Personal Cyber Takedowns: What to Do When State-Sponsored Cyberattacks Target YOU
There is a lot of talk in the news about cyberattacks and cybercrimes – even more now with the Ukraine/Russia conflict. Over the past year, we've seen many examples of major corporations being taken down by cybercriminals.
This may all seem a little distant from our everyday lives…but the fact is, when cyber criminals target a business or a bank, they target us individually, in a very personal way.
That’s because these institutions hold our information – all the data needed to thoroughly up-end our everyday lives. OUR information is what makes these institutions such rich targets for bad actors.
Our Banks Are in the Bullseye
Big banks, such as Bank of America, Goldman Sachs, and JP Morgan, say they are always under attack by cyber criminals – and have spent billions to protect their operations and customer data. With Russia all but declaring cyberwar on the U.S., these banks are sounding the alarm: the attacks have intensified since the sanctions on Russia were announced.
According to the New York Post, “Executives declined to comment on the record, fearing that any comments will embolden the cyber criminals and their proxies in the Russian government.” But one big bank executive told the Post that “the industry consensus is that the Russian government is behind recent attacks.”
So far (and thank goodness!), there have been no reported bank breaches. Only time will tell if this remains the case.
Businesses Are Targets, Too
Businesses are a target as well. President Biden has warned sanctions may lead to cybersecurity breaches. In a recent press conference, he stated his administration has "evolving intelligence" that cyberwarfare will be part of Russia's striking back against American sanctions. And he urged America's private business sector to be vigilant and prepare.
President Biden’s top cybersecurity aide, Anne Neuberger, recently stated, “There’s no intelligence suggesting a specific Russian cyberattack against U.S. targets, but she did add that there has been an increase in ‘preparatory activity,’ like scanning websites and hunting for vulnerabilities, that is common among nation-state hackers.”
Cyberattacks are a daily occurrence. That’s now a fact of life. But with the tightening sanctions on Russia, the threat has become all too real. Should state-sponsored hackers get into any organization’s databases and customer information is leaked, that info could end up on the dark web to be sold to the highest bidder.
Scary Statistics That Show Cybercrime Is Personal
Cybercrimes are increasing at alarming rates. According to Government Technology, "Between May 2020 and May 2021, the FBI saw complaints about cybercrime jump by 1 million."
Norton reports, "By some counts, there are more than 2,200 cyberattacks per day. That equates to about one cyberattack every 39 seconds. […] Considering there are around 2,200 cyberattacks per day, that could equate to more than 800,000 people being hacked per year."
Again, while the news focuses on major cyberattacks on organizations or governments, it typically starts at the individual level.
Norton explains, "Over 75% of targeted cyberattacks start with an email."
What is it that cybercriminals want from individuals? Money and personal data. Stop, Think, Connect says, "Personal information is like money. Value it. Protect it. Information about you, such as your purchase history or location, has value – just like money."
15 Ways to Protect Yourself from Personal Cyber Takedowns
The government can't protect itself from cybercrimes, much less you. Moreover, the burden to protect yourself online is placed entirely on the individual.
So, if Russian state-sponsored hackers access your bank’s customer database, you are the one who has to deal with the fallout.
Use the following tips to avoid becoming a victim of cybercrime.
#1 Create Strong Passwords
One of the easiest ways for cybercriminals to make you a victim is by figuring out your password.
That's why you want to create strong passwords that combine letters, numbers, and symbols.
Avoid passwords with any personal information such as birthdays.
#2 Use Multi-Factor Authentication
CISA Director Jen Easterly told Harvard Business Review that multi-factor authentication "makes you 99% less likely to get hacked."
Multi-factor authentication is a process that requires a second proof of I.D. in addition to your password, such as a one-time verification code that is sent via text message.
To access the site, the user would need both your password and your mobile device in his possession.
#3 Perform Security Updates
Cybersecurity is constantly evolving because cybercriminals continuously get smarter.
That's why you need to perform security updates regularly.
When you receive a notification that it is time to perform a security update, updated security measures are added as IT professionals figure out more effective ways to protect you from cyber threats.
#4 Avoid Public Wi-Fi
Public Wi-Fi is convenient, but it is not worth the risk. Public Wi-Fi is unsecured, which is a hacker's dream.
Instead, use a VPN when you need Wi-Fi in public if you don't have unlimited Wi-Fi.
According to the National Cyber Security Alliance, "A VPN is a service that encrypts all of a device's internet traffic and routes it through an intermediary server in a location of the user's choosing. […] The encryption part of a VPN is similar to what you get when you visit an HTTPS site. Anyone who happens to intercept internet traffic between the smartphone or laptop and the VPN server won't be able to decipher its contents, including Wi-Fi hackers."
#5 Be Suspicious
Unfortunately, cyberspace is not a safe space. You should operate with suspicion when you are online.
In other words, suspect the email from a sender you don't recognize is a cybercriminal. Suspect the pop-ad advertising something too good to be true is fake.
#6 Check Your Settings
Stay Safe Online recommends, "The moment you turn on a new smart device or sign up for a new online account, configure your privacy and security settings. Most devices and accounts default to the least secure settings--so take a moment to configure those settings to your comfort level. Disable any features you don't need, such as location tracking. Make it a point to regularly check these settings to adjust them."
#7 Stick to Secure Websites
When browsing online, especially when you are doing anything financial, make sure you stick to secure websites.
The easiest way to tell if the website is secure is to look for the lock icon to the left of the web address. You can also identify secure sites by the use of the letter "S" in HTTPS.
#8 Be a Selective Sharer
Social media is proving to be a hacker's playground.
Don't make it easy for them to learn sensitive information about you, such as where you live, where your kids go to school, or when you are traveling, because of what you share on social media.
#9 Use Privacy-Focused Apps
If you want to practice extra cybersecurity, switch to privacy-focused apps.
Apps such as ProtonMail and DuckDuckGo protect your personal information from being captured.
#10 Invest in Anti-Virus Solutions
It is worth investing in anti-virus solutions. Not only do antivirus programs protect your devices from viruses and malware, but they also run new software updates automatically.
#11 Lock Down Your Usernames and Passwords
Don't save your username and passwords on different websites – no matter how much of a time saver it is.
This is a huge risk.
In addition, don't leave your devices easily accessible. Set up a secure biometric password (such as a fingerprint) on your cell phone, and log out of your computer when you are not using it.
#12 Don't Charge Devices in Public Spaces
Cybercriminals find unique ways to steal your information, such as utilizing public charging stations.
Identity Force explains, "Hackers have been known to set up fake charging stations in scams known as 'juice jacking.' After you plug in, they can access your phone's data or install malware on the device."
#13 Recognize Stranger Danger
Treat every stranger on the internet as a potential danger. If someone you don't know sends you a friend request, do not accept it.
If you receive an email from someone you don't recognize, do not open it (and certainly don't click any links).
If you get a message from a friend that does not sound like the friend, use a different messaging tool to check with the friend to see if the message is legitimate.
#14 Be Aware of Social Media Cybercrime Tactics
It is important to recognize the signs that you have been hacked.
According to the FTC, here are the signs your social media account has been hacked:
- Your social media account has posts you didn't make.
- You can't log into your social media account.
- Your Sent folder has messages you didn't send or has been emptied.
- Friends and family are getting emails or messages you didn't send, sometimes with random links or fake pleas for help or money.
#15 Stay Aware
Finally, it is critical to stay aware.
Monitor all of your online accounts – email, social media, banking, credit cards, etc.
The sooner you catch a potential cybercrime, the better your chances are of minimizing the damage.
Practice cyber preparedness, friends.
Preparedness Advisor, My Patriot Supply