Being #CyberResponsible With NCSAM 2021
Every year, October is celebrated as National Cyber Security Awareness Month (NCSAM). This year more than ever, we need this event to be as inclusive as possible. The more strata of organizations do their part in becoming #cyberresponsible, the better chances we have of quelling the huge waves of cyberattacks that we’ve seen this year.
This year saw a resurgence in cybercrime, caused by the ongoing Covid-19 pandemic. Email traps became more and more sophisticated, and became more narrowly targeted. Organizations like WHO and CDC were impersonated for sending phishing emails to already-anxious citizens. Moreover, people were fooled with promises of free covid-19 testing. All in all, there was a 600% rise in cyber attacks due to the coronavirus pandemic.
The online world suffered a spike in email hacking as well. Most notably, ransomware attacks shot up. 2021 saw the wrath of Ransomware 2.0 or the triple extortion ransomware. The trend has shifted from just system-wide encryption to data theft and also selling the collected data up on the dark web.
And of natural course, we also felt the need for better endpoint security. Because we were connecting remotely, from our own devices and networks, the security industry also saw over-the-network attacks spread more widely. We also saw an uptick in cloud-based attacks. Some findings have been recorded on Barracuda’s report titled the State of Office365 Backup.
How can you become more #CyberResponsible?
We all carry the onus of bettering the cybersecurity at our own workplace and on our personal devices. Here are a few best practices we iterate here as part of NCSAM 2021.
- Do not interact with attachments or links if you don’t trust the sender.
- Even if you see a known person, always hover on the sender’s name to expose the real name behind the “from” name. This will help you identify domain spoofing attempts.
- Make sure your email domain is properly protected under DMARC.
- Train yourself to take a step back when reading emails and put aside your natural enthusiasm to respond / interact as fast as possible. Scan the mail for obvious mistakes in spelling and grammar, and other clues which might give away a phishing attempt.
- Don’t connect to work emails over untrusted networks (for e.g., the free wifi at a café) without first ensuring you are encrypting your communication with VPNs or other endpoint security mechanisms.
- Develop the habit of staying abreast of current security news and trends in hacking attempts. For starters, you can take a look at some complete security guides we have published.
- Talk to your IT team to understand the security posture of your website. Verify whether you have implemented the essential tools for protecting sensitive business data.
- As a part of a business with an online presence, undertake employee training and awareness programs. Educate all employees on cybersecurity responsibility and also on damage mitigation protocols if a cyber attack does seep through.
Taking the National Cybersecurity Awareness Month as impetus, let us all work together for a more secure, safe, and productive digital experience.