Reminder of cybersecurity fundamentals

Reminder of cybersecurity fundamentals

In light of recent events in Europe, you may have questions and concerns about cybersecurity. Am I or is our organization more likely to come under attack? Am I at greater risk? 

We don’t have all the answers, nor do we know what will happen next. However, continuing to focus on cybersecurity fundamentals is key to protecting yourself both at home and at work/school.  While the sense of urgency may have changed, how cyber attackers target us has not. Here are the fundamentals upon which to focus:

  1. Phishing: Phishing and related scams are when cyber attackers attempt to trick or fool you into doing something you should not do.  Often these scams are sent as emails, but they can also be text messages, phone calls, or social media posts. Anytime someone is creating a tremendous sense of urgency and rushing you to take action, or someone is promoting an offer that sounds too good to be true, it is most likely an attack.
  2. Passwords: Strong passwords are the key to protecting your online, digital life. Make sure each of your accounts is protected by a unique, long password. The longer your password the better. To keep it simple, use passphrases, a type of password made up of multiple words like “honey-butter-happy” or combinations using numbers instead of certain letters like “Spr1ngT1m3Fl0w3r5”. Can’t remember all your passwords? Neither can we. That is why we also recommend you use a Password Manager such as Last Pass to securely store all your passwords. Finally, whenever possible, enable Multi-Factor Authentication (MFA) on your important personal accounts as we have for GC accounts.
  3. Updating: Keep your personal computers, devices, and apps updated and current by enabling automatic updating on all your devices. Cyber attackers are constantly looking for new vulnerabilities in the devices and software you use. Keeping them automatically updated makes sure these known weaknesses are fixed and your devices have the latest security features.
     

In addition, there is going to be a tremendous amount of false information spread on the Internet. Do not trust or rely on information from new, unknown, or random social media accounts, such as posts on LinkedIn, Instagram, Facebook, or Twitter.  Many accounts on these sites were created for the sole purpose of putting out fake information. Instead, follow only well-known, trusted news sources that verify the authenticity of information before they broadcast it. Finally, if you wish to donate to any causes in support of recent events, make sure you are donating to a well-known, trusted charity. There will be many scams attempting to trick people into donating to fake charities run by cybercriminals.

Continue to focus on the fundamentals you have learned from in our Cybersecurity Awareness Training, and you will go a long way to protecting yourself, no matter who the cyber attacker is.  Contact iso@gcsu.edu if you have questions.

Updated: 2022-03-07
Hance Patrick
iso@gcsu.edu
(478)-445-6354
Information Technology