#Middlebury #Cybersecurity
By JUSTIN GOLDEN
A recent cybersecurity attack against the Change Healthcare part of Optum, owned by the United Health Group, the largest provider of customer payments and insurance claims across the United States, delayed payments for a prolonged period. That’s because, as is usual for this type of incident, the company took most of its systems offline while the issue was being resolved.
June brought us National Internet Safety Month, first established by the U.S. Senate in 2005. The Cybersecurity & Infrastructure Security Agency (CISA), a division within the Department of Homeland Security, www.cisa.gov, said this was done to raise awareness of internet dangers and highlight the need for education about online safety in government and industry, especially among young people. Since its designation, the number of smartphones has increased, social media’s presence has increased exponentially as have advanced technologies such as artificial intelligence and the amount of time individuals spend online has grown, as have the risks. Studies have shown we all need more education about the risks we face online and how to be safe when using connected devices.
Research indicates that cyberattacks occur due to poor cyber behavior by users. Four simple things CISA encourages everyone to implement now are:
- Turn on multifactor authentication to provide an additional level of security when logging into accounts and application, using a fingerprint or a code sent from an authenticator app or sent to your smartphone. Enable it on all accounts that offer it.
- Update your software. When devices, apps. or software programs notify you that updates are available, install them. Turn on automatic updates if possible.
- Use “strong” passwords (16 characters or more) or passphrases using a sequence of words. A password manager can automatically generate, store and fill in passwords for you. Entropy or randomness is key. Cybercrime is one of opportunity. If you make it difficult for a bad actor, they will move on.
- Recognize and report phishing. Learn to recognize phishing, an email, text or voicemail used to get you to download malicious software, click on a link or provide personal or sensitive information to a cybercriminal. If an offer is too good to be true, it may be someone using social engineering to get you to act on their behalf. Do not click or engage. Report the phishing message and then delete it.
An expression attributed to Thomas Jefferson (but possibly by Irish politician John Curran) is appropriate now: “Eternal vigilance is the price of liberty.” In this case, eternal vigilance is the price of cybersecurity.
Golden Technology Services Inc. helps customers increase their cybersecurity awareness so they can reduce their online risk. Contact them at 972-679-9738 or justin.golden@gtscloud.com.
