2019 Cybersecurity Awareness Month File and Link Security
Cybersecurity Awareness Month: File and Link Security
Did you win that cruise, Las Vegas? Human Error on the Street
Malware is short for malicious software. Malware can be installed on a computer is many ways without the user's knowledge or consent. Once installed, malware can have devastating effects on a computer and open the user to identity theft, monetary theft, and extortion. Malware is easier to avoid than it is to remove, and through smart computer use and good antivirus/antimalware software, you can stay safe.
Ransomware encrypts files (documents, photos, etc.) and the files can be decrypted only if the victim pays a ransom. Not only are the files on the computer encrypted, usually everything on any connected drive (external hard drives, USB drives, network shares, etc.) are encrypted as well. If your computer becomes infected with ransomware, we probably will also lose everything on all school district network drives that you have access to. Five Hundred Schools Have Been Hit by Ransomware so far in 2019. That is a significant increase from 119 cyber incidents in 2018.
Be careful with free software. There are lots of free programs out there that install malware in the background. That free PDF utility or media player may also include a keystroke logger, which records everything you type, or a cryptominer, which takes over your computer's resources and uses them for cryptocurrency mining, slowing your computer to a crawl. It is good practice to check with your school's Technology Specialist before installing any software.
Cyber Safety-What are your employees downloading?
File types commonly used in malware-related spam:
- EXE
- SCR
- VBS
- RTF
- DOC
- JPEG
- ZIP
That doesn't mean that every attachment that is one of these file types contains malware, but you always should treat them with suspicion.
Stay away from pirate websites. There are lots of illegal file-sharing services where you can download movies, music, fonts, software, etc. These websites are notorious for infected files. While it is tempting to get a free copy of Photoshop or the latest movie, they are dangerous to download. (Not to mention that illegal file-sharing deprives artists and programmers of the compensation they have worked hard for.)
Don't plug in unfamiliar removable drives. Some types of malware can spread by copying themselves to USB flash drives or other removable drives. There are malicious individuals that intentionally prepare and distribute infected drives—leaving these drives in public places to victimize unsuspecting individuals. Only use removable drives that you are familiar with or that come from a trusted source.
Make sure your computer has good antivirus/antimalware software. Antivirus software is an absolute necessity. There are many good antivirus/antimalware products available, both commercial and free. While free antivirus/antimalware products can be effective, generally they do not offer the same level of protection as commercial products.
Up-to-date on updates: Keeping your software fresh
Software updates are sort of like vitamins: Not everyone thinks about them, but everyone needs them, and they can make a big difference in keeping a system healthy. Updates help keep a piece of software or a system current. Because new threats are being developed all the time, manufacturers will send out fixes and updates to help protect their users from new threats — or just from problems they didn’t find when the software was first made. If someone discovers a security problem in a program and a user doesn’t download the update to fix the problem, they’re basically leaving a door open. You take a big step in protecting your system when you’re smart about updates. Here are some tips:
- Always update The Big Three:
- Security software (Antivirus, firewall, etc.)
- Web browser (Chrome, Firefox, Edge, Safari, etc.)
- Operating system (Windows, Mac OS, Android, iOS, etc.)
- Enable auto-update. Check your programs’ Settings; usually there is an option to automatically download new updates whenever one is available.
Truthfully, I hate updates, too. How many times have I started a "quick" reboot, only to be greeted with an Installing update 1 of 24 screen? However, many of these updates are for security, and not installing them is like leaving your front door unlocked.
Webpage Link Safety
Webpage links can be manipulated to go to different places than they appear. There are a couple of red flags to watch out for:
- The link is shortened
- The link has a bunch of strange characters
You can check suspicous links before clicking them:
- Unshorten a shortened link: URL unshorteners like Unshorten.It! will analyze the website for safety and let you see it before you decide whether to proceed.
- Use a website safety-check tool: you can use an objective website safety checker like Google Safe Browsing. Google discovers thousands of new unsafe sites, many of which are legitimate websites that have been compromised. You can search to see whether a website is currently dangerous to visit.
Please treat any link or email attachment with suspicion. We have an interactive flow chart on the school district website, Is that email safe?, to help you decide what to do with email. Please consult the flow chart when you receive an email you are unsure about. Technology Department staff are happy to advise you, if needed. It takes only one person opening an infected email attachment to bring down the entire network.