How to Implement Cyber Hygiene during COVID-19

Since the Work from Home (WFH) orders in March, there has been a drastic increase in cyber attacks on companies and individuals. The FBI reported that cyberattack claims have increased to more than 4,000 a day. The cybersecurity firm MonsterCloud reported that ransomware attacks have increased 800% since the start of the pandemic. The most recent publicized attack was Garmin’s ransomware attack which shut down their system for several days. Thereby, leaving many pilots and customers unable to use their Garmin products or upload their workout information, respectively.

These attacks are unlikely to go away, and no individual will be immune to its effects. It is increasingly important for those who are now WFH employees to be aware of how to protect our information and our company’s information. The next step is, how do I protect my information now?

The key to protecting your data is to implement Cyber Hygiene into your daily routine. Just like you may brush your teeth and floss every day to maintain dental hygiene, Cyber Hygiene is the cybersecurity protections and habits that you use every day to keep your data safe from cyber-attacks. This can come in a variety of forms, from changing your password every 90 days to running full computer scans every week. The focus is to boost the security of your private data and decrease the likelihood of an online threat. Here are some tips on how to implement cyber hygiene into your daily life:

One of the first things that the majority of people do when they get a new computer, is to install Anti-Virus software. This is the first level of security for your information, and it is a critical part. Normally the software will periodically scan for any threats to your device without alerting you and provides a constant level of protection to your device and data. The most popular and reputable antivirus software are Norton and McAfee, each provides their own unique service packages that offers protection to your computer and phone. These additional services should also be enabled on your devices to increase the security of your data. It is recommended to complete a full scan every month, but since the recent increase of online threats, you should do a full scan on your computer at least once a week.

For the quickest and easiest way to begin protecting yourself from attacks is to implement stronger passwords and Two-Factor Identification procedures. As you may know, the best way to decrease the likelihood of your account(s) being hacked is to include a variety of letters, numbers, and symbols and is longer than 8 characters. You should avoid using any common words, phrases, or personal information in your password and should be updated regularly. Additionally, you should not use the same password for several accounts. Each account should have a different, unique password.

The next step, if available, is to set-up the Two-Factor Identification. This will either be a PIN number, security question, or – if using your phone – Face ID. By adding the additional level of security, it decreases the chance of a cyber attack.

It has been mentioned repeatedly by companies’ IT teams to employees’ emails, but it is true – do not open any email you do not recognize or has an attachment! These “phishing” emails are incredibly common among company emails. Hackers are now becoming more advanced and creating seemingly authentic emails from people or organizations that you may know. The key indicator that it is a scam is by looking at the email address. If it says from Jeff Bezos but the email is from “[email protected]” then you know it is not really from Jeff Bezos and you should not open it.

As mentioned above, you should not click on website links or open any attachment from someone you do not recognize. Even you recognize the name, make sure it is from their actual email and you were expecting something from them. Additionally, use your antivirus software to ensure that the attachment is secure if you are going to open it. Remember, most successful cyberattacks come from employees opening phishing emails with virus-encoded attachments.

Whenever there is a new update to a software or web browser, you should update it sooner rather than later. Updated software includes increased security by covering flaws that were discovered by the programmers and fixed in the current update. Also, by using older software there are more security risks that hackers can use to gain access to your information and infect your network.

If you are using a reputable antivirus software, there is usually an additional feature that informs you whether a website is secure or not and will attempt to block you from the website if it is not secure. This feature should always be enabled due to the rise of “spoof websites” that will look exactly like the one you were looking for. A key indicator it is fake is by the domain name. If you looked for Amazon and the domain says “amazon.net” instead of “amazon.com”, then it is likely a spoof website. These websites use the original website’s reliable reputation to gain unsuspecting customers’ personal information to use or sell later.

If accessing sensitive information on your phone or computer on a public network, it is important to have a VPN. This allows your IP address to be encrypted and redirects your location so potential hackers don’t know where you are. If you are home this may not be as important, but if you are using your phone or computer while in a public setting then it is necessary to use it when outside of the privacy of your home.

In case hackers were to gain access to your data, it is always a good idea to back-up your files. Since the WFH order, the rise in ransomware attacks has caused major problems for companies. Billions of dollars have been spent by companies to gain access to their data again by paying the hacker’s ransom. But there is no guarantee that they will not wipe the data even if they were paid. In case this was to happen, one way to minimize the damage is to back-up the data to an external hard drive beforehand.

While working from home, individuals need to be mindful of the increased risk of cyberattacks as it can deeply affect them or their company. By following these tips, you should greatly decrease the chance of losing your data to a cyberattack. If you install a reputable antivirus software, avoid opening unknown emails and attachments, back-up your data and use strong passwords, it may keep you and your data safe and secure.

For more information on Cyber Hygiene, check out our course and visit Norton’s to-do list to keep you protected.