Cyber threats are growing. In just the last six weeks alone cyber criminals have successfully infiltrated local governments in the city of Laredo, TX; city of Edcouch, TX; city of Riviera Beach, FL; city of Key Biscayne, FL; city of Lake City, FL; Fayette County, OH; city of Baltimore, MD; and Luzerne County, PA.
Our cyber enemies are getting good. Scarily good. And what’s even scarier – their recent successful attempts have left them hungrier for more.
How long before South Carolinian cities and counties become the next victim? Afterall, it wasn’t all that long ago that the Spartanburg County Library was hit with a cyber-attack, leaving their networks riddled with ransomware. As cyber threats grow and security measures continue to be lackluster, it is not a matter of if, but when we will be attacked again.
Now, the intention here is not for local governments to feel hopeless. Quite the opposite actually. The purpose is to bring awareness to the growing problem, as well as to offer five steps Spartanburg County and the cities and townships within it, can take to minimize the risk of becoming a victim to cyber-crime.
First, you should ensure your computers are up to date with the latest software versions and you’re not overdue for an update. If your software is outdated, you’re leaving your computer vulnerable, as updates typically have patches for security holes that have been discovered. Essentially, by not updating your computers, you’re basically leaving the backdoor wide open for cyber criminals.
Second, you must analyze your current antivirus program. Often times, security solution providers use a reactive approach to security. Meaning, the software will only block known bad files, permitting all other unknown files to install. Then, if one of the unknown files happens to be bad, they will work to remove it – if possible. Based on industry research, this approach, known as the “blacklist approach,” is no longer feasible.
Instead, at the recommendation of the US-CERT, FBI, and NSA, users are encouraged to use software that employs application whitelisting. This approach, rather than keeping a list of all the bad programs, keeps a list of all the known, trusted programs, and only allows them to run on your computer. This means, even if the enemy found a way to worm their way into the server or computer, they couldn’t install anything malicious, because only good programs and files can run.
Third is education. Knowing what today’s cyber threats are, and the red flags to spot them will help decrease the likelihood of unintentionally downloading a malicious attachment or clicking on a malicious link.
The fourth suggestion is practicing proper password hygiene. This includes using complex passwords, including capital and lower-case letters, numbers and special characters. These passwords should also not be written down. Alternatively, users can utilize a password vault to manage and protect all of their passwords for each account and should make sure to update their passwords every six weeks. Passwords should also not be used across multiple accounts and should especially not be used both for both your work and home passwords.
The fifth and final thing is, backing up files. Storing data on an external hard drive or cloud-based network will help with the restoration process if a cyber-attack were to corrupt systems. If the backup of choice is an external hard drive, it is important to unplug the hard drive from the device once the backup process is completed. If users fail to do so, there is a risk of the backup files too becoming infected if a cyber-attack were to execute.
The reality is, cyber threats are evolving daily, and unfortunately there is no silver bullet. However, if government offices are implementing these five suggestions, the risk of falling victim is minimal at best.
The reality is that everyone has a part in helping South Carolina lead our nation in the cyberwar, including the people of Abbeville County. Rather than waiting for the next cyber-attack to happen, we must take action, and reach out to our local government offices to urge them to begin using these five cyber security tips identified above. Afterall, they possess your personal information too, and you have the right to know it is being kept secure.
A cybersecurity advocate, Rob Cheng is the CEO and Founder of PC Matic – the world’s only American-made antivirus software.