For those that keep their fingers on the pulse of all things cyber security, you’ll know that it’s currently Cyber Smart Week...
In case you’re unfamiliar, Cyber Smart Week is an annual campaign run by the heroes at CERT NZ - a New Zealand government organisation providing impartial, easy to use information and spreading their knowledge with campaigns to raise awareness.
This year’s campaign sees the launch of CERT NZ’s new programme, Own Your Online, which introduces their campaign theme of ‘Exposed’, to highlight how even the tech savvy fall for scams. By design, scams are often extremely easy to fall for, and now with the recent advances in AI (including the use of tools such as ChatGPT), they are getting more and more convincing and human-like.
To visualise and understand security, it can be helpful to use an analogy. Think of security as a series of nets layered on top of one another, with potential cybersecurity threats dropping from a chute above. The more nets you add with different shaped holes, the more likely it is that these threats will get caught as they fall through. If we add enough nets, it becomes very hard for threats to make their way through and harm us in cyberspace.
What easy, completely free 'nets' can I put in place?
Long, hard-to-guess passwords are a hero’s best sidekick
It is strongly recommended to use phrases of at least four words, such as “DougreallylikesSecurityNetAnalogies”. These are easy for you to remember, but hard for attackers to crack. Use a different phrase for each login you have as, if one site gets hacked, the attackers will try the same password everywhere. There are some super options for password manager applications which will generate and store secure passwords in a vault, allowing you to navigate cyberspace stress-free.
Turn on multi, or two-factor authentication
2FA is a unique time limited code sent to your phone or taken from an app which only you have access to. These codes change and provide another ‘net’ which means if someone has your password, they will also need your device as well. At Hero, we provide our schools with the ability to turn on Multi-Factor Authentication for added security and peace of mind!
Activate ‘auto update’ on apps and devices
Updates aren’t just about new features; most updates also include fixes for weaknesses and vulnerabilities that could let attackers in. Turn on automatic updates and let your device do the updates for you!
Set your social media settings to private
Make sure your social media settings are switched over to ‘private’ or ‘friends only’ - this way you can control what information you share, and who you’re sharing it with. Scams are far more convincing if the scammer knows personal information about you, your family, or your friends.
Think before you click!
Be wary of opening links and attachments in text messages, emails or social media. These can be used by attackers to get hold of your personal details, or to install malware on your device. Be particularly careful when you read a message and you feel an urgency to act immediately. When you’re scared, outraged or feel a time-pressure to act, you can experience a lapse in judgement. Scammers then use this to their advantage, getting you to click without thinking. Even if you think it is legitimate, it is best to visit the organisation’s website directly or contact them using another method rather than clicking on email links.
As the world continues to evolve, shift and change, so too will the steps we can take to protect ourselves online. It’s crucial that we remain vigilant, with nets at the ready, to block whatever threats may come our way.
Luckily, organisations such as CERT NZ are here to support this effort. The ownyouronline.govt.nz site provides short, easy to understand guides with powerful advice on how to secure your computer systems. By tapping into, and sharing these freely available resources, we can equip ourselves with the superpowers to become our very own cyber-heroes!
Remember to Report It
If you, or someone you know, experiences an online security incident, report it to CERT NZ. They are here to help New Zealanders protect and recover from online security threats and incidents.