CYBERSECURITY

"10 Tips against Cyber Attacks"

Exploiting the panic state and increased internet use in the global COVID-19 outbreak, cybercriminals target end-users and systems with goals and motivations such as making financial gain, stealing personal information, disrupting target systems, taking revenge, advocating an ideology, etc. "10 Tips Against Cyber Attacks" document issued by Consulta IT Department include simple measures against these increasing attacks.

1. Update Smart Devices and Computers Regularly
One of the main reasons why the malware used by hackers are effective on users is the out-of-date devices and apps. As security gaps arise, the producers issue software updates to eliminate these gaps. Thus, one of the most effective methods to prevent such hackers' access to devices is to keep both hardware and software up-to-date.

2. Avoid Free Apps
Don't forget that free cheese comes with the trap. If you don't really have to, avoid downloading and installing suspicious apps to your smart devices or computers. And if you have to, check which devices and applications this app is accessing on your smart device or computer (such as microphone, camera and contacts) and prevent any unessential access.

3. Use Strong Passwords and Password Management Tools
Remember that strong passwords are critical for online security. In fact, passwords are the most important check point to keep the hackers away from your data. Based on the password policy of National Institute of Standards and Technology (NIST), your passwords should be at least eight characters long including uppercase letters, lowercase letters and symbols.

If you have too many passwords and have difficulty managing them, you can use password management tools such as KeePass as your password vault to facilitate your task.

4. Use Dual- or Multi-Factor Authentication
Dual- or multi-factor authentication is a service that adds extra security layers to the standard online authentication method. In a login process that does not require dual-factor authentication, only username and password are used for accessing. However, using an extra authentication method such as personal ID code, password sent to your mobile phone or fingerprint as a second phase of dual-factor authentication provide an extra security measure against unauthorized access.

5. Suspect Identity Theft
Identity theft is higher than ever. In an identity theft attempt, the attacker performs fishing attacks to make the victim disclose personal information, click on malware links or to install malware, Trojan or plug-in to user's system for zero-day attack. And these generally lead to ransom software attacks.

The few important cybersecurity tips that you need to remember about identity theft schemes are:

• Don't open e-mails sent by people whom you don't know
• Check which links are secure and which are not, scroll over the link to see where it will lead you to
• Suspect incoming mails in general, check for the sender and the grammar errors
• Remember that infected friends can also send you malware links. Always be cautious

6. Protect Sensitive and Personal Information
Personal information (such as ID No, Birth Date, Address) may be used by a cybercriminal to identify and find you. Especially be careful about the information that you post on social media. Review your visible personal data using the security settings. Hackers may use these data for their own advantage.

7. Separate Professional and Personal Passwords
Your personal passwords should not be the same as your corporate passwords. You will subscribe to a lot of sites with your personal password and these sites may be hijacked by hackers, and they will surely try your username and password for these sites on your corporate accounts.

8. Don't Use Public Wi-Fi
Don't use public Wi-Fi if you are not using a Virtual Private Network (VPN).  VPN encrypts data traffic and lowers the risk of cybercriminals accessing the data on your device. Connect to internet through your mobile account if you have doubts about the security of the Public Wi-Fi network.

9. Change Router's Default Password
Internet service providers such as Telekom and Superonline deliver the wireless modems with default passwords (such as admin, 1234 etc.). Note that there are applications that can monitor your online traffic easily by scanning these default passwords. So, change the default password before starting to use your modem.

10. Back-up Your Data Regularly
If you become a victim of a ransom software or malware, or face data loss problem due to any reason, the only way to restore your data is to use the latest back-up.