Avoiding Hackers in College (AKA Jennifer Lawrence is a Millennial Too!)

By | September 3rd, 2014|Uncategorized|

millenialsThis guest blog post is a part of our cyberSAFE blog series focusing on back-to-school security, privacy and identity topics. It comes to us from Cynthia Lieberman, co-founder of CyberWise, the go-to-to source for busy adults who want to learn how to embrace digital media fearlessly, and the CyberWise Certified online learning program (check out the course on “Online Security Strategies”). Cynthia has an M.A. in Media Psychology and Social Change and with 20+ years of entertainment marketing and media experience under her belt, she also consults for a diverse range of companies in marketing, social media and professional online profiling.

In a flagrant violation of privacy, personal photos stored on iCloud were recently hacked from celebrity cellphones and leaked onto “4chan,” a simple image-based bulletin board where anyone can post comments and share images anonymously. One suspected cause surrounding this incident is that a group of celebrities attending a recent awards ceremony were somehow hacked using the venue’s public Wi-Fi connection.

Many of these celebrities, like Jennifer Lawrence and Kate Upton, are young millennials (age 18-27) who grew up using social media networks such as Facebook, MySpace and most recently, Instagram, SnapChat and more, and consider online social sharing to be part of their daily communication routine.

Despite their obvious celebrity status, many of these stars are no different than other millennials. They are at ease with online technology and comfortable sharing their personal info online. Unfortunately, the consequences of this comfort level have led them all—famous or not—to engage in risky online behaviors.

The Federal Trade Commission reports that people between the ages of 20-29 are the most-victimized age bracket when it comes to identity theft, making up 20 percent of all reported victims last year (and that’s followed closely behind by ages 30-39). This is partly because college students in particular are heavy social media users with smartphones (and often used without passwords).

Many of these millennials are leaving the parent’s nest and flying off to college dorms, unaware that unless they take certain online security precautions, they too can become easy targets for identity theft. In fact, most recently and for the second time in less than three months, hackers have broken into Stanford University’s computer network, and other university servers have been put at risk this year, including MIT, North Dakota University, and the University of Maryland.

Why are students so easy to target? For one thing, college students don’t have a credit history, making their blank slates easy to steal. They don’t usually do a regular check of their credit reports, so If their identity is stolen, it can go undetected for even years.

Here are just a few tips for college students to keep their online identities safe on (and off) campus:

  1. Don’t use public WiFi. College campuses, coffee shops and restaurants are rife with WiFi. Never shop online, log into credit accounts or do any banking transactions with your bank while on a public connection.
  2. Be alert when shopping online. Make sure you only buy from sites that have the security lock symbol next to the URL which can help ensure the website has taken appropriate measures to protect your info. While not foolproof, it will certainly lessen the risk.
  3. Never share your passwords with others. Not even your fraternity brothers or your BFF. Not for website sign-ins, email, online banking or access to the school’s library. Think about it…what if you shared a password with someone you know and they later decide use it to do something stupid on one of your social networks or with your bank account? It’s more than just a trust issue, and not worth the risk.
  4. Have complex passwords that you don’t tape under your desk. Make a habit of having several different “difficult to guess” passwords that you change regularly, and don’t store them on your PC, in a notebook or on mobile devices. Don’t use easy to find phrases like your birthday or last four digits of your social security number either.While it may seem easier for you to have one password for multiple websites, it leaves you wide open for thieves to hack your data. With one password, they can sign in to your email account and have a field day with your email—and everything else associated with it.
  5. Size Matters. Also, do the math—the length of your password is just as important as its complexity because longer passwords make it harder for hacking software to determine your combinations of letters, symbols and numbers.
  6. Don’t click that link. There’s no such thing as a free lunch. No matter how good that deal may sound, if you get an email or text saying you’ve won something or that has a tempting link, think twice before clicking. A recent study revealed that 52% of millennials—compared with 40% of those aged 35+—are more willing to exchange privacy for value with companies as long as they get something in return (i.e. special deals or freebies). Hackers prey on our greed, so avoid offers of smileys, screen savers and coupon-printing software and be especially cautious about downloading free media like movies and games: peer-to-peer networks are full of malware. Same goes for website pop-ups that tell you that you have a virus. With so much pirated software in the market, there is an increased chance that some sort of malware is involved.
  7. Be email cautious. Never open an email – especially an attachment – from an unknown source. Be wary of emails with no subject line or that is strangely vague or brief (i.e. “Hey” or “Cute!”), especially if a web link is included. Viruses can also come from friends that have already been hacked. Open its attachment and you could unwittingly be spreading the virus to others. For safety, verify the source with that friend before you open.
  8. Avoid credit sharks. Credit card and student loan businesses are known for inundating college students with great freebies in exchange for completed credit card applications. Don’t do it! If you want to apply for credit, go to the company’s secure website from your private, password-protected Internet connection, and never over a public WiFi.
  9. Careful about oversharing. Many websites ask for answers to personal accounts to help protect your privacy such as “What’s your dog’s name?” “Where did you grow up?” “What’s your mother’s maiden name?” Many of your answers can be found by checking out info you’ve posted on social media sites like Tumblr and Facebook, so be careful what you post and how transparent your security answers be when answering them.
  10. Don’t assume your phone or tablet is safe. It’s not only PC’s that are susceptible to viruses and hackers, but tablets, phones and apps are too. Lots of virus programs can be installed for cheap or free; just make sure they are downloaded from a secure website by a reputable company.
  11. Monitor your credit report regularly. Sounds like a hassle, right!? It’s worth it though because it’s much easier to catch an identity thief early on by keeping regular tabs on your credit report than it is to make a gazillion calls later to set your record straight.
  12. Trust no one. Imagine finding out when applying for a loan that someone has stolen your ID and has been opening accounts using your name—and it turns out the thief is a former neighbor or relative! Yes, even college roommates, offline and especially online “friends” and classmates can be scammers.
  13. Be app-alert. Be careful what you put on your mobile devices. Always use reputable apps, and select them cautiously. Make sure you use the Google Play or iTunes store, and never click any boxes that allow installation settings from unknown sources.
  14. Leave your important documents with your parents. Social Security cards, passports, and birth certificates should be stored off-campus under lock and key. Only carry physical copies of the ID that you actually need, like a driver’s license and student ID. Shred credit card and bank statements and any paper documents that have sensitive financial information rather than just throwing them in the trash.

These are just a few tips on how to steer millennials (and yourself) out of harm’s way when it comes to identity theft and online security. If you want to learn more, check out our CyberWise Learning Hubs and CyberWise Certified Online Courses on related subjects, including Online Security Strategies, How To Protect Your Online Privacy, Online Reputation Management and more.

Teaching Your Teen How To Be A Cyber-Smart Citizen

By | August 28th, 2014|Uncategorized|

Guest blog_082814This guest blog post is a part of our cyberSAFE blog series focusing on back-to-school security, privacy and identity topics. It comes to us from Sue Scheff, author and family internet safety advocate. She is the founder and president of Parents’ Universal Resource Experts Inc. (P.U.R.E.) and has been helping to educate parents on cyberbullying awareness and safe online practices for teens since 2001.

Making smart cyber choices today is as important as your GPA.

As children are online now more than ever, it’s important to realize that your child’s digital image is their future. Your child’s online reputation determines what college they get into and where they’ll work in the future. Today, 98 percent of employers run an Internet search on applicants and if they find a negative online presence, 77 percent of those employers will not invite the applicant in for an interview.

College recruiters are reporting nearly the same statistics. They are putting your child’s name through an Internet wash-cycle, and how it spins out will determine if your child secures a spot at a college of their choice. As we start the new school year, we have to remember that every keystroke and photo posted in cyberspace is public and permanent – there is no rewind online.

Becoming a Cyber-Smart Citizen
Digital citizenship restarts every day as you power-up your smartphone or connected device. To help your teen better navigate the rough waters of social media, here’s a look at some of the golden rules of cyber-smart citizens:

  • Over-sharing is a common mistake that many people of all ages make on social media. Be selective and smart about what you share.
  • Prior to posting a comment, photo or video – you need to consider the following: is what you’re posting helpful, kind or necessary? Or is it something you may regret later?
  • Check your privacy settings on all social media sites. Make this a weekly habit.
  • Who is in the comments/photos/videos? If you are posting a picture of other people, did you get their permission?
  • Tag and share with care. Treat others as you want to be treated online.
  • Social media is not a scrapbook. Don’t use it as a diary.

Friending and Unfriending Guidelines
In addition to these golden rules, it’s important for teens to evaluate who they are connecting with online. You are judged by who you hang with, online and offline. Here are some steadfast rules when it comes to “friending” and “un-friending” online:

  • If you have a friend that is posting questionable comments or pictures on your social media sites, don’t be afraid to unfriend them.
  • Just because someone is friends of friends of someone you know, it doesn’t mean you have to be friends with them virtually. Cyber criminals can use this tactic to steal your identity.
  • Keep this in mind: quality beats quantity on social media.

Cyberbullying and Online Harassment
There are lines that should never be crossed on social media. Empower your teen to know how to report digital abuse. Here’s how:

  • Do learn where how to report abuse on each social media platform.
  • Do tell a parent or an adult if you are a victim of online abuse.
  • Don’t engage with a cyberbully.
  • Don’t stay in chat rooms or on websites that make you feel uncomfortable.

Your child’s digital trail is the path to their future. It is our job as parents to help them protect and maintain their good name. A great reminder to all students is a New York Times article that ran last year: They Loved Your GPA Until They Saw Your Tweets. One of the most important things about social media that teens should never forget is that social media is not a diary, scrapbook or venting machine.If you are having a bad day, stay off of technology.

In addition to securing your teen’s online reputation by encouraging positive, smart actions, you can also inform your teen of the cyber security issues at stake. They can secure their identity by never giving out their account password or smartphone passcode to anyone. A best friend today could easily become a frenemy tomorrow. Only parents should have passwords.

Keep in mind: you never get a second chance to make a first impression – especially online.

For more information and tips on raising digital citizens at NCSA’s website.


Kids and Their “Digital Footprints”

By | August 20th, 2014|Uncategorized|

backtoschool_082014This guest blog post is a part of our cyberSAFE blog series focusing on back-to-school security, privacy and identity topics. It comes to us from Diana Graber, co-founder of CyberWise, the go-to-to source for busy adults who want to learn how to embrace digital media fearlessly, and the CyberWise Certified online learning program (check out the course on “Online Reputation Management”). She developed and teaches middle school “Cyber Civics” at Journey School in Aliso Viejo, CA. Diana has an M.A. in Media Psychology and Social Change and is a regular contributor to the Huffington Post.

My daughter, who is busy preparing to go off to college, burst into my office yesterday with a question, “Why in the world did you ever let me get a Facebook page in 8th grade?”

The reason for her outburst was that she’d just received an email from her university telling her the names of her future roommates… you can imagine what every student does the moment they receive this information—they look each other up on Facebook. She anguished over silly and embarrassing posts on her page from 8th grade. She felt that the mistakes she made as a tween were tarnishing her online reputation as a young adult.

Understanding the impact of one’s online reputation—or, “digital footprint”— is challenging, even for those of us who have been online for a long time. We see examples of adults being digitally disastrous every day and we certainly can think of someone who has shared too much information or posted a photo that makes us cringe. So, imagine the difficulty of trying to introduce the concept of a “digital footprint,” and its future ramifications, to kids who are just starting to make their online reputations take shape.

That’s what I do in 6th grade Cyber Civics™ classes at Journey School in Aliso Viejo, CA. To teach this concept I use a lesson from Common Sense Media and adapt it to make it particularly relevant to my students. For example, one class had just completed a very successful pie-making/selling fundraiser called “Sweetie Pies,” so I told these students that as “owners” they were going to hire a national spokesperson for their thriving venture. In this engaging experience, the children consider two applicants, Jason and Linda, by reviewing their “digital footprints.”

After conducting this digital background check, the students were asked to consider which candidate they should hire based on the following criteria: Who was more honest and who worked well with others? They broke into small groups to ponder this decision and after considering all the online evidence (not so good), most groups decided not to hire either candidate.

The best part of this lesson, however, is the follow-up activity: students were given a blank footprint and told that it represented their “digital footprint.” Their task was to think about what they wanted it to say in 10 years by filling it in with words and images that described their future selves.

These students designed footprints that said they’d be professional soccer players, artists, scientists, musicians, gamers, fashion stylists and more. Some footprints indicated that these kids were going to win the Nobel Peace prize, the Heisman trophy, feed the homeless and perform hundreds of pet rescues.

Of course only a fraction of these digital dreams will come true, but the point is this: it gives kids the idea that they can, and should, shape their own online reputations, or “digital footprints” and be proud of the online self they show to the world.

Back-To-School Online Safety Tips for Families

By | August 19th, 2014|Uncategorized|

Back to SchoolThis guest blog post is a part of our cyberSAFE blog series focusing on back-to-school security, privacy and identity topics. It comes to us from Kara Wright, the Digital Media Coordinator for the National Cyber Security Alliance. She assists the operation and development of the STOP. THINK. CONNECT. and National Cyber Security Awareness Month campaigns and works with other NCSA staff to increase the campaigns’ footprint and reach and social and digital properties.

As the new school year approaches, it is important for families to brush up on online safety and ensure they are staying safe online. Here are a few ways you can protect yourself and your family this school year.

Be Safe When Doing Your Back-To-School Shopping
Buying school supplies online? Check out these tips first:

  • Connect with care, and when shopping, be sure the site you are using is security-enabled. Look for a web address with https:// or “shttps://” instead of https:// (or a closed padlock on your web browser’s address bar) to know the site takes extra measures to help secure your information.
  • If you are considering buying from a seller you have never used before, collect your own research on the seller first to make sure the site is legitimate. Some attackers try to trick you by creating malicious websites that appear legitimate, so you should verify the site before supplying information. Do this by searching for customer reviews and noting the company’s phone number and physical address.
  • Protect your personal information and be alert to the kinds of information being collected when you are making a purchase online. Check the website’s privacy policy before providing personal or financial information, and make sure you understand how your information will be stored and used. Remember that you only need to fill out required fields on a checkout form, and make sure that the information requested seems necessary.
  • Turn off your computer when you’re finished shopping and using your computer. Leaving your computer connected to the Internet when it’s not in use gives scammers 24/7 access to install malware and commit cyber crimes. To be safe, turn off your computer when it’s not in use.

Protect Your Family from Cyberbullying Once School Starts
Every age group is vulnerable to cyberbullying, but teenagers and young adults are common victims. Cyberbullying is a growing problem in schools thanks to the Internet’s fairly anonymous nature, but these steps can help you protect your family members from cyberbullying:

  • Limit where you and your family members post personal information. Be careful who can access your family members’ contact information and details about interests, habits or employment to reduce exposure to bullies; this may limit the risk of you or one of your family members becoming a victim and may make it easier to identify the bully if someone is victimized.
  • Own your online presence. When available, set the privacy and security settings on websites to your comfort level for information sharing; it’s OK to limit how you share information.
  • Safer for me, more secure for all. What you do online has the potential to affect everyone – at home, at work and around the world. Practicing good online habits benefits the global digital community.
  • Post only about others as you would have them post about you.

Raise Good Digital Citizens
The Internet is a great place to learn and get entertainment, but it can pose dangers if precautions are not taken. Allowing free access puts your family members, your computer and your personal data at risk. It is important for parents to remain positively engaged, paying attention to the online environments their children use and showing interest in their friends. Additionally, parents are encouraged to support their children’s good choices online and expand their autonomy when developmentally appropriate. Keep a clean machine by protecting all family computers with security anti-virus, anti-spyware and firewall programs that are set to update automatically, keeping operating systems, web browsers and other software current and backing up computer files on a regular basis.

For more information and tips mentioned above, visit NCSA’s website. As always, let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

Three Ways to Boost Security Awareness at Your SMB

By | May 14th, 2014|Uncategorized|

SMB week_2014Let’s face it: employees can be a weak link in your business’ security. Human error accounts for 80 percent of company breaches, showing that the security industry and businesses have a long way to go to educate employees on security awareness.

In the spirit of National Small Business Week, a time to reflect on the contributions of America’s small business owners, we wanted to share three key ways you can help employees be aware of security risks. It all starts with having a plan in place.

1. Create security plans that fit your SMB’s needs
How should an employee handle a phishing attempt? What are employees supposed to do when a data breach occurs? What workplace topics are appropriate to post on personal social media accounts? The answers to these questions should be available to employees to reference when a security risk arises. It is important to have a social media policy, data breach preparedness plan or processes in place, but many organizations are lacking in this area. According to SocialMedia Today, more than one-third of businesses do not have a social media policy. Additionally, more than half of U.S. SMBs experienced a data breach in 2012, but only 12 percent had a breach preparedness plan in place. The first step in achieving security awareness is creating a prepared and organized security plan.

2. Educate employees and make security plans easily accessible
The next step in integrating security awareness into your company culture is educating employees on how to handle security risks. Training and education are vital to protecting your business from outside – and inside – threats. As the average annual cost of SMB cyber attacks in 2010 was $188,242 according to Symantec’s “Should Small Business Worry About IT Security,” your business cannot afford any weak links in the security chain.

3. Enforce plans, but be approachable
Many employees are nervous to bring up security questions or issues because they are afraid of getting into trouble. Always tackle security awareness and policy enforcement with an approachable attitude. The worst thing that an employee can do is stay silent when there is an issue.

On June 10th, we will be hosting a webinar on how SMBs can better protect against financial and reputational risks. Check out the cyberSAFE webinar blog post for more information and to register! As always, you can let us know what you think about SMB security awareness on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

Security Insights: 93% of large organizations had a security breach last year

By | January 13th, 2014|Uncategorized|

Security-BreachIn an article from Naked Security by Lee Munson: A new survey commissioned by the UK Government’s Department for Business Innovation and Skills (BIS) has revealed the scare of cyber attacks on UK companies. The 2013 Information Security Breaches Survey, which collected data from 1,402 respondents, presented results for large organizations (in excess of 250 employees) and small firms (less than 50 members of staff).

One of the key findings of the report was the level of attacks sustained by businesses – with breaches reaching record levels. The survey discovered that 93% of large organizations experienced a security breach last year, a figure that is broadly in line with 2012 reports. Smaller businesses, however, saw a marked increase in the number of attacks levied against them. Some 87% of smaller firms reported experiencing a data breach last year, which is up significantly from 76% the previous year.

Average of 113 security breaches:

The number of security breaches within each of the affected companies also showed a sharp increase too. Larger companies experienced an average of 113 breaches and smaller firms reported 17 such incidents, an increase across the board of almost 50% in one year.

The survey determined that the attacks faced by businesses over the last year came from both outside and inside the organization.

A whopping 78% of large organizations reported attacks from outsiders over the last year with 39% of those incidents being denial of service attacks. Smaller companies fared slightly better in both regards with 63% reporting outside attacks. The number of smaller firms that experienced a DoS attack was 23%.

The survey respondents did not just experience random attacks though – 14% of larger businesses reported the theft of confidential data or intellectual property by external attackers, while 9% of smaller firms experienced such losses too.

36% of the worst breaches down to human error:

Insider threats also pose a risk to organizations through. The survey found that technology, people and processes were to blame in several cases. Of the worst security breaches during the year, 36% were attributed to human error. Alarmingly, an additional 10% of the reported security breaches were pinned on staff and their misuse of systems.

On a more positive note the survey discovered that attitudes towards information security are generally good and continually improving too.

The survey found that 76% of larger organizations believe that senior management places a high level of priority on information security. Interestingly, smaller firms were better, with 83% placing a strong emphasis on security.

Another contributory factor with regards to internal breaches could be a lack of staff training. Survey respondents indicated that many large organizations only prioritized training after a breach. At the time of the induction 10% of new staff were given no security training whatsoever and 42% of large firms failed to employ any kind of ongoing training in terms of security awareness.

Larger organizations expect to spend more next year in customer data protection and compliance, but just how much a business spends on security seems highly depended on the outlook of senior members of the management team.

The survey ends by saying that the majority of firms believe that the number of security breaches newt year is likely to be higher. As per this year, attacks are expected in every industry though the public sector and financial services showed more concern than other sectors.

Source: Naked Security

How to protect yourself from a breach:

As an employee, you have a crucial role in the security of your company whether you realize it or not. A company cannot be secure without the help of every single employee. Below are some tips that you can follow in order to help your company avoid a security breach:

  • Stay informed
  • If you do not understand or are not sure, ask
  • Follow your companies password policies
    • Do not reuse passwords
    • Do not write down passwords
    • Do not share passwords under any circumstance
    • Create strong passwords consisting of the following:
    • NEVER use passwords less than 8 characters
    • Reset your password as prompted every 90 days
  • Ensure proper validation of one’s identity is obtained before releasing ANY data
  • Follow your companies Clean Desk Policy
  • Only browse websites to fulfill your job duties
  • If something seems “shady” it probably is
  • Do not submit confidential data on insecure HTTP websites
  • NEVER enter confidential data on a pop-up screen
  • Pay attention to your web browser warnings
  • Report suspicious activity to the Information Security Officer

– Kristin Badgett, CSID Information Security Officer

What steps are you taking to help your company avoid a data breach? Let us know on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

Five Simple Security Resolutions for the New Year

By | January 8th, 2014|Uncategorized|

new year blogDo you have room for one more new year’s resolution? Beyond getting fitter, healthier or smarter, vow to be more secure. Here are five simple actions you can take for a more secure year.

Refresh your passwords

Take a minute to refresh your personal and professional passwords. Make them long and use a mix of numbers, letters and symbols, and avoid using the same passwords across multiple sites. Require that your employees, customers and family do the same. Check out our Consumer Password Habits Unveiled blog post for more password advice.

Update software

Keeping your device software up-to-date can help keep your device and identity secure. So this year, whenever you see that “update available” notice pop up, click “yes”! It only takes a few moments to keep your software updated.

Shred, wipe and reformat

Erase your tracks. Shred unneeded documents, wipe old devices and reformat old hard drives so identity thieves cannot retrieve any sensitive information. Tax season will be here before you know it, and the overwhelming number of tax identity theft cases that occurred last year indicates that identity thieves are prone to using year-old information to collect refunds.

Protect your privacy

Update privacy settings on your social media pages, mobile apps and web browsers to protect against identity theft and manage your online reputation. Be sure to continually check your privacy settings, as privacy rules tend to change frequently online.

Turn on two-factor authentication

When offered, turn on two-factor authentication services for an extra layer of security. You can already do so for popular sites like Gmail, Twitter, Apple, and Dropbox.

Which of these do you plan to adopt? What other simple security resolutions have you made for the new year? As always, let us know on Twitter and Facebook.

Security Insights: 8 Cyber Security Predictions for 2014

By | December 31st, 2013|Uncategorized|

Cyber security in 2013:

“Cyber security took center stage in 2013 with nation-state attacks, numerous high-profile data breaches and prominent cybercriminal arrests. According to Websense, in 2014, cyber attacks will be even more complex and diverse. While the general volume of advanced malware will decrease – we predict the volume of targeted attacks and data destruction incidents will increase.” – InformationWeek

Websense 2014 Security Predictions:

  1. Advanced malware volume will decrease – Cybercriminals will rely less on high-volume advanced malware because over time it runs a higher risk of detection. They will instead use lower volume, more targeted attacks to secure a foothold steal user credentials and move unilaterally throughout infiltrated networks. Although the volume of attacks will decrease, the risk is even greater.”
  2. A major data-destruction attack will happen – Historically, most attackers have used a network breach to steal information for profit. In 2014, organizations need to be concerned about nation-states and cybercriminals using a breach to destroy the data. Ransomware will play a part in this trend and move down market to small – and medium-sized organizations.”
  3. Attackers will be more interested in cloud data than your network – Cybercriminals will focus their attacks more on data stored in the cloud vs. data stored on your network. This tactical shift followed the movement of critical business data to cloud-based solutions. Hackers will find that penetrating the data-rick cloud can be easier and more profitable than getting through the “castle walls” of an on-premise enterprise network.”
  4. Redkit, Neutrino and other exploit kits will struggle for power in the wake of the Blackhole author arrest – The Blackhole exploit kit was arguably the most successful in history. Everything changed in October 2013 when “Paunch,” the alleged hacker author behind the famous kit, was arrested in Russia. We will see a fight for market leadership between a number of new entrants and existing exploit kits in 2014. We anticipate Redkit and the Neutrino exploit kit will secure a strong foothold in the coming year.”
  5. Java will remain highly exploitable and highly exploited – with expanded repercussions – Most end points will continue to run older versions of Java and therefore remain extremely exposed to exploitation. IN 2014, cybercriminals will devote more time to findings new uses for tried-and-true attacks and crafting other aspects of advanced, multi-stage attacks. Attackers will reserve zero-day Java exploits for targeting high-value networks with good Java patching practices.”
  6. Attackers will increasingly lure executives and compromise organizations via professional social networks – As social networking continues to appeal to the business community in 2014, attackers will increasingly use professional websites, such as LinkedIn, to research and lure executives. This highly targeted method will be used to gather intelligence and compromise networks.”
  7. Cybercriminals will target the weakest links in the ‘data-exchange chain’ – Attackers will go after the weakest links in the information chain and target the consultants outside of the network who have the most information. This includes consultants, contractors, vendors and others who typically share sensitive information with the large corporate and government entities. And, it turns out, few of these partners have sufficient defenses.”
  8. Mistakes will be made in ‘offensive’ security due to misattribution of an attack’s source – For several years, we’ve been hearing more about ‘offensive’ security, where global governments and enterprises have been threatening retaliatory strikes against anyone caught attacking them or their interests. As in traditional warfare, tactical mistakes will increasingly happen in these cyber trenches. Failure to accurately identify a cyber-perpetrator could result in an innocent organization being caught in the crossfire.”

Source: InformationWeek

How to stay secure:

A company cannot stay secure without the help of every singe employee. Below are some tips that you can follow in order to help your company stay secure:

  • Stay informed on emerging trends and threats, such as phishing, viruses, Trojans, etc. via (newsletters, training, etc.)
  • Follow all policies and procedures including Clean Desk Policy
  • Do not re-use, write down or share passwords under any circumstances
  • Create strong passwords consisting of a combination of capital letters, lowercase letters, special characters, and digits (B36o0d!4975$)
  • Verify someone’s identity before providing them any information

– Kristin Badgett, CSID Information Security Officer

What are your security predictions for 2014? Let us know on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

Load More Posts