Twitter Chat held 13 October 'The ABCs of Cyber Hygiene' #GCAchat

October is Cybersecurity and Cybersecurity Awareness Month so @GlobalCyberAlln held a Twitter Chat alongside @CyberSecMonth @takefive @Cyber_Readiness @GetSafeOnline @APWG @apwg_eu @cybertechaccord @MKaiserDDC @Proven_Data @WhiteHawk_Inc @S4Networks supported by @CarpeDiemCyber and @EMEA_GCA with a series of questions on basic cyber hygiene. Here is the Q & A transcript (with many of the #'s removed for ease of following). Thanks have to go out to all participants for their contributions - hopefully we have accurately replicated the responses - the questions and answers came fast and furious! Feel free to continue the chat here!

Q1. What is a cyber attack?

@Cyber_Readiness : A cyber-attack can happen to anyone at anytime. If you are unprepared in the face of an attack, its effects can be devastating. An attack exploits vulnerabilities in weak passwords to access your company’s network. Sign up for our Program at BeCyberReady.com.
@Proven_Data : We agree. Businesses of all sizes are susceptible to these cyber attacks and everyone at a company must participate in helping keep safe from malware and attacks. Stay safe out there!

@GetSafeOnline : It’s an attack launched against one or more computers, networks or mobile devices. Anything from a phishing email to one person to a data breach on a multinational company. Here we’re referring mainly to phishing attacks.

@Proven_Data : A cyber attack is when an individual or company is compromised in their cybersecurity. It could be a DataBreach that leaks client data. Ranging from ransomware to malware attacks, these threats are evolving and it’s important that we all BeCyberSmart and stay safe!

@APWG : CyberAttack is an illegitimate intrusion aiming to alter the confidentiality, integrity and availability of the victim’s information.

@cybertechaccord : Simply put, a cyberattack is an attempt to expose, alter, disable, destroy, steal or gain unauthorized access to a computer or online data.
@CarpeDiemCyber : Yep - everyone - don’t forget the “alter” which can be the very worst (e.g., hospitals).

Q2. What tactics are used by criminals to target you with cyber scams?

@GetSafeOnline : They impersonate suppliers you pay regularly or a govt body like HMRC. Messages range from hoax scam warnings, ‘avoid a penalty’ or don’t miss a great offer. Or from a ‘senior manager’ telling you to make a one-off payment. Our business website at getsafeonline.org/business is a good place to find the main scams, and how to deal with them

@CarpeDiemCyber : There is phishing. And phishing. Also phisning. So much is just a variant of that - impersonation. Water holes are also used - websites that are designed to draw in particular visitors. Another type of impersonation.

@S4Networks : Recently they started similar to @GooglePay scratch method using phishing clicks by adding Google images.

@Proven_Data : Cyber criminals are using phishing attacks to try and get employees to download malware such as ransomware.

@apwg_eu : Criminals use SocialEngineering techniques such as phishing, vishing, smishing or impersonation to target their victims and steal their confidential information.

@cybertechaccord : By far the most common tactic used is phishing – trying to get you to voluntarily reveal the data they need. We often see topical lures, for example a lot of phishing attempts that use “COVID-19” to target users

@Proven_Data : Make sure employees are trained to detect phishing attacks and report any suspicious activity. There are newer scams that are taking advantage of the COVID19 hysteria to try and get employees to click on malicious links.

@WhiteHawk_Inc : One common method used by criminals because its the most successful is Phishing. But keyloggers and email scams (Business Email Compromise) are also a common way for threat actors to target your passwords and personally identifiable information.

@takefive : Criminals use tactics such as social engineering to trick people into revealing their personal/financial info. Links and attachments contained in emails could lead to your device being infected with malware or to fake websites designed to obtain your information. They may also exploit data breaches to send seemingly genuine emails purporting to be from the impacted company

@MKaiserDDC : Getting you to do something you shouldn’t using emotional appeals, need for quick action, alerting to a problem, a breaking news story, piggy backing on a news story–fund raising after a disaster. To name just a few :slight_smile:

@CyberSecMonth : Criminals use novel tactics to target employees with cyber scams. Stop your business from being scammed! Check out our CyberSecMonth infographic cybersecuritymonth.eu/resources/cybe…
Would you fall for an online scam? Take our quiz here to see how cyber savvy you are! EUSurvey - Survey

Q3. What signs indicate that I’ve fallen to a cyber attack?

@CarpeDiemCyber : You have no money in your bank or brokerage account. Actually there can be many. But they all can have REAL CONSEQUENCES. Your online accounts may be accessed or owned by another. If you have trouble accessing an account, or if your computer behaves in an unexpected way, check it out.

@GetSafeOnline : With a malware infection your device could run slowly or you’ll get pop ups. Your webcam could be activated or your files could be locked for ransom. But often, the first indication isn’t until your bank account has been emptied, or you can’t get credit.

@Proven_Data : You might be a victim of ransomware if your files have renamed extensions and all the data is encrypted. Employees will not be able to access business documents and software if the malware is on your company network.

@APWG : Losing access to your account or computer is the very first sign of a cyberattack.

@takefive : If you notice transactions you don’t recognise on your bank statement or receive unexpected or suspicious looking pop-ups, it could be an indication you’ve fallen for a cyber-attack.

Q4. How can I protect myself against phishing emails?

@CarpeDiemCyber : 1) Use caution in responding to emails or opening attachments. 2) Ensure your mail provider is using DMARC. 3) Turn on a protective DNS service like @Quad9DNS. 4) Never click on links in email, and always separately verify contact information.

@Cyber_Readiness : The best way to catch a phishing attempt is to make sure you verify the sender of an email by hovering over the sender’s name. Before you click on any link in an email or text, make sure you can verify the sender. For more on phishing, visit BeCyberReady.com.
@CarpeDiemCyber : If you get an email from a bank, don’t call the number in the email. Separately look up the number and call that one.
@GlobalCyberAlln : And remember your bank will never ask for your personal information via email! Don’t click those links!

@GetSafeOnline : Always ask yourself would that person or organisation really send that email? Or is it too good to be true? If in any doubt, call the person or organisation on the number you know to be correct.

@MKaiserDDC : Unfortunately in some cases, say a botnet, very few indicators. In others, funds being withdrawn from a bank, unknown credit card charges, social media accounts being taken over.

@cybertechaccord : Use multifactor authentication and be vigilant. Be on the lookout for emails that sound urgent, have bad spelling or grammar, or include strange emails or suspicious links. For more information on multifactor authentication, check out our blog. bit.ly/34ENJZk

@takefive : Criminals use spoofing to convince you you’re being contacted by trusted organisations using seemingly official logos and branding. Be wary of emails asking you to urgently update your payment details or personal information. Instead of clicking on links or attachments contained in emails, TakeFive and login to your account directly to confirm any requests. If you receive a scam email you can forward it to report@phishing.gov.uk

@apwg_eu : Malicious emails pretend to be from reputable sources, luring the victim to provide sensitive information. Stop, think, and never provide your confidential information via email!

@MKaiserDDC : Always view your in box with a high level of suspicion. Understand how easy it is for anyone to get something in front of you.

@CyberSecMonth : Digital scammers want our digital and financial details and try to get them with fraudulent emails! Watch our video for tips on how you can protect yourself from phising, smishing and vishing! How responding to a strange email could put you into financial trouble? To start with DO NOT readily click on links in emails from unknown sources and DO NOT disclose your bank details!

@EMEA_GCA : As well as staying vigilant also consider using DMARC to protect your business domain from being spoofed. Our Setup Guide can get you started: https://dmarc.globalcyberalliance.org/

Q5. How do I update (patch) the software on my devices and what is the importance of doing so?

@GetSafeOnline : You’ll often get a notification that updates are available, do it then. Better still, set software and operating systems to update automatically. The same goes for apps, but always check in your app store if they’ve been applied.
@CarpeDiemCyber : Absolutely, but do NOT NOT NOT click a link in an email that tells you to do so to “update your software.”

@Cyber_Readiness : The easiest way to stay updated with newly released patches is to turn auto-update on. Patches are important because they provide crucial security updates that better protect you against cyber attacks. Hackers look for unpatched holes to gain entry to your devices.

@GetSafeOnline : It’s one of the most important things you can do, as unpatched software can represent a major Achilles heel for any company (or individual).

@APWG : Old software may contain well-known vulnerabilities that BlackHatHackers use to perpetrate their intrusion. Software updates are usually released by providers, just click and download the latest version to keep your devices up to date.

@Cyber_Readiness : The easiest way to stay updated with newly released patches is to turn auto-update on. Patches are important because they provide crucial security updates that better protect you against cyber attacks. Hackers look for unpatched holes to gain entry to your devices.

@cybertechaccord : Make sure that you accept and install the security updates that your vendors share ASAP. Otherwise, if you are responsible for patching for an organization, check out this blog.cybertechaccord.org/basic-cyber-hy…

@Proven_Data : Most operating systems (Windows + Mac) have the option to enable automatic updates which will prompt a notification every time there is a new software update. Keeping software updated will ensure the latest security vulnerabilities are closed!

Q6. How can I check if a website is safe to visit?

@EMEA_GCA : Quad9 from @Quad9DNS will prevent you accessing a website if it is known to be malicious - it’s quick to set up and it’s free! https://www.quad9.net/

@CarpeDiemCyber : There are lot’s of ways. Browsers or search engines may tell you something is suspicious, and many security programs offer browser extensions to warn you. Protective DNS services like @Quad9 help. Do not rely on whether a website looks legitimate.

@S4Networks: SSL pad icon is one of the method.

@GetSafeOnline : Quad9 protects from accessing known malicious websites by leveraging threat intelligence from multiple industry leaders. Some AV programmes also warn and/or block malicious sites

@apwg_eu : Check the different BrowserSafetyTools, make sure any website you visit uses HTTPS and check where a link is going to take you before you click on it.

@takefive : Checking the domain of websites can help you identify if they’re safe to visit. Criminals are experts at creating fake sites; making small changes to the URL to trick you into accessing them by including additional letters, symbols or numbers. You can protect yourself further by accessing websites you’re purchasing from by typing it directly into your web browser instead of clicking on links in unsolicited emails

Q7. One of my online accounts was hacked, and I’m worried they might be able to get into my other accounts. What should I do?

@GetSafeOnline : Change the password immediately. If you’ve used the same password on more than one account, which you definitely shouldn’t, change all those passwords to unique ones too. And be sure to use 2FA when it’s an option.

@Cyber_Readiness : If any of your other accounts use the same or a similar password, start by changing all of your passwords to something completely different. Also, be sure to turn on multi-factor authentication for your accounts to add another layer of protection.

@Proven_Data : Having a unique password on each of your online accounts can keep them safe in case one is compromised in a DataBreach. HavingTwoFactorAuthentication enabled is an extra layer of security that can keep unauthorized users out!

@APWG : Using the same password in your accounts is a very bad habit. If this is your case, check that you still have access to your accounts and start by changing all your passwords. Using a password manager is a good idea.

@cybertechaccord : You are right to be worried. Change your passwords, particularly if you are reusing them, and turn on multifactor authentication.

@MKaiserDDC : If you used the same password on any other account, CHANGE IT! Take this moment to implement strong authentication usually known as Multi-factor authentication or 2 factor authentication. Get a security key such as Yubico or Google Titan Key

@CarpeDiemCyber : The first questions you should ask yourself are: did I reuse that password anywhere, and is the compromised account one I use to recover a password for other services. Either can be a big problem.

@EMEA_GCA : Also try checking whether your email address has been involved in a breach by checking the Have I Been Pwned website accessible here: gcatoolkit.org/tool/have-i-be…

Q8. It’s difficult to remember the #passwords for all of my different online accounts; what should I do?

@CarpeDiemCyber : Use a password manager.

@Cyber_Readiness : You can use a password manager that will remember your different online account information for you. Be sure to do your research into which password manager is the most secure.

@GetSafeOnline : Yes most of us have many more passwords than we thought, most we’ve long-since forgotten about. There are all sorts of stats. A reputable online password manager is a really good idea, but get reviews & make sure it has 2FA.

@Proven_Data : We recommend installing a password manager (such as LastPass) that will help users store strong passwords for each of their login credentials.

@cybertechaccord : Using multifactor authentication and a reputable password manager is the best way to avoid this problem and keep your accounts safe.

@apwg_eu : Password Management Applications only require memorising ONE master password! They take care of the rest!

@MKaiserDDC : Using a password manager is the obvious choice. However, it is OK to write passwords down and store them safely. Cybersecurity is about risk reduction. So if safely stored passwords would require a physical presence to compromise that’s reducing risk

Q9. What information should I backup and how often?

@Cyber_Readiness : Backups are particularly important when it comes to ransomware. Prioritize your data and back it up. Make sure you can re-install from the backups, which are often in the cloud, and that the backups are tested frequently. Ransomware Playbook: bit.ly/3dj7rO8.

@EMEA_GCA : And don’t forget checking the resources available in this amazing project by Europol / EC3Europol : nomoreransom.org

@CarpeDiemCyber : The easy answer is Everything, All the Time. In prioritizing, focus on the things you can’t replace (family photos) and financial or other key records.

@GetSafeOnline : Basically, everything you’re going to need for your business. Secure Cloud storage is best and generally easiest, but assess against your needs. Ensure it’s accessible. Consider physical backups, but they need to be secure.
Ever needed info for an audit trail, only to remember it hadn’t been backed up? Inconvenient and possibly dangerous to your business’s revenue, reputation and legality

@APWG : Information should be saved and backed every time you update it. Saving your information in your computer, in an external disk, and in the cloud is a very good practice!

@cybertechaccord : It really depends on your data. However, we encourage you to have a regular schedule of automatic updates for all your data.

@MKaiserDDC : Anything for which you only have one electronic copy especially if that copy is stored on a local device–like your PC or laptop.

Q10. What steps should I take if I’ve fallen for a cyber scam?

@CarpeDiemCyber : Good resources for different events can be found here: fraudsupport.org

@GetSafeOnline : If it’s still going on, get it closed down ASAP! Report it to the correct authorities – probably the police and if there’s a data breach, the data regulator. And your bank in case money is recoverable.

@APWG : Forward phishing or malicious emails to reportphishing@apwg.org
@EMEA_GCA : And in the UK you can forward suspicious emails to NCSC : ncsc.gov.uk/information/re…

@cybertechaccord : It depends on the nature of the scam. Firstly, you need to protect yourself from further risk, so change any passwords, notify your bank and talk to your CERT. Then, report the scam and try get your money or assets back.
@GlobalCyberAlln : Yes! This is exactly why basic cyberhygiene steps taken now will protect you and reduce your risk of falling victim to cyber scams!

@MKaiserDDC : Depends what’s been done and what’s lost. If a credit card or banking info alert those companies, consider at credit monitoring if not a freeze. Check other accounts for malicious activity, change passwords where appropriate, stay vigilant for other suspicious activity

@takefive : If you believe you’ve fallen for a scam, contact your bank immediately on a number you know to be correct, such as the one listed on your statement, your bank’s website or on the back of your debit or credit card
For more information on how to stay safe from fraud and scams from @TakeFive visit takefive-stopfraud.org.uk

What a great Twitter Chat we had! If you’d like any further information or any of your own questions answered we are all here for you! We will also be repeating the chat in French, Spanish and German later this month!