Home Security - Cybersecurity Awareness Month

 

Securing Your Home

What is Home Network Security? 

Home network security is the defense of a home network, which links devices like routers, PCs, smartphones, and Wi-Fi-enabled baby monitors and webcams to one another and to the Internet.

 

There are two widespread misconceptions among residential users regarding the security of their networks.

• Their household network is not big enough to be vulnerable to a cyberattack.
• Out of the box, their products are "secure enough."

 

The majority of attacks are not of a personal nature and can happen on any kind of network—large or small, residential or commercial. A network is naturally more open to outside threats if it is connected to the internet.

 

What are the risks? 

DNS hijacking is one of the biggest threats to any wireless network. This occurs when malware infiltrates your unsecured router and craftily redirects you away from a well-known site, such the website of your bank, and toward a phony site that closely resembles the genuine thing. Cybercriminals steal your login information when you log in to the fake website and use it to access the legitimate website.  

 

How to improve the security of Home Network? 

You can drastically lower the attack surface of your home network and make it more complex for a malicious cyber actor to launch a successful attack by using some of the basic but effective mitigation strategies listed below in  no particular order:

• Update your router, home computer and handheld device software regularly.
• Read current security events to learn how to protect your home from the latest vulnerabilities.
• Remove unnecessary services and software from home computers.
• Change default log-in passwords and usernames.
• Use strong and unique passwords with important services such as spending, and email.
• Install network firewall on network devices.
• Regularly back up your data to network attached storage (NAS) or external hard drive.
• Turn off “remote management”, WPS and Universal Plug and Play (UPnP) features.
• After your router has been set up, change default administrator password and logout.

 

Email, Password, Phone Security - Cybersecurity Awareness Month

 
Email, Password and Phone Security

What is Email Security? 

The methods and tools used to safeguard email accounts as well as communications fall under the category of email security. Phishing attacks' main target is email, which is also a way of distributing malware and is the largest attack surface for an organization. 

 

What is Password Security? 

Password security is the integration of policies, procedures, and technologies that improve the security of passwords and authentication mechanisms. It all comes down to knowing how to protect passwords. A password is indeed a type of secret authenticator that must be memorized. 

 

What is Phone Security? 

Phone Security refers to the defenses put in place to protect sensitive data stored on and transmitted by laptops, smartphones, tablets, wearables, and other portable devices. At the root of mobile device security is the goal of keeping unauthorized users from accessing the enterprise network. 

 

What are the risks? 

 

1.      Email Security: Email security is one of the most important infrastructure security measures for an organization. It is also the biggest attack surface for an organization. Some of the security risks for email are as follows:

• Spoofing and Phishing
• Vulnerabilities in E-mail Security
• Domain Squatting
• Malware via email attachments
• Spear Phishing attacks and Business E-mail Compromise (BEC)
• File Format Exploits
• Configuration Errors

 

2.      Password Security: Weak passwords are always a major component in any hack. For user convenience, some applications do not enforce password complexity, and as a result, users use simple passwords such as password, password123, Password@123, 12345, god, own mobile number, and so on. Weak passwords are not only short in length and character count; they are also easily guessable. Below mentioned are some of the risks that passwords face.

• Brute Force or Dictionary attacks on weak passwords
• Cracking of Hashes
• Reuse of Passwords
• Educated Guesswork for Brute Force attacks
• Default Passwords
• Password embedded in code

3.      Phone Security: Potential risks to Phone Security involves malicious mobile apps, phishing scams, data leakage, Spyware and unsecure Wi-Fi networks. There are 4 major types of Phone Security Threats: 

• Mobile Application Security Threats
• Web-Based Mobile Security Threats
• Mobile Network Security Threats
• Mobile Device Security Threats

Identity Theft Protection - Cybersecurity Awareness Month

 

Identity Theft

What is identity theft?

Identity theft is the term used to refer to the types of crime in which someone wrongfully obtains and uses another person's personal data in some way that involves fraud or deception, typically for economic gain. Anyone can fall victim to identity theft. These acts can damage your credit status and cost you time and money to restore your good name.

How can my identity be stolen?

The following includes some of the ways a threat actor may try to steal your identity:

• Steal wallets or purses in order to obtain identification, credit and bank cards
• Dig through mail and trash to retrieve applications for "pre-approved" credit cards, bank statements, tax documents, etc., that were discarded without being shredded
• Phish” for electronic information with phony emails, text messages, phone calls and websites that are solely designed to steal sensitive information
• Steal data or personal records through a data breach, or purchase stolen data from a malicious third party

What can someone do with your identity?

With enough information about someone, a threat actor can take over that individual's identity to conduct a wide range of fraudulent activities, such as:

• File applications for loans and credit cards,
• Make withdrawals from bank accounts,
• Access online accounts

Types of Identity Theft:

There are many types of identity theft that can occur. Some of the common ones include:

• Tax ID Theft
• Medical ID Theft
• Child ID Theft
• Account Takeover Fraud

What do I do if my identity gets stolen?

Call the companies where you know the fraud occurred.

• Place a fraud alert and get your credit reports.
• Report identity theft to the FTC.
• You may choose to file a report with your local police department.

How do I protect my identity?

Experts believe that identity theft cases occur so often that there is a new victim every 22 seconds. Please check out this comprehensive guide and accompanying infographic to help you take proactive steps to protect your identity.

If you receive a suspicious email, please report it to reportphish@gap.com 

Additional resources:

United States Department of Justice Identity Theft Awareness

Equifax: How Does Theft Happen?

USA.gov Identity Theft Awareness

Experian: Many Different Forms of Identity Theft 

Public Wi-Fi Usage - Cybersecurity Awareness Month

Cybersecurity awareness month is was created in October 2004 by the government with support from the non-governmental security community to help Americans become better at protecting themselves from attacks over the Internet. You can find more information on Wikipedia.

As a parent or young adult reading this article, we at Hak4Kidz want you to know that we are going to do our best to make a meaningful contribution to this month's awareness cycle. Feel free to join in with comments below. This article will go into public Wi-Fi usage.

What is Public Wi-Fi?

Airports, coffee shops, malls, restaurants, and hotels all have free public Wi-Fi that one may use to access the web. People regularly connect to these "hotspots" without giving it any thought because they are so ubiquitous and common.

What are the risks?

The issue with public Wi-Fi is that there are a lot of risks associated with using these networks. Although business owners may think they're giving their consumers a helpful service, it's likely that the security on these networks is insufficient or nonexistent. Below mentioned are some of the risks involved with using public unsecure Wi-Fi:

• Man-in-the-Middle Attacks
• Malware Distribution – Targeting a specific vulnerability in a system by injecting code onto your device.
• Wi-Fi Snooping and Sniffing – Eavesdropping on WiFi signals to access everything that one does when online. From viewing websites visited to collecting login credentials.

How to identify rogue Wi-Fi Networks?

While many hackers like using public Wi-Fi networks, some may go above and beyond by setting up a hotspot specifically for malicious purposes, such rogue networks can be identified as follows:

• Network/Wi-Fi name matches a trusted network.
• “HTTPS” sites are rendered as “HTTP”
• Names of the Wi-Fi networks are generic – such as “Free Wi-Fi”

Things to avoid if connected to Public Wi-Fi:

There are things you shouldn’t do while connected to an unknown network. Some of the ones include:

• Online banking
• Paying Bills or Doing transactions.
• Shopping on Online Sites
• Filing Taxes

How to Safely use Public Wi-Fi if there is an absolute need?

• Use a VPN.
• Stick to “HTTPS” websites.
• Avoid accessing sensitive information.
• Turn off file sharing on public networks.
• Use two-factor authentication for logins.
• Keep your operating system up to date with the latest software and OS updates.
• Remember to log out of sessions.
• Use antivirus software

Thank you Admin dr0pbears for your contributions to this article.