Educating Your Children on Cyber Safety

Educating your children on cyber security

Children are literally growing up “connected.” New social media services pop up like weeds and there is an ever-increasing number of apps and games that connect online. Additionally, many schools are migrating to cloud services, such as Google Drive, and require work to be submitted online. While this connected lifestyle has benefits, there are also risks to your child’s safety. We will explore three common risk areas and what you can do to help your children stay safe.

The Risks

  • Conduct: The lack of physical presence can create a powerful sense of anonymity. This may lead kids to act differently that would in real life.
  • Contact: The lack of physical presence often causes kids to forget that the individual on the other end may not be who they say they are or may not have their best interests in mind.
  • Content: The most popular social media sites focus on ways to capture and post content online, including messages, photos and videos. The temptation for children to “out-post” others or over-share information about themselves is very real and they often do it without realizing the consequences. Children may not realize that publicly posting personal information can lead to identity theft or malware infection.

Educating

  • Safety at Home: Educate your children about safe online behavior and closely monitor online activity.
  • Safety Outside the Home: Emphasize to your children that they should use the same etiquette they use at home when online at school or anywhere else.
  • Online Etiquette: Remember what they say online could go viral or be published in your local newspaper. Educate your children to evaluate their intended comments or postings in this light. “Would you want what you are about to post to be published in the newspaper for all to see and know that you said it?”

Protecting

  • Use parental controls: Many web browsers and mobile phones offer robust features to block objectionable or dangerous content. Third party web-filtering software is also an option.
  • Run malware protection software: Malware protection can provide protection from ‘drive-by’ or otherwise misleading downloads, which children may be tempted to click on.

Recovering From Ransomware

 

recovering from ransomware

Ransomware is a special type of malware that is actively spreading across the internet today threatening to destroy victim’s documents and other files. Ransomware is just one of many different types of malware which has become very common because it is so profitable for criminals.

Ransomware is commonly spread by emailing victims and tricking them into opening an infected attachment or clicking on a link to the attacker’s website. Once this particular type of malware infects your computer it will start encrypting your files or your entire hard drive. You are then locked out of your entire system or cannot access your important files. The malware will inform you that the only way to unlock your system to recover your files is to pay the cyber criminal a ransom to provide you with a password to decrypt your information. Most often the ransom is paid in some form of currency such as Bitcoin.

Should You Pay the Ransom?

The problem with paying the ransom is that often people pay these criminals when they are infected which motivates criminals to infect others. Though you may not have another option to recover your files, there is no guarantee you will get your files back. During the decryption process, you may be infected with additional malware. Decrypting after the ransom is paid doesn’t confirm the ransomware is removed from your device.  Ransomware can stay dormant on your device and attack again later.

Back Up Your Files

The best way to recover from ransomware without paying the ransom is to recover your files from backups. This way even if your computer is infected with ransomware you have a way of recovering files after rebuilding or cleaning up your computer. Keep in mind that if your backup can be accessed from the infected system, ransomware might delete or encrypt your backup files. Therefore, it’s important to back up files to either a reputable cloud-based service or to store your backups on external drives that are not always connected to your system. Be sure to regularly test that you can recover the files you need should your system become infected with ransomware. Backups are important as they also help you recover when you accidentally delete files or your hard drive gives out.

Further Protective Measures

  • The more current your software, the fewer known vulnerabilities your systems will have and the harder it is for cyber criminals to infect them. Therefore make sure your operating system, applications, and devices are enabled to automatically install updates.
  • Use a standard account that has limited privileges rather than privileged accounts such as administrator or root. This prevents many types of malware from being able to install themselves.
  • Cyber criminals often trick people into installing their malware for them. They might send you an email that looks legitimate and contains an attachment or a link.
  • Do not click on suspicious web browser popup windows
  • Do not open files with file extensions that are likely to be associated with malware (e.g., .bat, .com, .exe, .pif, .vbs)
  • Ensure that you have malware protection installed and do not disable malware security control mechanisms (e.g., antivirus software, content filtering software, reputation software, personal firewall) and make sure that they are continuously updated
  • Do not use administrator-level accounts for regular host operation
  • Do not download or execute applications from untrusted sources

Pro Tip: Encryption How To’s

encryption

You have probably heard people talk about using encryption to protect themselves and their information. In this article, we will explain what encryption is, how it protects you and how to implement it properly.

Why Use Encryption?

You might have sensitive information on your devices, such as documents, pictures and emails. If one of your devices were to be stolen, all of your sensitive information would be in someone else’s hands. Encryption protects you in these situations by helping ensure unauthorized people cannot access or modify your information.

How It Works

Encryption converts information into a non-readable format called ciphertext. Today’s encryption works by using complex math operations and a unique secret key, converting information into ciphertext. The key locks or unlocks the encrypted information. Your key could be a file stored on your computer, a password or a combination of the two.

What Can You Encrypt?

There are two types of data to encrypt:

  • Data at rest – such as the data stored on your mobile device
  • Data in motion – such as receiving email or messaging

Encrypting data at rest is vital to protect information in case your computer or mobile device is lost or stolen. Full disk encryption (FDE) is a widely used encryption technique that encrypts the entire drive in your system. This means that everything on the system is automatically encrypted for you. Today, most computers come with FDE but you might have to manually turn it on or enable it. FileVault is used on Mac computers while Windows computers can use Bitlocker or device encryption. Mobile phone encryption for the iPhone and iPads automatically enable FDE once a passcode has been set. Starting with Android 6.0 (Marshmallow), Google is requiring FDE be enabled by default provided the hardware meets certain minimum standards. Please check with your device manufacturer to determine if it supports FDE.

Information in motion is also vulnerable. If data is not encrypted it can be monitored, modified, and captured online. This is why you want to make sure that all sensitive online transactions and communications are encrypted. A common type of encryption for data in motion is HTTPS. This means that traffic between your browser and a website is encrypted. Look for https:// in the URL, a lock icon on your browser or your URL bar turning green.

Key Things to Remember

  • Your encryption is only as strong as your key.
  • If using a passcode or password for your key, make sure it is a strong, unique password.
  • The longer your password the harder it is for an attacker to guess or brute force it.
  • If you can’t remember all of your passwords we recommend a password manager to securely store your passwords.
  • If your device has been compromised or is infected by malware, cyber attackers can bypass your encryption or leverage your secret key to decrypt the data if your key is not stored securely. It is important you take other steps to secure your devices including using anti-virus, strong passwords, and keeping them updated.

What Do You Know About Malware?

Beware malware

Malware, also known as malicious code and malicious software, refers to a program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or operating system or otherwise annoying or disrupting the victim. Malware has become the most significant external threat to most systems, causing widespread damage and disruption, and necessitating extensive recovery efforts within most organizations.

There are five types of malware:

  • Ransomware – Ransomware is a subcategory of malware which typically will block access to computers or data until a payment is made.
  • Trojan – A Trojan is a self-contained, non-replicating program that, while appearing harmless, actually has a hidden malicious purpose. Trojans either replace existing files with malicious versions or add new malicious files to hosts.
  • Spyware – Spyware is a type of malware used to covertly observe a user’s activity and gather information about a user without their knowledge or consent.
  • Virus – A virus self-replicates by inserting copies of itself into host programs, data files or propagating through network file sharing. Viruses are often triggered through user interaction, such as opening a file or running a program.
  • Worm – A worm is a self-replicating, self-contained program that usually executes itself without user intervention.

Signs to Look Out For:

  • Slow performance
  • Unexpected computer crashes
  • Pop-up ads (even when no browser is open)
  • Excessive hard drive activity
  • New browser homepage or toolbars
  • Unexpected Antivirus disabling
  • Lost functionality

Ways To Avoid An Attack: 

  • Do not open suspicious emails oremail attachments, click on hyperlinks, etc. from unknown or known senders, or visit websites that are likely to contain malicious content
  • Do not click on suspicious web browser popup windows
  • Do not open files with file extensions that are likely to be associated with malware (e.g., .bat, .com, .exe, .pif, .vbs)
  • Do not disable malware security control mechanisms (e.g., antivirus software, content filtering software, reputation software, personal firewall) and ensure that they are continuously updated
  • Do not use administrator-level accounts for regular host operation
  • Do not download or execute applications from untrusted sources