Recent news headlines have brought cybersecurity into the public spotlight, showing us how vulnerable our infrastructure can be if left unprotected. Cybersecurity is a complicated topic, but one that impacts us all from large companies to every day internet usage. Knowing about the nature of cybercrime and some basic safety habits can help you prepare your devices from digital threats.
Types of Cyber Crime
Digital threats of cybercrime and cyberterrorism usually have one or more common goals: the attackers either want to steal information, steal money, or destroy/control a device. Cyber attackers will use different methods based upon their goals.
Ransomware
Ransomware, as defined by the Cybersecurity and Infrastructure Security Agency(CISA) , is “an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable”. Basically, the attacker finds a way to hold your device hostage by making it useless until you pay the ransom. This is the type of attack that recently happened on Colonial Pipeline in Texas.
This type of attack changes very frequently: Hackers find a way around safety procedures, security experts develop a new “patch” to address the issue, and hackers work hard to find a new workaround. Despite the methods used by hackers changing, there are some standard safety tips and best practices that CISA promotes for better online safety before and after a ransomware attack. That information can be found here.
Phishing
Phishing, according to phishing.org, is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords. Phishing can also coincide with “spoofing”, or creating realistic accounts of known, safe emails and websites. Sometimes hyperlinks will be slightly off versions of the real site, like substituting the letter “m” with “rn”, which may look like an m at first glance. In either scenario, the attacker poses as credible in order to make you vulnerable to divulging more than you normally would. Another potential phishing strategy is providing a link. The user clicks on the link in curiosity and malware is installed on the device. Here is one recent example of how phishing works: link.* Obvious advice is to never click on any links from unknown email addresses, but a lesser known tip is to go directly to the intended website instead of clicking on links. For example, if the email is from your bank, type your bank’s website out instead of clicking on the link. More resources and tips, as well as a quiz on your own safety knowledge, can be found at phishing.org
Hopefully you never stumble upon any of these cyberthreats, but remember, if it’s suspicious, trust your gut, and always keep your software up to date.
Stay Safe, McDonough County!
*PS. Did you click all the links? You might have found a funny one hidden in there. That’s just one example of how many people fall for phishing scams. Think to yourself: If it has the potential to Rick Roll you, it has the potential to phish you 😉