It's that time of year again - ghosts, goblins, and witches show up at parties, in your office decorations and all over your TV. With Halloween around the corner and pumpkin spice recipes flooding your timeline, you can feel autumn is in the air. Even though there may be things that go 'bump' in the night this spooky season, cybersecurity doesn't have to be scary. Each October, we commemorate National Cybersecurity Awareness Month (NCSAM), a time where we learn more about cybersecurity best practices and also encourage others to be safer online. Here are some spooky cybersecurity myths and how to break them in your own lives.
Myth: Passwords don't matter in the end.
Truth: Passwords definitely matter, and multi-factor authentication and password managers are good tools to further protect your accounts. Visit https://www.lockdownyourlogin.org/ for more information on multi-factor authentication.
Myth: Cybersecurity jobs are only for those with a computer science or math degree.
Truth: Cybersecurity jobs are for everyone,regardless of what you may have studied in college. To learn more about cybersecurity careers in your area and ways to get started no matter where you are in your career or education, visit https://niccs.us-cert.gov/.
Myth: There in no way to protect yourself from cyber criminals.
Truth: Oftentimes, simple proactive steps toward better cybersecurity in your life can be your best and easiest defense against cyber criminals. Just like the legend states that a vampire cannot come into your home unless invited, do not invite cyber criminals into your life even inadvertently. Do not give away personally identifiable information online or over the phone unless you verify that you are communicating with a reputable source or business. Hover over all links in emails to ensure that the link goes to the correct website before clicking on them.
Check out the STOP. THINK. CONNECT.™ Internet Scams Tip Card to learn more.
Myth: You can update the software on your technology whenever your feel like it. There's no rush!
Truth: Make sure you turn on auto updates or update your system and applications as soon as the notifications pop up. Updates help not only make your apps often look more visually appealing, but updates also patch systems from known vulnerabilities, so it is important to stay on top of these notifications.
As October comes to a close, cybersecurity can and should be practiced year-round. Every single person has a responsibility to stay safe online during this spooky season. We need to work together to secure our cyberspace. Be aware of the dangers looming on the Internet throughout the year. Visit https://www.dhs.gov/ncsam and https://www.dhs.gov/stopthinkconnect to learn more about NCSAM and staying safe online.
Did you know?
- A family’s posts to keep friends up to date on their vacation led to their home being burglarized while they were away.
- New computer viruses and Trojans that successfully target information on social networking sites are on the rise.
- Information on social networking sites has led to people losing job offers, getting fired and even being arrested.
- Social networking sites have become a haven for identity thieves and con artists trying to use your information against you.
- Several kidnapping, rape and murder cases have been linked to social networking sites where the victims first connected with their attackers.
- According to the Al Qaeda Handbook, terrorists search online for data about government personnel and all matters related to them, such as their residences, work places, times of leaving and returning, children and places visited.
Daily social media interactions
- Never accept a friend request from someone you don’t know, even if they are “a friend of a friend”.
- Never share information on social media you don’t want to become public. If you aren’t comfortable placing the same information on a sign in your front yard, don’t put it online. Once you post something, you can’t control where it goes.
- Be aware that you could be targeted based simply because of your connection to the military.
- Providing too much information in your profile can expose you to identity thieves. Be cautious when listing job, military organization, education and contact information.
- When using social media, be cautious to not post personally identifiable information or any information about your Sailor’s job or mission that could damage Army operations.
- Think about what you’re posting before hitting share. Many times you can avoid releasing sensitive information by simply rephrasing your posts.
- Make it a point to understand how to use, adjust and update the privacy settings on social media sites.
Social media concerns for military families and Family Readiness Groups
- Navy spouses and Navy family members need to know that posting sensitive information can be detrimental to Sailor safety.
- Always assume that our adversaries are reading every post made to a social media platform. Ensure that information posted online has no significant value to those adversaries.
- Even seemingly innocent posts about a family member’s deployment or redeployment date can put them at risk. Small bits of information can be assembled to make big pictures.
- The best way to protect kids online is to talk with them. Be honest and open and educate them early about online risks.
Some additional tips for staying safe
- Adversaries prefer to go after easy targets. Keep your computer security up to date and make yourself a hard target.
- Never log in from risky locations. Public networking sites may not offer secure login. If you log in from a hotel, cyber café or public hotspot your name and password can be captured at any time.
- Do a search for yourself. If too much data comes up, you should consider adjusting your profile and settings on sites you use frequently.
- Don’t trust add-ons: Plug-ins, games and apps are often written by users, not the sites they’re offered on. Malicious authors can easily gain access to your data once you install their programs.
- Remember that search engines make it easy for adversaries to find what they’re interested in.
- Use different, strong passwords for each online account, and never share your passwords.
- Don’t depend on social media sites for confidentiality: Even social media sites that aren’t open and public by design can become so due to hacking, security errors and poor data management practices. In some cases a site’s terms of service explicitly gives the site ownership of all your posted content.
- Treat links and files carefully. Social engineers and hackers often post links in comments that try to trick people into downloading an “update,” “security patch” or “game.”
