If you’re like most people, you’ve spent a heck of a lot more time online in the last four months because of the COVID-19 pandemic. More time connected to devices means a greater amount of time that hackers and malware have to exploit opportunities. Here’s important cyber security news from Bryce Austin of TCE Strategy about how to implement cyber security.
|“Honda Hit with Ransomware
Honda has been hit with a ransomware attack that impacted major areas of the company. While specifics are hard to come by, this much is known: manufacturing plants in the UK, North America, Turkey, Italy and Japan were halted. The ransomware variant used was “SNAKE”, also known as “Ekans”. It appears that the ransomware was customized specifically for Honda in that it checked for the presence of internal Honda network names (domains) before it started encrypting files. The keys to defending against ransomware are as follows:
*Strong general cybersecurity hygiene (password complexity, patching of computers, good antivirus software on all computers, etc.)
*Multi-factor authentication on all “administrator” level accounts
*Offline backups that have been tested to ensure they work
*Retiring end-of-life applications that cannot be kept patched against new vulnerabilities
*A documented and tested Business Continuity Plan, or BCP, that details how to recover systems from attacks such as ransomware.
Patching computers is not a new topic, but sometimes it takes on new importance. In the past month, Microsoft has released their biggest “Patch Tuesday” in history for all current Windows operating systems. In addition, an update for a particularly nasty vulnerability last March (CVE-2020-0796, or SMBGhost for the techies reading this) has now been weaponized in the wild – that is, cybercriminals have published a program that lets people take control of computers that are not patched against CVE-2020-0796. This is bad for those that have not patched their computers.
*It is critical to set your home computers to auto-patch themselves, both Windows and Macs.
*It is critical to set your mobile device to auto-patch themselves and their applications, both Apple and Android devices.
*It is critical to retire computers that are so old that they have end-of-life operating systems (Windows 7 and older for PCs, Mac OS 10.12 “Sierra” for Macs).
*It is critical to retire mobile devices that cannot run the latest iOS or Android version.
This is a good list of ways to keep your company’s data safe. The #1 issue in my opinion: You need to identify your critical data and decide who does and doesn’t need access to it.
This is frightening on so many levels. “A Chinese city has unveiled proposals to permanently track a person’s health through an app that gives them a score based on factors such as how much alcohol they drank and the amount of sleep they got.” Do you want a lower footprint about yourself online? Perhaps no footprint at all?
This is a good start on how to lessen the amount of information available about you to a casual Google searcher.
“Search and browsing history can provide a detailed portrait of our private lives. It may reveal medical conditions, religious beliefs, and personal relationships, and it should be protected by effective legal safeguards.”
|Cybersecurity Tip of the Month:
Setting Devices to Auto-Patch
With the number of cybersecurity vulnerabilities being found in recent days and the subsequent patches released for these, I thought it would be helpful to re-share a tip from my October 2019 newsletter on setting various devices to auto-update. This simple practice can help keep you secure and your devices protected.
How to Enable Automatic Updates for Mac Computers:
1) Launch the Mac App Store on your computer.
2) Click on App Store in the menu bar.
3) Click on Preferences in the dropdown menu.
4) Check the box to the left of Automatic updates.
How to Enable Automatic Updates for Windows 10:
By default Windows 10 will update your computer automatically. You can also choose to receive updates for other Microsoft products automatically with Windows updates by following these steps:
1) Go to Settings and choose Update & Security from the start menu.
2) Select Advanced Options.
3) Turn on Receive updates for other Microsoft products when you update Windows.
How to Enable Automatic App Updates for iPhone and iPad:
1) Open the Settings app on your iPhone or iPad.
2) Go to iTunes & App Store.
3) Under the ‘Automatic Downloads’ section, look for Updates and turn that switch to the ON position.
How to Enable Automatic iOS Updates for iPhone and iPad:
1) Go to Settings > General > Software Update.
2) Tap Automatic Updates.
3) Your device will automatically update to the latest version of iOS or iPadOS. Some updates might need to be installed manually.
How to Enable Automatic App Updates for Android Phones:
1) Open Google Play Store.
2) Touch the hamburger icon in the top-left, swipe up and choose Settings.
3) Under General, tap Auto-update apps.
4) If you want updates over Wi-Fi only, choose the third option: Auto-update apps over Wi-Fi only.
5) If you want updates as soon as they become available, choose the second option: Auto-update apps at any time.
6) Remember, as Google informs you with the latter one, app updates will be downloaded over mobile data, which will eat into your cellular plan.
Until next month, stay safe!”
About Bryce Austin: