Home or business, there are now daily threats to your network. In the era of automated bots, the days of thinking that you are not important enough to hack are well and gone. The FBI has issued a warning that ransomware attacks are indiscriminate and high impact. This means that anyone with personal or financial information online is a target.
For a long time now, the public has maintained a romantic notion of cybercriminals targeting people and organizations with complex hacks that defeat each successive level of security to get at protected information.
While this makes for a great Hollywood script, the truth is far more mundane.
The vast majority of cyber hacks result from stolen credentials, typically purchased in mass on the dark web. We only have to look back to the Colonial Pipeline ransomware attack to see a recent example. You would think that a company forced to pay out a ransom of $4.4 million, initiating a gas buying panic, would have taken more than a stolen password linked to a VPN account purchased as part of a batch of leaked passwords, yet here we are.
How Do Cybercriminals Get That Data?
Most often, the information cybercriminals acquire comes from people who don’t believe they are important enough to be targeted. Whether it’s changing passwords, putting everything in those bins to be x-rayed before getting on an airplane, or going through a metal detector, people see security as inconvenient.
Cybercriminals steal more than a million passwords per day, yet whenever we advise changing a password, it’s invariable met with frustration or pushback. The simple truth is that given the option, most people will skip security protocols whenever possible.
It is primarily a lax attitude towards cybersecurity that allows cybercriminals to acquire the personal data used in attacks. By understanding threats to your network, you can fight back.
Know the Vulnerabilities
We all have a lot on our plates; because of that, network security can fall by the wayside. Just as you wouldn’t let a roof leak ruin your house or store money in a broken safe, making network security a priority will help protect your financial stability.
Always start with where sensitive information is stored and put security measures in place. These can vary based on a variety of factors, but regardless of home or business, you should:
Use Strong Passwords – this includes the use of 2-Factor Authentication wherever possible. Passwords are literally the keys to internet locks. Using a weak password is akin to putting a plastic lock on your door.
Limit Access to Your Network – determining who can access your network starts with setting a strong password and providing different levels of user access. Determine who needs access to which areas and whether they need read, write, or edit rights. On a home network, this is especially important for securing personal finances.
Secure Your WiFi – when you give open access to your WiFi, it is an invitation for trouble. In addition to being protected with a strong password, it’s best to hide your primary WiFi and provide guests with access on a separate network. Almost all routers nowadays have an option for a Guest network.
Taking these actions puts you on the path of network security, but we don’t stop there.
Use Layered Security
No one security protocol will protect you against all the cyber threats out there. It is best to take a layered approach, but that is not anywhere near as difficult as it sounds. Earlier, we mentioned using 2-Factor Authentication along with strong passwords – this is exactly what we mean by a layered approach. By adding an additional layer of security, you are still protected if one aspect of the security gets exposed.
AntiVirus – at this point, we all understand the need for antivirus, but we have trouble with the followthrough. Too many people allow their antivirus subscriptions to lapse or fail to perform database updates. An outdated antivirus program poses more risk than not having one at all because it provides a false sense of security.
Update Hardware – some of the most significant risks out there come from old or ignored computers and network equipment. Sure, that 10-year-old router might still work, but if it’s not getting security updates, there may be vulnerabilities that allow attackers to exploit your network. Replacing end-of-life hardware is just as important as performing timely security updates.
Encrypt Your Data – there are many types of encryption available for folders, hard drives, and removable media. Encryption protects the data from being accessed if it’s stolen and works so well that cybercriminals employ it with ransomware attacks.
Backup Often – no matter what else happens, you can always get back up and running so long as you have a good backup. It’s the key component of any disaster recovery plan and the best practice we can recommend.
By adding these layers, you have the technical protection you need in the current cyber threat environment, but there’s one more thing you can do.
Whether we’re talking about awareness training for employees or just learning how to recognize phishing emails, accepting that there are cyber threats out there posing a danger to you is an essential part of being secure. Social engineering is the term used for tricking people into falling for cyber scams. It can be initiated by email, accepting a friend request, or even sharing a post, or responding to phone calls and text messages.
Don’t take anything on the internet at face value. Cybercriminals like to use fear, excitement, and anger to get their victims to click on links. Threats, free gifts, and hate speech are their most effective tools. The more aware you are, the safer you will be online.
I’ve always had a love of working with technology, being fortunate enough to have grown up with a grandfather who taught me how to fix things for myself and not be afraid to jump in and get my hands dirty. Over the last three decades, I’ve worked as a technician, trainer, technical writer, and manager in small business, enterprise organizations, and government. In addition, I’m an author, having published multiple works available online and in print. You can find my creative work at https://WritingDistracted.com