Updated February 2022
From phishing emails all the way up to power grid failures and beyond, cyber warfare is no longer something just from science fiction movies.
On December 23, 2015, an unprecedented cyberattack hit Ukraine’s power grid, taking out power for six hours. This event shook the world as the realization that the threat of cyber warfare was now on our power grid’s doorstep.
A ransomware attack in 2021 on Colonial Pipeline shut down nearly 5,500 miles of oil pipelines costing the company $5 million (although with the help of the U.S. government, Colonial Pipeline recovered around $2.3 million of it back).
And while these cyberattacks of aggression seem detached from the average consumer, these threats are real and don’t just occur on the macro-level.
Phishing scams, identity theft, and password attacks affect citizens every day. Any random email, or now, a text message can end up being a scam that, on the low end, gives your computer a virus and, on the high end, costs you thousands of dollars.
Fortunately, knowledge is the great equalizer for cyber-warfare, and our cyber security checklist is here to help provide you with all of the information you need to know to avoid being scammed, hacked, or phished.
What is a Cyberattack?
A cyberattack is an attack conducted “via cyberspace, targeting an enterprise’s use of cyberspace.”
These are malicious and serve to disrupt, disable, destroy, or control a network or infrastructure to destroy data or steal information.
Other targets include IT assets, intellectual networks, and additional sensitive information.
While there are many types of cyber threats and attacks, here are a couple you should be aware of:
- Malware: A malicious form of software designed to harm a computer system by stealing, encrypting, or deleting data, altering core functions, or tracking users’ actions. These commonly take the form of worms, viruses, spyware, and Trojan horses.
- Ransomware: Hackers control and lock a victim’s computer or files for ransom. Most often, ransomware spreads via phishing emails or infected websites.
- Social engineering: These attacks happen when a user is tricked into giving a hacker sensitive information or access to software or data, often by pretending they need help.
- Phishing: A hacker creates a false identity to lure a victim into providing sensitive information, downloading malware, or visiting an infected site. This is the most common type of attack and happens via email, text, and social media.
These attacks are devastating and range from disrupting phone or computer networks to electrical blackouts or the failure of military equipment.
Who is Targeted in Cyberattacks?
Everyone is at risk of being targeted by cybercriminals.
Of the cyberattacks that Verizon investigated in 2020, 72% were large companies, and 28% were small businesses.
Over half (58%) had personal data stolen.
Individuals are targeted as well.
In addition to computers, malware now infects personal devices, including cell phones and tablets, via apps, emails, and more.
Studies show that 86% of Americans believe they experienced a phishing attack.
That’s no surprise, given that just 27% believe that their personal network could be compromised.
Even the most protected agencies in the nation are susceptible to attack.
In a 2018 study, the Department of Homeland Security found that 74% of federal agencies were at risk or at high risk of attack.
How Common are Cyberattacks?
In a word: Extremely.
In 2020, Verizon investigated close to 160,000 cyber threats and attacks instances.
Two in five involved hacking and one-third of attackers used social engineering techniques.
These attacks were often financially motivated (86%), and over half were conducted by organized criminal groups (55%).
Cybersecurity Risk Management
The threat of cyberattacks has never been more prevalent than it is today. According to McAfee, losses from these attacks totaled over $1 trillion worldwide last year.
This is, in part, due to the Covid-19 pandemic. The FBI saw a 300% increase in cybersecurity complaints during the pandemic, most often phishing emails related to charity, vaccinations, and cures.
In addition, there was a 50% increase in cloud computing use due to remote work last year, and the industry is expected to continue to grow another 17% by the end of 2021.
Vulnerabilities in cloud computing are the most damaging, and this increase in use creates endless possibilities for cybercriminals.
It’s expected that a new attack will occur every 11 seconds in 2021. Still, the chance of catching and prosecuting a criminal is less than 1%. This means it’s more important than ever to secure yourself against the threat of cyberattacks.
Not sure where to start? We’ve put together a cyber security risk mitigation checklist to get you started.
Cybersecurity for Businesses
The benefits of cybersecurity in business are endless, including that data and networks are all protected.
Protect your processes and data.
A good IT department is one that routinely monitors, reviews, and updates organizational processes and reports any disturbances.
It also regularly backs up data and stores it in a secure space outside the company network.
Firewalls should be in place to stop hackers and stop employees from viewing potentially compromised websites.
They should be installed on every company device, including cell phones, computers, and tablets.
To protect sensitive information and critical data, ensure that all data is shared on a strict need-to-know basis.
Furthermore, it should be encrypted (business and customer data alike). In the event of a hack, the data will be unreadable and, therefore, useless.
Finally, securing wireless access points and networks will help to nip the threat in the bud. There are several steps you can take to do so, including:
- Ensure the router is set to WiFi Protected Access 2 (WPA-2) with Advanced Encryption Standard (AES) for encryption.
- Your wireless access point should not broadcast its service set identifier (SSID).
- Avoid using Wired-Equivalent Privacy (WEP).
- Make sure any wireless internet access intended for customers is separate from your business network.
If you still don’t feel entirely comfortable, consider investing in data center security, which uses virtual components to protect data.
Update your software.
Do so promptly instead of ignoring the prompts for a system or software update. Not only do these updates improve performance, they often include new or enhanced security features that benefit the user.
One important feature that many updates include is the software patch. These act as a “band-aid” covering critical security holes that allow hackers to exploit a software vulnerability and infect the computer.
Educate all employees.
As businesses continue to pivot to permanently remote workplaces, it’s more important than ever that your employees know cybersecurity threats. Without their help, your business can’t adequately protect finances, assets, or data.
There are a few things your employees should know:
- The common marks of a phishing email (e.g., grammar or spelling mistakes, unfamiliar email addresses, no domain emails).
- How to treat and protect business information.
- Who to contact if cybersecurity is compromised.
To help employees protect your organization, provide them with a protected and locked software system. At the same time, they work remotely to restrict the installation of malicious software.
Should an employee leave your organization, you should take further steps to protect your assets. This includes deleting passwords and accounts across all devices.
Cybersecurity for Individuals
Cyber security is just as crucial for individuals as it is for businesses. Mistakes such as responding to phishing have devastating consequences, including identity theft, compromised bank accounts, credit card fraud, and more.
Luckily, there are steps you can take to protect yourself.
Use strong passwords.
There’s a reason you’re asked to use a combination of letters, numbers, and special characters when creating a new password – the stronger the password, the harder it is for a cybercriminal to hack an account.
With over 613 million passwords stolen, creating a strong, unique password is crucial. Here are a few things to remember when creating one:
The longer, the better. The ideal password is eight characters or longer and uses capital and lowercase letters, numbers, and characters such as !, *, $, and &. Don’t include common words, phrases, or anything related to personal information, such as the name of a pet or parent.
Use two-factor authentication for every account. This type of safeguard requires you to provide a second piece of information to verify that you and you alone are accessing the account. However, don’t use a text message or phone call authentication, as these can be easily intercepted.
Don’t reuse passwords. Every account you have should have its own unique password. The best way to remember each password is to download a password keeper app such as LastPass or write them down and store them in a secure location.
Pay attention to data breaches.
When a business is hacked, and data is compromised, they often send alerts with all necessary information, including what the hackers accessed. When this happens, you need to immediately change your password at the very least and, if payment information was accessed, contact your bank.
Stay ahead of the curve and check periodically for any compromised accounts using a program like Password Checkup or Have I Been Pwned, which allows you to see which emails and passwords are compromised.
Protect your personal data.
By using a virtual private network (VPN), you can help to protect any data you send or receive online, including passwords and bank information. For extra protection, use a VPN on both public and private networks.
Even better, consider investing in a full-service internet security suite. These act as real-time protection against malware (both existing and emerging), including ransomware and viruses. These range in price, but most are between $20 and $100 per year.
How to be Prepared in the Event of a Cyberattack
In an absolutely worst-case scenario, and there’s a cyberattack that shuts down a power grid, you are going to need to have the right supplies in place to handle any potential problems.
Have water on hand.
The first thing you’ll need to have on hand is a steady supply of water. Our emergency drinking water pouches have a five-year shelf life, making them perfect for storing and preserving until you absolutely need to use them.
Stock up on snacks and meals.
After water, the following essential item to have in the case of a severe cyberattack is food.
Keeping a couple packs of snacks in the cupboard is a great idea, but even better planning would include some hot meals and energy bars. The hot meals sold at LifeSecure also have a five-year shelf life.
Grab your radio.
If the power goes out and phone lines are down, you’re still going to need to find a way to communicate with the outside world. Keeping an AM-FM radio on standby is an excellent way to stay updated while waiting for updates. Radio stations will keep you informed if there is any major breaking news.
Pack an emergency supplies backpack.
When a massive cyberattack shuts down an area, you don’t want to be left unprotected. An emergency supplies backpack is designed to respond to any emergency or disaster situation.
LifeSecure sells a RollEvac Easy-Roll-Or-Carry Rolling Conversion Backpack that contains all U.S. Government recommended basic emergency supplies, including masks, a multi-function tool, and meals/water. If you want an all-in-one package, this conversion backpack is the best option available.
Know who to call in the event of a cyber crime.
Should you be a victim of cybercrime, there are important steps you should take, even in minor cases.
First and foremost, contact the authorities. This includes the local police and, in more severe situations, the FBI and Federal Trade Commission (FTC). By alerting them to the crime, you may further their investigations and may help them stop criminals in the future.
If you believe your identity has been stolen, you should do the following:
- Contact the companies and/or banks where the theft occurred
- Put the correct fraud alerts in place and check your credit report for any damage
- Report the theft to the FTC
Being proactive is the best way to protect yourself when it comes to cybersecurity. While most of these tips may seem like common sense, they play a crucial role in fighting cyber crime.
Need Emergency Supplies? Shop LifeSecure Today.
LifeSecure has your back no matter the emergency situation. Don’t be left behind if a cyberattack hits and you need emergency supplies.
LifeSecure’s collection of products is designed to keep you safe, healthy, and free from harm.