Most people don’t think cyber-attacks are personal – until it happens to them. Today Darren asked me if I had requested a change to my direct deposit information? I had not, so he forwarded me an email where hackers spoofed my name to steal my paycheck.
I felt many things in that moment – anger stood out among them, but mostly I felt worried. A cybercriminal targeted me. They were trying to steal from me. I know that most cyberattacks are opportunistic, but this felt personal.
There’s a very good reason I felt that way – cyberattacks are personal.
These criminals use bots instead of guns or knives and wear the anonymity of the internet instead of a mask. It doesn’t matter whether they’re holding you up in an alley or holding your data for ransom – they’re trying to steal from you. What’s worse is that the digital world is their home turf, and for most people, they have the home-field advantage.
But that doesn’t mean we’re defenseless.
Know the Cyber Threat Environment
When you look around, you’ll see that cybercrimes generate plenty of headlines. Data breaches and hacks on government and large corporations feel very far from us. Even the Colonial Pipeline ransomware attack over the summer that sent some people on the East coast into panic buying gasoline didn’t really hit us at home. The attack happened to an entity, not a person, so while it made headlines, ultimately, it happened to someone else.
Except that cybercrime isn’t just something that happens to big businesses and national governments. The average person is just as much a target. And where these organizations have a dedicated cybersecurity team to secure their computers and devices, we’re on our own.
Unfortunately, that means that there are millions of vulnerable targets for data theft, identity fraud, ransomware, and more. This is the reality of the cyber threat environment in which we live.
Because cyberthreats are something people hear about but can’t identify with, most are unaware of the risks. A big reason for this is the portrayal of cybercriminals as these hooded figures typing furiously at their computer, but these only exist in Hollywood. The vast majority of cyberattacks are automated. Software programs that search for vulnerabilities in devices connected to the internet, called bots, are a cybercriminal’s preferred weapon.
Think about it, how many devices in your house connect to the internet? Computer. Mobile phone. Security system. Refrigerator. Do you even know? Each one is a potential vulnerability. If you haven’t taken steps to secure them, any one of them could be the gateway an automated bot uses to get into your home network. No hacker furiously typing at their computer required.
Being unaware of what devices and software reside on your network is like walking into a blind alley in an unfamiliar neighborhood. It only takes one opportunistic criminal there waiting to make you a victim.
Dealing With An Attack
Cyberattacks run the gambit from data theft to devastating ransomware attacks. When a large organization is under fire, they have resources with which to fight back and recover. The vast majority of individuals rarely even know they’ve been attacked until it’s too late. And then there isn’t any backup. If your computer gets encrypted with ransomware or your bank account gets drained, you’re on your own.
Phishing scams, unpatched software, and social engineering on sites like Facebook, Twitter, and TikTok are growing increasingly popular. Attackers don’t just want your information – they want information on your friends and family. Every piece of personal data has a value on the dark web, and the more they get, the more effective they can make their scams.
So while you’re struggling to recover from the attack, cybercriminals might be gearing up to put your loved ones through the same thing.
What Can You Do to Fight Back
The first thing you must do is get into the mindset that cyberattacks can happen to anyone, and they are personal. No one who is under attack wants to just sit back and take it. Being aware of the potential allows you to mount a defense. In this case, a solid antivirus program, running security updates, and watching for scams is the best way to get started.
It’s important to know where your vulnerabilities lie. You should have a list of every device in your home that can access the internet. A huge mistake people make is not changing default passwords – that should be the first thing you do. And use strong passwords. P@$$w0rd1324 is not a clever or strong password. A strong password is a twelve (12) to sixteen (16) character phrase that includes made-up words personal to you and easy to remember, so you don’t have to write it down.
Lastly, be careful where you click. Don’t fall for phishing emails that promise something too good to be true or make threats to create a false sense of urgency. Look at the “from” address on emails and if something doesn’t feel right, pick up the phone and call. Don’t click on links or download attachments you’re not expecting.
Doing these things will help to defend against the cybercriminal’s favorite weapons and, in turn, make your little corner of the cyber world a lot safer.
I’ve always had a love of working with technology, being fortunate enough to have grown up with a grandfather who taught me how to fix things for myself and not be afraid to jump in and get my hands dirty. Over the last three decades, I’ve worked as a technician, trainer, technical writer, and manager in small business, enterprise organizations, and government. In addition, I’m an author, having published multiple works available online and in print. You can find my creative work at https://WritingDistracted.com