Since its inception in 2004, the month of September is recognized as National Preparedness Month in the United States of America. Sponsored by the Federal Emergency Management Agency (FEMA), the National Preparedness Month is a part of the governments’ efforts to strengthen the United States’ preparedness capabilities.
The architecture of the National Preparedness month encompasses prevention, protection, response, and recovery efforts to prepare the citizens of the country for all hazards. While general preparedness is essential to getting through an emergency related to a natural disaster or a potential terrorist attack, the same is true of preparing for any cyber-related event.
The theme for this year is Disasters Happen. Prepare Now. Learn How.
Steps to Assess Your Cybersecurity Preparedness
Handling Destructive Malware
Destructive malware presents a direct threat to an organization’s daily operations, directly impacting the availability of critical assets and data. Businesses should increase vigilance and evaluate their capabilities encompassing planning, preparation, detection, and response for such an event.
Destructive malware will utilize popular communication tools to spread, including worms sent through email and instant messages, Trojan horses dropped from web sites, and virus-infected files downloaded from peer-to-peer connections. Malware will also seek to exploit existing vulnerabilities on systems making their entry quiet and easy.
The National Cybersecurity and Communications Integration Center (NCCIC) recommends the following steps to assess your cybersecurity preparedness for handling destructive malware. Here’s the LINK.
Preventing and Responding to Identity Theft
Identity theft, or identity fraud, is a crime that can have substantial financial and emotional consequences. You can be a victim of identity theft even if you never use a computer.
Malicious people may be able to obtain personal information (such as credit card numbers, phone numbers, account numbers, and addresses) by stealing your wallet, overhearing a phone conversation, rummaging through your trash (a practice known as dumpster diving), or picking up a receipt at a restaurant that has your account number on it. If a thief has enough information, he or she may be able to impersonate you to purchase items, open new accounts, or apply for loans.
Unfortunately, there is no way to guarantee that you will not be a victim of online identity theft. However, there are ways to minimize your risk:
• Do business with reputable companies – Before providing any personal or financial information, make sure that you are interacting with a reputable, established company. Some attackers may try to trick you by creating malicious web sites that appear to be legitimate, so you should verify the legitimacy before supplying any information. (See Avoiding Social Engineering and Phishing Attacks and Understanding Web Site Certificates for more information.)
• Take advantage of security features – Passwords and other security features add layers of protection if used appropriately. (See Choosing and Protecting Passwords and Supplementing Passwords for more information.)
• Check privacy policies – Take precautions when providing information, and make sure to check published privacy policies to see how a company will use or distribute your information. (See Protecting Your Privacy and How Anonymous Are You? for more information.) Many companies allow customers to request that their information not be shared with other companies; you should be able to locate the details in your account literature or by contacting the company directly.
• Be careful what information you publicize – Attackers may be able to piece together information from a variety of sources. Avoid posting personal data in public forums. (See Guidelines for Publishing Information Online for more information.)
• Use and maintain anti-virus software and a firewall – Protect yourself against viruses and Trojan horses that may steal or modify the data on your own computer and leave you vulnerable by using anti-virus software and a firewall. (See Understanding Anti-Virus Software and Understanding Firewalls for more information.) Make sure to keep your virus definitions up to date.
• Be aware of your account activity – Pay attention to your statements, and check your credit report yearly. You are entitled to a free copy of your credit report from each of the main credit reporting companies once every twelve months.
Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website.
Ransomware can be devastating to an individual or an organization. Anyone with important data stored on their computer or network is at risk, including government or law enforcement agencies and healthcare systems or other critical infrastructure entities. Recovery can be a difficult process that may require the services of a reputable data recovery specialist, and some victims pay to recover their files. However, there is no guarantee that individuals will recover their files if they pay the ransom.
NCCIC recommends the following precautions to protect users against the threat of ransomware:
• Update software and operating systems with the latest patches. Outdated applications and operating systems are the target of most attacks.
• Never click on links or open attachments in unsolicited emails.
• Backup data on a regular basis. Keep it on a separate device and store it offline.
• Follow safe practices when browsing the Internet. Read Good Security Habits for additional details.
In addition, NCCIC also recommends that organizations employ the following best practices:
• Restrict users’ permissions to install and run software applications, and apply the principle of “least privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through a network.
• Use application whitelisting to allow only approved programs to run on a network.
• Enable strong spam filters to prevent phishing emails from reaching the end users and authenticate inbound email to prevent email spoofing.
• Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users.
• Configure firewalls to block access to known malicious IP addresses.
Mobile App Security
In 2016, the global mobile internet user penetration had exceeded half the world’s population. In 2017, consumers downloaded 178.1 billion mobile apps to their connected devices. In 2022, this figure is projected to grow to 258.2 billion app downloads. Such an explosive growth of mobile apps makes it imperative to have a well defined mobile security preparedness in place.
Here are some quick tips:
• Embrace BYOD, but with a plan. Ensuring a good and effective BYOD security policy has become critical for all businesses today. Read 5 Essential Steps to Ensure a Good BYOD Security Policy for the complete information.
• Ensure Strong authentication for users or your employees with a clear ID on access, both regarding the user and regarding device.
• Use Sandboxing, while building and testing apps to isolate application data and code execution from other apps.
• Protect data in transit. Ideally every single channel where the data goes through starting from creation to transfer to usage – everything has to be secured.
• Ensure a Good Mobile Security Policy. See What Makes a Good Mobile Security Policy for more information.
Some more recommended resources on mobile application security: