No one should assume they are immune from identity theft or having their accounts hacked.
While politicians and top executives are often in the crosshairs of hackers, many people who are not in high profile occupations often become victims as well, said Aaron Brown, a security analyst with the Washington state Office of CyberSecurity, OCS.
"A lot of us wonder, 'what do I have on my computer that hackers would want? I don't do anything top secret or crazy, so why does anyone want my stuff?' " Aaron said, during a recent presentation on CyberSecurity for Home and Family for state workers.
There are many reasons, he said, including simply wanting access to your financial accounts. But beyond that, bad actors often seek to steal identities that allow them to apply for credit cards, get loans and commit insurance fraud - all in someone else's name.
On a simpler level, bad actors may also attempt to hijack your connected devices to launch distributed denial of service (DDoS) attacks on websites or mine cryptocurrencies (digital currency) through cryptojacking.
A DDoS attack is the use of a large number of compromised devices connected to the internet (including security cameras and smart appliances) to target a website with requests. That can bring a website down if the volume of requests exceeds capacity.
Cryptojacking is using someone else's computer without their knowledge to mine cryptocurrencies, such as Bitcoin. This can happen if you inadvertently download malicious software that taps your computer's resources, or if you visit an infected website that mines cryptocurrencies through your browser.
Aaron outlined several steps you can take to protect yourself and your family, including:
- Long passphrase: "Short passwords are easily cracked," Aaron said. "One example of a strong passphrase is using the first letter in each word of your favorite movie quote. 'With great power comes great responsibility' becomes WgpcgrSpiderman2019. Not too hard to remember if you are a Spiderman fan."
- Password manager: There are many options available. With a password manager, you only have to remember one passphrase. The manager can assign and keep track of all the passwords for other accounts.
- Multifactor Factor Authentication (MFA): MFA takes the traditional user identification and password and adds additional authentication factors - something you have, such as a smart phone, or something you are, which generally refers to biometric information such as a thumbprint. Using MFA prevents bad actors from accessing your accounts, even if they have your login and password.
- Antivirus and patching: Antivirus software is not foolproof, but it still provides valuable protection, especially if you keep it updated with the most recent security patches. You should regularly update your computer operating system and software which will fix known security vulnerabilities.
- Back up your files: One of the biggest threats is ransomware, usually spread through malicious email. Backing up your files and keeping the backup disconnected from the internet allows users to safely restore their systems if they become infected. Ransomware encrypts the files of computers and then demands payment to restore them.
Please see the OCS website for more information on how to stay safe online and how to secure your home network.