Since so much of our time is spent online, including time spent on our Forum, it makes sense to post some cyber security tips and definitions so we can better understand the online realm and protect ourselves from cyber-attacks. After all, it’s October, and since 2004 this has been a month to spread cyber security awareness.
Cyber Security Month
The government weighs in with the information below:
Read “A Proclamation on Cybersecurity Awareness Month, 2022″ from the White House on this important subject.
Here’s a blog post from the “Cybersecurity Awareness Month 2022: Updating Software.”(NIST) titled
The CyberSecurity & Infrastructure Security Agency (CISA) also put out “See Yourself in Cyber.”
Firefox and Cyber Security Tips
Check out this link from the Firefox site (dubbed “The account that protects you rather than profits off you”). It details topics such as:
- Password Manager
- Email Manager
- Privacy Report (see what’s been hacked)
- Keep Facebook from Watching You
- Quick-Erase Your History
New articles from summer and fall of 2022 include:
- Privacy online just got easier with today’s Firefox release
- Protect your privacy and your phone number with Firefox Relay
- How Firefox’s Total Cookie Protection and container extensions work together
- Parents want to keep their kids safe online. But are parental controls the answer?
- Kids are growing up in a very online world. What’s a concerned parent to do?
Mozilla is a Good Source of Information for Cyber Security Tips and Explanations
Mozilla just recently sent an email to users, which I share below. It details acronyms and terms we should all know, but probably don’t.
Cyber Security Tips and Terms Per Mozilla
See how to get a VPN here.
A glossary of terms about cyberattacks, from ransomware to DDoS
If you read news about technology, you’re bound to run into some jargon. Here at Mozilla, we believe that information should be as accessible as possible regardless of your level of expertise. We want to help you approach stories about technology with more curiosity and with a little less head-scratching involved. We’ll break down headline-making topics through a glossary of terms often used to discuss them. Consider it your cheat sheet to all things tech.
This month, we’ll give you terms to know about cyberattacks.
First, let’s define a cyberattack
A cyberattack is an effort to target a computer network or remotely cause damage, whether that’s stealing information like credit card numbers or disabling systems. Everything from the websites we visit to the apps we use to our communications online are vulnerable.
Other terms to know:
Brute force attack
An attacker uses software to generate password combinations to get into an account or a system.
DoS and DDoS attacks
Let’s say you own a flower shop. A group of people, with no intention of buying flowers, crowds the entrance. Now, real customers can’t go inside.
A denial-of-service attack, or DoS attack, works similarly. A hacker floods a server or network with useless traffic so a website becomes inaccessible to people who want to visit the site. A distributed denial-of-service attack, or DDoS attack, deploys traffic from thousands of different sources so it’s harder to stop.
Short for malicious software, malware generally refers to any program designed to take harmful actions against a computer system or network. They steal data or money, bypass security systems and disrupt an organization’s operations. Malware can hit targets via phishing or taking advantage of vulnerabilities in a system.
A monster-in-the-middle attack intercepts data between two devices. A hacker could gain access to email accounts, or hijack a Wi-Fi connection or traffic between a computer and a website.
Attackers pretend to be a trustworthy entity via email or a fake website to get you to provide personal information to access your accounts, like your bank or your work network. They may advantage of events like natural disasters (sham payouts after Hurricane Katrina), economic downturns (IRS scams) or holidays (fraudulent shopping deals). Clues of a phishing attack include suspicious email addresses and attachments, as well as spelling and grammatical errors in the copy.
Hackers use ransomware to encrypt files on a device or system so that they’re unusable until an entity or organization meets a demand, e.g. money. Attackers asks for a ransom in exchange for decrypting the files and may also threaten to sell or leak data..
A common hacker trick, a structured query language or SQL injection is used to steal usernames and passwords, credit card numbers and other data entered into a web form. The attacker inserts or modifies code in a vulnerable database to command access to the sensitive information.
Worms and viruses
Like in the 1988 Morris attack, worms are malware that can spread via a network connection. They don’t need a host to self-replicate, unlike viruses, which typically attach themselves to documents, email attachments and infected websites. Once the host is activated, viruses can destroy files and slow down systems.