Incident response is an organized approach to addressing and managing the detection and aftermath of a security breach or cyberattack. As technology has developed over the years, so too have the capabilities of bad cyber actors and the attack vectors they can exploit. Knowing what to look for and what precautions to take to be more proactive is vital in today’s day-to-day life, where technology plays such a key role, and virtually all data is stored on computer systems, mobile devices, and email.
Current cybersecurity climate:
One of the lesser-known impacts of the COVID-19 pandemic was its effect on the significant increase in cyber-attacks across all parts of the world. As the lockdown was already in effect, e-commerce skyrocketed. Many malicious actors took note of this change and realized that un-secure banking information was more prevalent than ever, especially in cases where there was little to no experience using online services or securing that type of information properly for those new to those markets. Almost every kind of cyber-attack was noted by monitoring agencies and professionals from 2019 through 2021, which still carries on to this day. These attacks all had one thing in common, from phishing to ransomware to email compromise. In order to be effective, almost all required actions are taken or not taken by the end user.
Simply put, this means that cybersecurity is really in your hands. Deciding to click a link you don’t recognize, choosing not to update your password that is four years old, deciding not to take the time to keep your antivirus updated on your home computer, and clicking that download button on an untrusted site are all choices you can make that could adversely impact your overall security. With a little effort, you can detect these types of attacks and take measures to prevent them before they occur.
What actions can I take:
The actions and decisions users can take to deter hackers and cybercriminals are not always as complicated as some might think and, in most cases, only take minimal time and effort. This is a small price to pay compared to the devastating effect that data loss can have on businesses and personal livelihoods. The Cybersecurity and Infrastructure Security Agency (CISA) and National Cybersecurity Alliance (NCA) have highlighted vital action steps that everyone should take:Four things you can do:
Think before you click: recognize and report phishing: If a link looks a little off, think before you click. It could be an attempt to get sensitive information or install malware.
Update your software: Don’t delay. If you see a software update notification, act promptly. Better yet, turn on automatic updates.
Use strong passwords: Use long, unique, and randomly generated passwords. Use password managers to generate and remember different, complex passwords for each account. A password manager will encrypt passwords securing them for you!
Enable multi-factor authentication: You need more than a password to protect your online accounts, and enabling MFA makes you significantly less likely to get hacked.
More tips to keep yourself safe:
- Change your password every so often — at least every six months.
- Create a complex password and use different passwords for different accounts.
- Keep your personal information personal (i.e., Birthday, Mother’s maiden name, favorite color, favorite movie).
- Be wary of the apps you download and only download trusted, reliable apps – be sure to review the permissions you allow the app.
- Utilize a multi-factor authentication method (i.e., password and code sent to the email or phone number).
How to detect attacks:
Cyber-attacks take many different shapes, sizes, and forms. Noticing and acting on indicators can mean the difference between losing your data or making the correct decision.
What are some indicators of being hacked?
- Your internet searches are redirected.
- You see frequent, random popups.
- Your friends receive social media invitations from you that you didn’t send.
- Your online password isn’t working.
- You observe unexpected software installs.
- You receive notifications of logins from unknown devices or locations.
What to do immediately after being hacked:
- Change your Password.
- Monitor your account and notify any administrators (i.e., your bank, freeze your card).
- Restore your device to a good known state before compromise or fully formatting and restoring device.
- Verify that your antivirus is up to date.