(1) Don’t re-use passwords, particularly on important websites that contain sensitive information (e.g., DOB, SSN, financial data, health data). Try not to re-use even part of a password, as it makes that partially-new password easier to crack than a brand-new one.

(2) Monitor your data that shows up on the dark web (the Internet black market). There are commercial services that will do this for you for a fee, but you can also sign up free of charge to https://haveibeenpwned.com to check if your email or other user name has shown up in a data breach, and get notifications if it shows up later.

Do it for others, if not for yourself

I often see people shrug their shoulders when I talk about securing home computers and devices. They say things like “I don’t have anything important on that computer” or “I don’t care if someone can see the camera feed from my front porch, it’s on the street!”

It’s not just about protecting your data; it’s also about preventing the bad guys from using your devices to attack others. Say what? Yep, sometimes the only way you know that your device has been compromised is when the FBI shows up at your front door with a warrant to seize all the computers in the house. I was reminded of this fact when this story from 2016 The Chinese Hackers in the Back Office was referenced in an online conversation with colleagues:

“When they first told us, we said, ‘No way,’” Mr. Cate said one afternoon recently over pizza and cheese curds, recalling when he first learned the computer server his family used to manage its welding business had been secretly repurposed. “We were totally freaked out,” Ms. Cate said. “We had no idea we could be used as an infiltration unit for Chinese attacks.”

It’s not just small-business servers, though, frequently “smart” devices such as webcams are hijacked by cyber criminals and put into botnets (networks of smart devices often used to attack commercial and government networks) – the most famous example is probably the Mirai botnet:

The Mirai botnet, composed primarily of embedded and IoT devices, took the Internet by storm in late 2016 when it overwhelmed several high-profile targets with massive distributed denial-of-service (DDoS) attacks.

I know that all of YOU take security seriously, or you wouldn’t have read this far today! But think about this the next time you hear someone else disparage the need for cyber security at home. It’s naive to think that you don’t have anything valuable on your home network – everything has value to someone somewhere, even if it’s just to use your device to attack a bigger target. Don’t let the bad guys use your stuff to commit crimes.

Secure Your Stuff!

Hope this gives you something to think about this week!

Remember, you can read past editions of this newsletter on our website, along with tons more information under the Resources tab.

Talk to you again soon!

Glenda R. Snodgrass
grs@theneteffect.com
(251) 433-0196 x107
https://www.theneteffect.com
For information security news & tips, follow me!

Security Awareness Training Available Here, There, Everywhere!

Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Live training made a comeback a few months ago, but many organizations are retreating. No worries. Wherever you and your employees may be, I can deliver an interesting and informative training session in whatever format you prefer.

Contact me to schedule your employee training sessions. They're fun! ☺