October is recognized across the U.S. as National Cybersecurity Awareness Month, making it the ideal time for all of us to refresh our awareness about the importance of cybersecurity, about the tools and resources available to stay safe online, and about the ways we can all help to increase the resiliency of the nation in the event of a cyber incident.
With the advances of technology, cybersecurity has a huge impact on all of our lives. No longer does the phrase “cyber” only apply to computers. It now also includes smart phones, Fitbit watches, televisions, and even some of our children’s toys. If an electronic device connects to another electronic device through a wireless or Bluetooth connection, it is vulnerable to being hacked or effected by malicious software.
Bluetooth technology enables the use of wireless devices like headsets, keyboards, printers and fitness trackers. Unfortunately, adversaries can use this technology to monitor your location and even your phone calls, reports CI Awareness 2015. They can even place calls and access your data. If you use Bluetooth, assume that others can hear your conversations. It is up to each and every one of us to do our due diligence to ensure all our electronic devices are properly protected by using the proper security settings or software required to lower the risk of a hack or breach of our information contained on the devices.
Passwords are your first line of defense for protecting your information. The stronger your password is, the harder it is for someone to guess or crack. Strong passwords are comprised of upper and lower case letters, special characters and numbers. Using pet or family member names or special dates like birthdays or anniversaries, or common strings of numbers or letters make your password weak and easy to guess. Some of the most common passwords used in 2017 were: 123456789, qwertyuiop, 123123123, and of course, the word “password.”
Passwords should be changed on a regular basis and the same password should not be used on multiple accounts or applications. Passwords should not be written down but should be easy for you to remember. One method is to use the first letter of each word in a sentence that is easy to remember. For example, “I work @ Redstone Arsenal in building 5300.” The password would be, “Iw@RAib5300.” This is a good combination of letters, numbers and special symbols, and is easy to remember. Also, remember that passwords to classified accounts or information are also classified.
Social media is one of the fastest growing applications for staying in touch with family and friends. When using social media, ensure you have all your privacy settings set to the highest level of privacy. For example, on Facebook, set your settings to “Friend” at a minimum. This helps to protect the information you are posting from being accessed by individuals you don’t know. Also, only accept requests (friend, connect, followers…) from individuals you actually know. It is also a good idea to purge your friend list periodically and remove individuals you don’t regularly stay in contact with. The larger your friend/connections list is, the more chances you have of your personal information getting breached.
Finally, you should be able to recognize bogus emails and scams for what they are really are — fraudulent ways to gain access to our personal financial accounts. We have all heard of the prince of some Middle East country that has $100 million dollars he needs to get out of the country and wants you to hold it in your account for a specified amount of time. If you do this for him, he will give you $1 million dollars for your trouble.
In reality, if you provide your account information, all you get is a zero balance after scammers clean out your account. Email scams have evolved to appear to be very legitimate, but there are clues that indicate they are scams, such as misspellings or missing punctuation, the use of a suspicious email address for the return address, or the absence of an official letterhead or logo.
Some examples may appear to be from your bank, credit card company or social media account requesting you click on a link to update your information. The link will take you to what appears to be the correct site, and once you put in all your personal information, they use it to steal your identity. If you receive one of these emails, never click on the link provided, and always delete the email from your computer. Instead of using the link to the site that is listed in the email, only use the official link you normally use, or contact the organization the way you have done in the past to verify if there is a problem.
There is no guarantee that your accounts will never be subject to a cyberattack. But, if you follow these tips, you will be more fully protected from the cyberattacks that can threaten your financial and personal security.
For more information, visit:
• Army Research Lab
• Army News Service