October 14-18 is the Department of Defense Cybersecurity Awareness Week, and the NTC Information Assurance section wants to remind everyone of their role in protecting our nation’s information and infrastructure.
Last year, there were almost 300,000 cyber attacks reported to the FBI’s Internet Crime Complaint Center. The reasons vary. The attackers may be targeting your financial information; they might just want to cause damage or are trying to steal personal data. Several of those attacks were against critical networks that control public water, oil pipelines or power grids. Since many of these attacks were made possible by first infecting personal computers, it’s up to each one of us to keep our computers secure. The following tips will help make sure that your data is secure and that your computer isn’t a part of the next attack.
1. Antivirus Software. Malicious software (called ‘malware’) isn’t only spread through email attachments or infected thumb drives. Your computer can get infected by visiting a hijacked Web site, by another computer on your home network, by downloading infected software or any other number of ways. A virus scanner is a must, and a free version like AVG Antivirus will do the job.
2. Use your firewall. Enable your firewall or install a web security suite that includes one. This will help to keep unauthorized users from accessing your computer and can also help to keep personal data from leaving your computer without your knowledge. This is true on any network, but especially on unsecured public networks. The free WiFi networks at hotels and airports or at Starbucks and Burger King, are not secure. If you need to connect to an unsecured network, make sure that your firewall is turned on and configured for a ‘public’ network.
3. Patch it up. Your operating system (such as Windows or Linux) must be kept updated in order to protect against new threats or exploits. Keeping your computer up-to-date helps to close security holes that might not be detected by your antivirus program or stopped by your firewall. According to the Internet Storm Center, the cyber security tracking entity of the SANS Institute, an un-patched system can be infected in as little as four minutes, which means that your computer can be taken over without your knowledge.
4. Use a regular user account. When you set up your computer, you probably created one account that had administrative privileges. While this can make it easier to install and run some programs, it can also allow viruses and other malware to run unchecked and infect your entire computer. It’s far more secure to use a secondary ‘limited account’ for your normal computer usage, and only use the administrative account when you need to install software (from a trusted source!). Even if your user account is infected, it’s less likely to infect your operating system as a whole, which makes recovery much easier.
These four basic steps will help to keep your computer secure, which helps defend both your personal data and other networks that may be attacked by compromised systems. For more information, and additional tips, see the United States Computer Emergency Readiness Team website at http://www.us-cert.gov/ncas/tips. For more information, contact me at firstname.lastname@example.org.