Cyber security is a confusing topic if you are not an IT specialist. And I am by no means an IT specialist, but I do understand the importance of protecting your data. Cyber security is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. It includes stuff like hacking and the physical protection of data (e.g. when your computer crashes).
So then my big question to you is this – what have you done to protect your data from
- cyber perspective (i.e. free from hacking) and
- physical (such has when your computer crashes.
Of course a lot of these issues are usually covered by your IT department.
It is reported that cybersecurity awareness can reduce infection risk up to 70%! You need to be aware of what could potentially attack your machine and how. Don’t ignore those emails that come from your IT department. Take note and report anything that may be suspicious with emails received.
And in light of this statistic, I have decided to present to you Cyber security 101.
Phishing emails and links (Hacking)
Why do people hack machines? Most of the time its to get information. In my case, I had a student that hacked my email right before exams, emailed a lecturer and ask the lecturer to send the exam paper to me. I nearly fell off my chair when I received an email from the lecturer responding to “my email” to tell me he couldn’t email it immediately (thankfully) but would do so when he was able to.
One of the common ways that people hack your machine is through phishing. Spear phishing is a targeted phishing campaign that appears more credible to its victims by gathering specific information about the target, and thus has a higher probability of success. It is often a website that looks real that requires your information but is actually not real. And I understand, it happened to me – you are busy, you get an email, you open it, you click, click click and you carry on because yes, we are VERY busy! And then you find out you were hacked! And when you investigate you realise you clicked on a link that looked real but when you notice the website address… it’s some funny address that has nothing to do with your companies address. But it looks real.
So, I want to encourage you to train yourself to have a quick glance at any website address when you open an email or a link.
Viruses and Malware
Malware can be defined as malicious software or code that typically damages or disables, takes control of, or steals information from a computer system. Broadly includes viruses, worms, Trojan horses, logic bombs, rootkits, bootkits, backdoors, spyware, and adware.
How to you get infected with a virus or attacked with malware? Some ways include:
- File transfer apps
- Instant messaging
- Webmail
- Social media platforms
- Microblogging
- Workflow and collaboration applications
Why do people create viruses?
There are hundreds of thousands of viruses out there (if not millions) and they often designed for different objectives. Most of them fall under the following categories:
- To take control of a computer and use it for specific tasks
- To generate money
- To steal sensitive information (credit card numbers, passwords, personal details, data etc.)
- To prove a point, to prove it can be done, to prove ones skill or for revenge purposes
- To cripple a computer or network
So how do you protect yourself from all these cyber attacks?
- Install anti-virus/malware software. Make sure your IT department has installed the latest antivirus software to protect your machine.
- Keep your anti-virus software up to date.
- Run regular scans with your anti-virus software. Set up a reminder to do this at least once a month. Use google calendar to remind you! Set your anti-virus software to run on a specific night, and always leave your computer running on that day. Make sure it doesn’t shut off automatically or go into hibernation mode.
- Keep your operating system current. Speak to your IT department to make sure they install the latest version of Microsoft or whatever you are running.
- Secure your network. Make sure your password is strong. Use letters, numbers, caps/non caps and symbols. It may seem painful but to have someone hack in your machine or dump a virus to wipe out all your work is possibly even worse!
- Think before you click. BE aware of all links that you open, check what you are opening. My new rule is to forward all suspicious emails to my IT department first to verify if it is safe to open or not. Rather safe than sorry.
- Keep your personal information safe. Many hackers will access your files not by brute force, but through social engineering.Be careful of what you share on social media. Lock down all of your privacy settings, and avoid using your real name or identity on discussion boards.
- Don’t use open WiFi when you go have coffee at a coffee shop. Don’t use the “free” open (non-password, non-encrypted) Wi-Fi. Think about it. If you can access it with no issues, what can a trained malicious individual do?
- Back up your files. Have your files in at least three places. Four is even better as discussed last week on Techno Tuesday.
- Use multiple strong passwords. I know its easier to have one standard password but if someone gets that one password they can access everything you have! And especially do not EVER use the same password that you use for banking!
So there you have it. Cyber security 101… stay safe guys!
Written for OPSA by Marié Mieny
Marié Mieny is an administrator within the School of IT at Monash South Africa (MSA). She has been at MSA for 13 years of which 7 years have been in the School of IT
Marié has a reputation for revolutionising the mundane tasks she is given by using technology to make her very efficient and effective in her job. As a result her school is one of the top schools at MSA with a reputation of being highly organised and effective.
Marié has two honours degrees – one in Criminology and one in Psychology. She plans on doing her Masters in the near future