How is your cyber hygiene?
- Posted On:
- Written By: Navar Holmes
Danger, Will Robinson. Danger!
We often don’t think of the internet of being harmful to our health, but with the growth of The Internet of Things (IOT), which refers to any device that is connected to the Internet, it can be. For reference, here are a few examples of IOT devices you can find in your home:
- Alexa (or other virtual assistants)
- cars
- cell phones
- lights
- medical devices
- TVs
- thermostats
Of large concern now are medical devices because if any of your home networked devices gets compromised due to a virus or malware, the medical device could also get compromised—the LAST thing you want is your WIFI enabled medical device(s) giving false or no data, which could cause a health issue.
So how do we improve our Cyber Hygiene? One of the most important things is to never share your password and question any time you are asked for your password.
If you get an e-mail asking to verify your password; ask why? If you get a text message asking to verify your password; ask why? Sometimes e-mails will look very legitimate and valid, but still ask why. I have found that some e-mails are just trying to trick you into giving your password.
If an email is asking for sensitive data, pick up the phone and call to verify the request; but never call the number in the e-mail—use a number that you already have for the company asking. If you get an e-mail about your credit card or bank account and it is asking you to verify data, call your bank or credit card company, but never the phone number in the e-mail as it might be fake.
Sometimes toxic e-mails come from the people closest to us. If a friend sends you a funky looking e-mail, use caution as it could be that their e-mail account has been compromised, and the threat actor is using their e-mail to spread the love to you. Call your friend to verify the request in the email.
Beware of e-mail attachments. Attachments are a very popular avenue to getting a virus or malware on your phone or computer; and once that virus is on the device it could then infect other devices on your home network.
TypeSquatting is very common. This is where the threat actor creates a malicious landing website for people that miss-spell common websites. Transposing the “a” and “i” in Gmail will get you to a scary website that asks something like: Your Computer was Disabled! Call the MS technical support number to get this error resolved. NEVER call the number and never let them on your computer. Doing so will be the start of your problems. To avoid this mistake, never use the “.com” or “.net” or “.org” when searching in any search engine (like Google). Just use the name.
Manage your passwords. Pretty much everyone writes down their passwords. If you are going to write them down, then why not make them more secure and use a different password for your more sensitive accounts? And if you are going to write them down, then be really secure and use a PassPhrase. Password “wyoming307” will take about three minutes to crack, but PassPhrase “wyoming area code 307” will take about 5,500 centuries to crack. So if you are writing down your passwords, why not write down a PassPhrase instead!
Navar Holmes is Campbell County Health’s Cyber Security Administrator in Gillette, Wyoming. Navar has more than 23 years of Information Technology experience and has been with CCH since September 2002. He was a featured speaker at Wyoming Cybersecurity Symposium 2018 and is serving as the Information Systems Security Association (ISSA) Wyoming Chapter President. In addition to this, he volunteers his time and expertise to further the objectives of Cyber Wyoming and Made Safe in Wyoming.