Other Ideas
OTHER THINGS TO CONSIDER
STEPS YOU MAY WANT TO TAKE AFTER A CYBER ATTACK
INCREASE YOUR AWARENESS OF AND BE CAREFUL ABOUT WHAT INFORMATION YOU SHARE ABOUT YOURSELF
QUESTIONS
NOTES
Thank you for the opportunity to share these ideas with you.
Backup info reviews: https://thewirecutter.com/reviews/best-online-backup-service/
- Think twice about what you share on social media, once its out there, you no longer own it, nor have control over information that can be used to trick you into giving out login information to one or more of your accounts, or use information against you. To learn more go back to the Security page and touch links under the Social Media category.
STEPS YOU MAY WANT TO TAKE AFTER A CYBER ATTACK
- Monitor your credit report, banking and credit accounts.
- Put a temporary freeze on your social security account.
- Put a temporary freeze with your credit reporting.
- Change affected account passwords, use 2 step verification if available, use the 10 steps shown above.
INCREASE YOUR AWARENESS OF AND BE CAREFUL ABOUT WHAT INFORMATION YOU SHARE ABOUT YOURSELF
- Information about you can be used to construct a focused crafted attack via social engineering. Social engineering happens when a person impersonates a trusted business, government entity, work place, a representative of an account you hold, or even a friend to trick you into giving out login information, or get you to take some immediate action such as clicking on a link.
- Professional work related networking sites contain information important to your work life. That being said this same information is also useful to craft a cyber attack, and can be used to profile you, where you work, what your job title is, what your responsibilities are, who your boss is, or who works for you, this includes email naming conventions relating to a particular business or other entity. Be on the alert for Social Engineering attempts.
- Social media sites with pictures and posted comments all form a personal picture of you, your personal preferences such as things you like or dislike, your opinions about a subject, who some of your friends are. All of this can be used to profile you and craft an attack to get you to act immediately, or get information from you by posing as a friend, a business associate, or a recognized business or government agency. Again be on the alert for Social Engineering attempts.
- Your work place web site already has valuable information about management structure, contact information, and possible links to information about businesses worked with. In other words information can be gathered from a business you work for or have a business connection with to gather information about email structure, management hierarchy, business titles, contact information. all to construct a social engineering attempt to trick someone in your business to give out access or other important information while appearing to come from a trusted source. Be on the alert for Social Engineering attempts.
- Whether you are a CEO or a new employee, each person is a potential target for a cyber attack. Attempts directly targeting high level personnel or spear phishing, seek to get some vital piece of a puzzle to gain access or accesses. The same goes with personnel at a lower level, these attacks can be used to get information to solve a puzzle to build other attacks to escalate access privileges.
- Compromised email accounts can contain sensitive information of value to be used to solve the puzzle of how to craft an attack to trick you into sharing sensitive information, or implement a desired action designed by a cyber attacker.
- Information of value can include social security numbers, banking information, credit card numbers, 3 digit security codes. 2 step verification codes, user names, passwords, birthdays, information about your past to construct answer for security questions. Some of these can be found interestingly via researching your social media.
- Individuals and organized groups are dreaming up and finding ever sophisticated ways to create crafty cyber attacks, many of these attempts are automated. Yes I said automated, a task being performed by a software program.
- In an endeavor to increase the believe-ability of social engineering the use of AI or Artificial Intelligence is being employed to replicate a known persons voice, such as a CEO, or a director in an organization aimed at specific persons at the right time to get sensitive information. Do you challenge strangers at the door? How about challenging strangers on the phone, or email, text, voicemail. What if the contact seems to be an important person in your organization. They will never ask for sensitive access information, private, personal, business, or corporate. Validate requests your not sure about via official channels.
QUESTIONS
- Does your business have internet, computer, laptop, and mobile device policies or an understanding of practices? Why not?
- Does your business offer scheduled cyber security training, to keep up with changes, or inform new employees?
- An other issue to consider is cyber attack liability. If another business that your business has a relationship with gets hacked due to low security standards in your business, you may find your business named on a list of possible causes that contributed to the event. I am not an insurance agent, nor an attorney, and this is not meant as insurance or legal advice. That being said you may want to talk with your insurance agent and or attorney about this for direction.
NOTES
- A cyber attack is like solving a puzzle, it has many pieces that fit together to form a picture. That picture can be figuring out who you are, where you live, what you do, what you like to do, and numerous personal information. It can lead to finding ways to get something of value from you, your business, or the business you work for. That can be anything of monetary value, account access, medical information, information to manipulate perceptions, gain insider business information, or trade secrets. When you have a lax position on cyber security, you make it easier to solve the puzzle of forming a picture of you and you may find yourself a target of interest, or a piece to a puzzle to target someone else. When that picture is formed you may well find yourself, your business, or someone you know a victim of cyber crime.
- Following these practices can help reduce the chance of you becoming an easy target for a cyber crime, and cause that person or persons behind an attack to look elsewhere for an easier target.
- Be vigilant, do question, increase your knowledge and awareness, and please talk with and increase awareness of these topics with your friends and colleagues.
Thank you for the opportunity to share these ideas with you.
Backup info reviews: https://thewirecutter.com/reviews/best-online-backup-service/