Know the Risks
Cyber security, phishing, worms, firewalls, Trojan horses, hackers, and viruses seem to be in the news every day. Plus warnings to update your virus protection, watch out for online scams, protect your privacy, and watch what you click on are everywhere. But what does it all mean? And what can you do to safeguard access to your computer and to protect yourself and your family? What is this all about?
The first step in protecting yourself is to recognize the risks and become familiar with some of the terminology associated with cyber security. The Department of Homeland Security created this list of terms: Hacker, attacker, or intruder - These terms are applied to the people who seek to exploit weaknesses in software and computer systems for their own gain. Although their intentions are sometimes fairly benign and motivated solely by curiosity, their actions are typically in violation of the intended use of the systems they are exploiting. The results can range from mere mischief (creating a virus with no intentionally negative impact) to malicious (stealing or altering information).
Malicious code includes code such as viruses, worms, and Trojan horses. Although some people use these terms interchangeably, they have unique characteristics:
- Viruses - This type of malicious code requires you to actually do something before it infects your computer. This action could be opening an email attachment or going to a particular web page.
- Worms - Worms propagate without you r doing anything. They typically start by exploiting a software vulnerability (a flaw that allows the software's intended security policy to be violated). Then once the victim computer has been infected, the worm will attempt to find and infect other computers. Similar to viruses, worms can propagate via email, web sites, or network-based software. The automated self-propagation of worms distinguishes them from viruses.
- Trojan horses - A Trojan horse program is software that claims to do one thing while, in fact, doing something different behind the scenes. For example, a program that claims it will speed up your computer may actually be sending your confidential information to an intruder.
- Spyware - This sneaky software rides its way onto computers when you download screensavers, games, music, and other applications. Spyware sends information about what you're doing on the Internet to a third-party, usually to target you with pop-up ads. Browsers enable you to block pop-ups. You can also install anti-spyware to stop this threat to your privacy.
Back to Top
Minimize Access to Your Information
It is probably easy for you to identify people who could gain physical access to your computer—family members, roommates, co-workers, members of a cleaning crew, and maybe some others. But identifying the people who could gain remote access to your computer becomes much more difficult. As long as you have a computer and connect it to a network or the internet, you are vulnerable to someone or something else accessing or corrupting your information. Luckily, you can develop habits that make it more difficult.
Lock or log-off your computer when you are away from it. This prevents another person from waiting for you to leave and then sitting down at your computer and accessing all of your information.
To be really secure, disconnect your computer from the Internet when you aren't using it. DSL and cable modems make it possible for users to be online all the time, but this convenience comes with risks. The likelihood that attackers or viruses scanning the network for available computers will target your computer becomes much higher if your computer is always connected.
Evaluate your security settings. It is important to examine your computer's settings, especially the security settings, and select options that meet your needs without putting you at increased risk. Many, but not all Internet providers offer free security software. If you don't receive free software, you should consider buying a commercial product that includes virus scan, firewall, and pop-up blockers. You should also be aware of your Internet cookies setting. Cookies are short pieces of data used by web servers to identify users. Some cookies are useful for storing images and data from websites that you frequent, but others are malicious and collect information about you. You'll have to decide how much risk from cookies you can accept. Finally, if you install a patch or a new version of software, or if you hear of something that might affect your settings, reevaluate your settings to make sure they are still appropriate.
Look for signals that you are using a secure web page. A secure site encrypts or scrambles personal information so it cannot be easily intercepted. Signals include a screen notice that says you are on a secure site, a closed lock or unbroken key in the bottom corner of your screen, or the first letters of the Internet address you are viewing changes from "http" to "https."
Back to Top
Protect Your Accounts with 2 Factor Authentication
Two factor authentication on websites is an easy and effective way to secure your online accounts. You still enter a username and password when logging in, but there is an additional step. The website will either send a text or call you with a unique, short single-use code that you will type in on the login page. You don’t have to remember or record this code or download any software. And even if a hacker steals your password, they will not be able to access your account without access to your phone to receive the text message or phone call with the code.
What if Your Online Privacy is Compromised?
If you believe you might have revealed sensitive information about your organization, report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity.
If you believe your financial accounts may be compromised, contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account.
Check your credit reports for unusual activity.
Report your situation to local police, and file a report with the Federal Trade Commission.
Protecting Children Online
The Children's Online Privacy Protection Act requires commercial websites to obtain parental consent before collecting, using, or disclosing personal information from children under 13. For more information, contact the FTC about Children's Privacy.
Back to Top