, account numbers and passwords private, as well as specific information about yourself, such as your full name, address and birthday.
National Cybersecurity Awareness Month, launched in 2004, is a joint effort between government and industry to raise cybersecurity awareness and to ensure individuals have the resources they need to be safe and secure while online.
For more information on cybersecurity best practices, visit public.cyber.mil.