The internet hasn’t just made the world a small village, but it has also opened us up to challenges that have never been faced before.
Cybersecurity is the most concerning matter as cyber threats and attacks are becoming more and more common.
Today, attackers are using very sophisticated and innovative techniques to target computer systems. And their targets aren’t just government sites or large companies. Many individuals and small businesses find themselves under attack. To make things even more complicated, keeping pace with cybersecurity issues and best practices can be a challenge.
Nevertheless, the cybersecurity threats that made headlines recently include: massive data heists, social media breaches of several public figures, and universities hit by ransomware attacks. Celebrity Twitter accounts, technology leaders, and politicians were compromised, leading to unintended and inappropriate usage of their accounts. Bad actors can create fake websites to steal personal sensitive information or lure people into clicking or downloading malicious files, while harvesting their personal identifiable information (PII) or financial data without permission.
Signs of a cyber incident: How to know if you have been hacked or phished
Put broadly, a cybersecurity incident is any event that leads to the exposure of sensitive data. According to the 2016 Cisco midyear report, the average time for a business to discover security threats takes 100 to 200 days. For individuals, it can sometimes take longer.
In best case scenarios, victims of cybersecurity attacks react fast to secure accounts. That’s why understanding (and taking action) on the first signs of cyber incidents is a good way to protect personal data and other critical information.
The following are the most common signs of cyber incidents and should act as red flags:
Files modification: if you recognize any changes in your important files such as: remove, replace or alter, which could indicate that there is a cybercriminal who has been gaining unauthorized access to your system without your knowledge.
Slow network or internet connection: if you notice that your device performance is slower than usual, it could be an indication of hacking attempts against your computer system, which could lead to a spike in the network traffic.
Phishing emails: Phishing attacks happen when threat agents are performing fraudulent attempts to steal sensitive information. They deploy botnets to send emails or post malicious URLs on social media. Then when you click an infected link, the bot collects sensitive information about you without your knowledge. This identifying information allows a cyber criminal to impersonate you and then use your identity to access sensitive accounts (like banking info and personal contacts).
Phishing attacks continue to be one of the biggest digital threats. Suspicious emails are one of the most common techniques that are used to compromise individual and business security. These types of phishing attacks are usually associated with brands that people trust or know especially those who are involved with payment refunds. They may look just like the usual email but they can be detected by checking the email address, reviewing the spelling and grammar of the word, and making sure the email just generally looks legitimate.
Device tampering. if you notice that your device suddenly turned off then came back to normal, it could indicate an attempt of unauthorized access. If you suspect that your device has been compromised for any reason, then have it checked out before accessing sensitive information.
Unusual activity: if you see strange password-related activity related to your password, like receiving a strange request link to reset your password, that’s an obvious sign that you are a victim of a cyberattack. The best way to handle this issue by changing your password immediately using a mix of uppercase, lowercase letters, and numbers (or consider using a trusted password manager).
Login failure attempts: If you are unable to log in as normal to your account that could be a red flag of being compromised. If this happens, try resetting your password and logging back in. If that fails, be sure to contact the service you are trying to log into and alert them to the fact that your account might be compromised.
Ransomware attacks: This is a type of malware (or damaging piece of software), which can take control of a system or data, or generally infect a computer and affect performance. In a ransomware attack, a hacker will encrypt your sensitive data documents, spreadsheets, or other files stored on the system with a key known only to the malware author. Once encrypted, you will not be able to gain access to their files.
You might also receive threatening pop-up messages warning that the files will be permanently deleted unless a ransom is paid within a specific timeframe. You will then be forced to pay a ransom in exchange to regain access to your files. WannaCryis one example of a high-profile ransomware attack that affected more than 200,000 computers worldwide with an estimated cost of hundreds of millions of dollars.
DoS (Denial of Service) attack is an attempt to overwhelm the computer systems or server by flooding network traffic with a high frequency of HTTP requests, which slows down the server’s performance and subsequently crashes it. Then the targeted server is unable to respond to authorized traffic. A DoS attack is resource consumption, which has the goal of disrupting legitimate activity on a victimized computer.
There are two forms of denial of service: Attacks exploiting a vulnerability in hardware or software. This exploitation of weakness or standard feature of software intends to cause a system to linger, freeze, and devour all system resources. The end result is that the victimized computer is unable to process any tasks. The second kind of DoS attack floods the victim’s communication traffic with garbage network traffic.
The end result is that the targeted computer is unable to send or receive communications over the network, which causes the system to be denied from performing normal services. The primary intention for launching DoS attack is to prevent legitimate activity on a victimized system by exhausting CPU and memory of the system, and subsequently the service becomes unavailable. This could lead to ,for example, to a money loss on e-commerce sites or delays on students’ class registration.
Five steps for better cybersecurity practices
Individuals are susceptible to cyberattacks in their everyday digital activities. The following items are necessary steps that should be taken to prevent cyber threats:
Step 1: Perform periodic software patches and updates
Patching refers to fixing vulnerabilities or correcting computer bugs in the software. Even though vendors frequently write code fixes and release patches, these patches are useful only if they are applied. Many security incidents occur simply because patches were not implemented. For example, the attack on Equifax in May 2017 exploited a vulnerability in an Apache Struts web application that could have been patched back in March. It’s recommended to keep software up to date and install all recommended updates.
Step 2: Safe browsing
Safe browsing refers to using best practices when surfing the internet; some websites use deprecated cryptography with weak ciphers or invalid certificates that are easy to crack, which allow the cybercriminals to obtain the transmitted data in clear text. It is important to note that data entered in websites could be intercepted by criminals, especially when entering passwords or making online payments. One of the best practices to enjoy safe browsing is to use a browser extension called “HTTPS Everywhere”. This will help enforce data encryption at motion. The page won’t render if the website supports deprecated or expired SSL or TLS. Another best practice is to block web ads by installing Ad blocker extensions in the browser you are using such as AdBlock for Google users or AdblockPlus for all internet browsers. These web ads collect browser cookies and session information to provide targeted marketing campaigns. Adding this extension will stop ads from collecting your information.
Step 3: Protect your data
Cyber attacks happen to people every day in the digital world. And sometimes cyber attacks start with a physical security issue. If a laptop is stolen or lost, then personal information or financial records can be accessed even with password protection. Files can be copied off the laptop or mobile phone. It’s recommended in this case to make regular backups of all important files and keep them on dedicated servers that are isolated from the network segments used for day-to-day operations. Encrypt all sensitive information using software tools and use two-factor authentication to decrease the chance of a hacker gaining unauthorized access to devices.
Step 4: Use strong passwords
Passwords are used to access computers or systems and they are the weakest form of authentication for many reasons:
- Users tend to choose easy passwords to remember them and therefore easy to guess or crack.
- Attackers discover weak passwords through many ways including brute force attacks, sniffing networks, and stealing databases that contain user information.
- Passwords are sometimes transmitted in clear text or with easily broken encryption protocols. Attackers can capture these passwords with network sniffers.
- Hackers can discover weak passwords using a password guessing mechanism
It is important to use a strong password consisting of at least eight hard-to-guess letters, numbers, and special characters. and secure one by setting up multi-factor authentication.
Be sure to reset all default passwords with stronger ones that are unique and meet strict password policy requirements. Set a unique password across websites, email accounts, and systems that you use. It’s advised to reset all passwords at least twice a year, or even better, every two to three months.
Step 5: Install anti-malware and antivirus
Anti-malware is a piece of software designed to scan, detect and delete viruses or signs of hidden malware. There is a type of malware called trojan horse, which uses social engineering tactics to trick the victims into installing it without their intent. The trick is to make the victims believe that the only thing they have downloaded or obtained is the intended file, when in fact it has a malicious hidden payload.
Protecting your computers with appropriate anti-malware software is an important aspect of securing computers. Attackers regularly release new malware and often modify existing malware to prevent detection by anti-malware software. They normally develop new and modified malware or viruses to evade vendors’ anti-malware protection so they can steal sensitive data or collect financial data.
Therefore, it’s recommended to install antivirus software, which provides runtime protection and coverage against viruses, adware/spyware, and other malicious software. It also provides the ability to detect and block incoming threats across diverse data streams: email, web traffic, network traffic, file storage, and web portals. The antivirus or anti-malware should be able to check files both in real-time and automatically re-scanning files when signature-based rules are updated in the vendor database to detect previously unknown threats.
Be proactive in your cybersecurity
In short, as the internet continues to grow, the number of attacks are increasing in the digital world. The prevention of cyber attacks starts with a proactive approach. The early detection of security red flags will help mitigating the damage and preventing any further attacks. It will also help protect personal information and privacy against threat agents. Be mindful to use the above steps to minimize the likelihood of cyber attacks when surfing the internet.