We are all quite familiar with the situation. We log into our computers to work, read emails, or simply browse the web when suddenly, we receive a pop-up message informing us that it’s once again time to update our computer’s software.
Ideally, we update the software and restart our computers right away. Realistically, we schedule it for another time or simply ignore the recommendation. This decision can lead to vulnerabilities being exploited, which can have devastating outcomes for the end user.
So, what exactly are software updates and patches and what can happen if we ignore these recommendations from the operating system? This along with some best practices on how to keep your system and data safe are topics we will cover in this year’s Cyber Awareness Month.
Since 2004, the President of the United States and Congress have declared the month of October to be Cybersecurity Awareness Month. A month dedicated to raising awareness about the importance of cybersecurity.
As we celebrate the 20th annual Cybersecurity Awareness Month, the 86 Communications Squadron Wing Cybersecurity Office is launching a new awareness program encouraging four simple steps that every individual can take to stay safe online. These are not just actions for Cybersecurity Awareness Month but steps we should all follow every day throughout the year. One of the most important of these, is software updates and system patching.
What are software updates and patches?
General software updates can include a variety of different features that will improve, fix, and replace older versions of the same software. Patches are updates that address specific issues to improve the usability, performance, or security of a program.
Why do software updates and patches need to be installed?
Software updates and patches need to be installed as soon as possible to protect your computer, phone, or other digital device against attackers who aim to take advantage of system vulnerabilities. The Cybersecurity and Infrastructure Security Agency recommends that individuals enable automatic updates so these are installed as soon as they are available. Leaving the system unpatched or out-of-date, can lead to the compromise of data and with computer attacks becoming more and more sophisticated, it is crucial to do everything in your power to protect your data. During 2022, the worldwide number of malware attacks reached 5.5 billion, an increase of two percent compared to the preceding year. In recent years, the highest number of malware attacks was detected in 2018, when 10.5 billion such attacks were reported across the globe.
Where do I get software updates/patches?
Software updates should only be downloaded from trusted vendor websites. Links in emails should not be used since these can link users to websites that then host malicious files disguised as legitimate updates. Most supported operating systems will receive vendor updates that mitigate vulnerabilities, however when these reach end of support, these updates will stop, opening the system up for exploitation. Users should update their systems and be aware of when vendors will cease to provide platform support.
Best practices for software updates
- Enable automatic software updates whenever possible. This will ensure that software updates are installed as quickly as possible
- Do not use unsupported end-of-life software
- Always visit vendor sites directly rather than clicking on advertisements or email links
- Avoid software updates while using untrusted networks
What actions can I take?
The actions and decisions users can take to deter hackers and cybercriminals are not always as complicated as some might think and, in most cases, only take minimal time and effort. This is a small price to pay compared to the devastating effect that data loss can have on businesses and personal livelihoods. The Cybersecurity and Infrastructure Security Agency and National Cybersecurity Alliance have highlighted vital action steps that everyone should take.
5 Things you can do:
Think before you click: Recognize and Report Phishing: If a link looks a little off, think before you click. It could be an attempt to get sensitive information or install malware.
Update your software: Don’t delay — If you see a software update notification, act promptly. Better yet, turn on automatic updates.
Use strong passwords: Use long, unique, and randomly generated passwords. Use password managers to generate and remember different, complex passwords for each account. A password manager will encrypt passwords securing them for you!
Enable multi-factor authentication (MFA): You need more than a password to protect your online accounts, and enabling MFA makes you significantly less likely to get hacked.
Clear browser cache and cookies:
Cookies are small files created by websites you visit to hold information about your online activity generally designed to help improve user experience. Whenever you visit a website, your browser sends this cookie back to the server to provide it with information. Avoiding suspicious websites can limit any vulnerabilities posed by cookies and if you are prompted to accept cookies, the safest option is always “deny.”
Clear browser cache: Acci-dent-ally navigating to an unsecure site may make your system vulnerable and clearing your browser cache can limit the potential to accidentally return. Your browser history functions to help you remember previous web pages, while a cache helps speed up your device’s memory of visiting that site. Steps to clearing your cache depends on the Operating System used as well as the browsing platform.
More tips to keep yourself safe:
- Change your password every so often – at least every six months
- Have your password be complex, and use different passwords for different accounts
- Keep your personal information personal (i.e., Birthday, Mother’s maiden name, favorite color, favorite movie)
- Be wary of the apps you download and only download trusted, reliable apps – be sure to review the permissions you allow the app
- Utilize a multi-factor authentication method (i.e., password and code sent to the email or phone number)
What are some indicators of malicious software on your system?
- Your internet searches are redirected
- You see frequent, random pop-ups
- Your friends receive social media invitations from you that you didn’t send
- Your online password isn’t working
- You observe unexpected software installs
- You receive notifications of logins from unknown devices or locations
- Your system slows down, and you notice programs crashing unexpectedly