May 3, 2021
Cyber Hygiene in 2021
As we move into the second year of the pandemic, there’s more than one virus we need to be careful about. The first being the Wuhan virus, and the second which equally destructive being computer malware(also known as a VIRUS) which is lurking into all the shadows and waiting for its prey to download a file from dubious websites or clicking that attractive lottery hyperlink in the mail.
This malware doesn’t just affect individuals like you and me, it also affects small and big businesses and even governments resulting in loss of valuable data, breaches, ransomware attacks etc. The year 2020 broke all the records related to cybercrimes, varying from data breaches to cyber-wars between governments. Last year we also saw the highest number of phishing attempts on individual users as well as large scale enterprises. The statistics showed that 97% of the users could not differentiate between a genuine and a sophisticated phishing email. We also witnessed the creation of over 1.5 million new phishing websites every month.
All these numbers point to only one thing, that is we are surrounded by cyber threats at all stages in our cyber journey. You may be a student or a working professional or a retired person, one wrong click can get you exposed to these attackers (also known as threat actors) waiting for you to make mistakes.
These Threat Actors (attackers) are
- Organized cybercriminals
- Cyber terrorists
- Inside agents and bad actors
- State-sponsored threat agents (yep that’s a reality)
- Script kiddies
- Hacktivists
- Human error
“It takes 20 years to build a reputation and a few minutes of cyber-incident to ruin it.”
- Stephane Nappo
Funny how Human Error is also marked in this list? Yes! These cybercriminals rely on your laziness, ignorance and mistakes. This is precisely the reason I am writing this article to help create awareness and inhibit good cyber hygiene. Developing these basic habits is easy and they also help in covering your attack surface. The goal is to keep this attack surface as small as possible. The basic habits for cyber hygiene are:
Be suspicious of all emails you receive:
With more and more people working from home, cybercriminals are making it a point to invade your home security and target your inbox. Make sure you check the sender and the email ID before opening any such emails. Make sure you safeguard your personal inbox as well as your corporate inbox. Usually, phishing emails show a sense of urgency, for example, your bank account is about to get deactivated. Make sure you don’t fall victim to these emails and report them as phishing. When you report these emails, cybersecurity protection algorithms analyze these emails and build stronger machine learning modules to create better protection from such emails in the future. In a way, you are not just protecting yourself but everyone along with you.
Stay away from malicious websites:
The common question here is how to make out between genuine and malicious websites. I will try to answer that question in simple terms. Firstly you need to avoid websites commonly used by attackers to spread malware. These websites include gambling, P2P (Point to Point) streaming, gaming and porn sites. Secondly, avoid downloading media like movies or music from pirated websites. Always buy licensed software from genuine websites, do not fall for free games or free software. Always check the URL, make sure you see HTTPS:// or a lock symbol.
Develop a strong password habit:
Cracking user passwords is important for cybercriminals, as many people reuse their passwords for different websites, email accounts, banking and even critical accounts. It’s easy for cybercriminals to even crack these codes by brute force, rainbow tables etc. as many of us keep easy passwords to remember, for example, name of the wife, date of birth, name of your favourite movie etc… We need to be more aware of these as even the password cracking tools are evolving with time and we need to keep ourselves safe from it. Always keep a unique and complex password containing upper and lower case letters along with symbols and numbers. I would advocate keeping at least a 12 digit long password, never reusing the passwords and updating the passwords monthly. Use multi-factor authentication wherever possible.
Take regular data backups:
Well, this surely sounds like one of the ugliest tasks, but this also plays a very important role in your cyber hygiene. Ransomware is a type of malware that locks you out of your machine and demands money in return. Hence data backups become important not only for enterprises but also for individuals. Worldwide ransomware attacks have risen 715% in the covid times. By backing up your data you can save yourself from such attacks and also save from data loss. Make a regular habit of taking data backups. Along with data backups, you should also encrypt your data.
Update software regularly:
It may be your mobile or your PC/MAC, update your software and licenses regularly and keep your machines updated to the latest security patches. Whenever a flaw (vulnerability) is found in any of the software or browsers or applications, the security developers create patches and eliminate the flaws. This helps keep the cybercriminals out of your system and protects you from cyber attacks.
Secure your router:
Routers are an important part of your network and security. Make sure you change the default passwords and usernames the router came with and keep complex and unique passwords with WPA2 or WPA3 encryption. Protecting your wifi router helps you protect your network and devices from wireless network attacks.
Deploy a strong antivirus:
This seems like the most basic cyber hygiene, right? Today cyber criminals use the same amount of sophistication used to attack big enterprises to attack your devices as well. Hence the need for a good antivirus is of utmost importance. Antivirus blocks and safeguards your machine from hidden cyber attacks. Make sure you have an antivirus on all your devices including mobile phones. Yes, even mobile phones are vulnerable to cyber-attacks.
“I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive. We’ve created life in our image.”
- Stephen Hawking
Developing these basic habits will create awareness and increase your protection by a huge amount in this new connected world. Writing this article aims to create awareness in the public domain and safeguard yourself from cybercrimes.
Sources:
- https://securityboulevard.com/2020/12/staggering-phishing-statistics-in-2020/#:~:text=More%20than%2060%2C000%20phishing%20websites,are%20intended%20for%20intelligence%2Dgathering.&text=1%20in%20every%202%20organizations,in%2073%25%20of%20these%20attacks
- https://www.securityinfowatch.com/cybersecurity/article/21207268/7-cyber-threat-actors-to-watch-for-in-2021
- https://en.wikipedia.org/wiki/Attack_surface
- https://home.sophos.com/en-us/security-news/2021/cyber-hygiene.aspx#:~:text=Hopefully%2C%202021%20will%20be%20a,strictest%20cybersecurity%20hygiene%20in%202021%2C.
- https://cyberflorida.org/covid/bitfender/
- https://us.norton.com/internetsecurity-how-to-good-cyber-hygiene.html
