Cybersecurity Tips During the Pandemic

cspan.jpg

Recently, I attended a Risk/Security conference for the day gig. I always get excited over the new technologies and possibilities, but the warnings and dangers always make me want to hide under my desk. (And I turned into fan girl when Neil deGrasse Tyson presented one of the keynote speeches.) Here’s what I learned about cybersecurity and working during the pandemic:

  • The pandemic has taught us that we need to be flexible and ready to change. Everyone has had to adapt to new ways of doing things.

  • Because users are not always working in their traditional offices, they expect applications, systems, and websites to work on different devices. If they don’t they often go elsewhere. (This means that your website/blog needs to be mobile friendly.)

  • Hacks, phishing campaigns, and ransomware attacks have increased with everyone working at home and connecting remotely. You need to be alert and careful.

  • Do NOT click on anything (e.g. links, email addresses, attachments, pictures, recipes, games, surveys) that you don’t know where it came from. If it looks fishy, delete it.

  • Data is extremely valuable to hackers.

  • Nomoreransom.org is a valuable resource if you experience a ransomware attack. Help and good advice are available. It also has some deencryption tools. (Ransomware is when someone installs malware on your device. It becomes active and encrypts your files. You’ll receive a request for payment in order to return your data. Often, this malware also steals copies your data.)

  • Human error or human behavior (clicking on things) causes 90% of the cyber attacks.

  • As a consumer/user, make thoughtful decisions and know how to avoid security risks.

  • Email is one of the top ways that hackers get access to you.

  • Make sure that you back up your files regularly. Your data is important.

  • Use a SPAM filter to get rid of unwanted email.

  • Make sure that you have anti-virus software on your computer and that it is current.

  • Stay current with your patches and updates. These include updates and security fixes for vulnerabilities. There are regular patches for your operating system, and often, software you use will have updates.

  • In 2020, there’s been a 71% increase in malware on mobile devices.

IMG_6119.jpg

#TBR Tuesday - What I've Been Reading - Ellen Bryon and Harlan Coben

#TBR Tuesday.png

The pandemic and the stay-at-home orders have helped me get a jump on my Goodreads Challenge 2020. I have a TBR (To Be Read) shelf in my office, and there’s a stack of library books on my night stand. I’m going to try to be better about sharing what I’m reading and enjoying.

My mystery/thriller bookcase has turned into two in my new office, and the books are spilling over into the cubby shelves of my craft area. I have a feeling it won’t be long until it’s all books.

I like lots of genres, but I always gravitate to mysteries, suspense, and thrillers. I don’t always start at the beginning of a series, especially if I found a new author at the library, but if I like it, I try to go back and catch up on what I missed.

My TBR Shelf at the Moment…

My TBR Shelf at the Moment…

Here’s What I’ve Been Reading Lately

I love Ellen Byron/Maria DiRico. Her mysteries are funny, and the characters are quirky. I’m finishing her Cajun Country Mystery series. They are well worth it. These are great summer reads. I love the Louisiana flare and all of the bayou traditions. Her characters are fun, and the mysteries have lots of twists. I read Body on the Bayou, Mardi Gras Murders, and Fatal Cajun Festival recently.

Check out her new series as Maria DiRico. The Catering Hall Mystery series is set in the Astoria neighborhood of Queens, NY. I look forward to reading more. (I love her grandmother and the cat.)

Recently we watched The Five on Netflix, and I hadn’t read much by Harlan Coben. This spring, I started his Myron Bolitar series. I’ve read Deal Breaker and Drop Shot. I like his edgy characters and the thrillers set in the world of a sports agent. The stories are action-packed, and I like the twists and turns that snake through every chapter. I’m watching The Stranger on Netflix and still trying to piece together all the different storylines.

What’s up Next

Right now, I’m reading Lori Rader-Day’s The Lucky One.

For more book ideas, follow me on Goodreads and BookBub.

What are you reading on #TBRTuesday?

Cyber Security Tips for Writers

cybersecurity.png

I attended a cyber security discussion this week, and these are good reminders for anyone who is on the internet. Cybercrime is a real threat to everyone. (Thanks, Peter for the great presentation!)

  1. Just like physical security, if you see something odd, say something.

  2. Hackers look for easy routes to attack or access your system. Don’t be an easy target.

  3. When you buy devices that connect to your home internet, make sure you change the password from the manufacturer’s settings. (This means cameras, routers, and other smart devices. These can also be hacked.)

  4. Phones are easy targets for hackers. Make sure yours is secure. Be careful of public wifi.

  5. Change your password frequently. Don’t use the same password for all of your sites.

  6. People post a lot of personal information on social media sites. Don’t use your street name or pets’ names for passwords. Those passwords are easier to guess from the information you post on social media..

  7. Passphrases are harder to guess. These are longer phrases or sentences that have meaning to you.

  8. Everyone has a lot of passwords to remember. Don’t write them down. Use a password locker like KeePass or Password Safe to store them securely.

  9. Don’t click on links you don’t recognize.

  10. Never give out personal information unless you’re on a secure site (https).

  11. Make sure you install updates and patches on your devices regularly. Many of these fix security issues.

  12. Pay attention to details. Check your bank and credit card statements. Follow up if there are unknown charges (especially small ones).

  13. Here are some terms that everyone needs to be aware of:

    1. phishing - This is when someone sends an email, designed to look like one from a specific person or company to trick users into providing personal or financial information.

    2. spear phishing - This is when a phishing campaign is targeted at specific people.

    3. vishing - This is when someone calls or leaves voicemail messages that appears to come from a reputable company. The idea is to trick the person into revealing personal or financial information.

    4. SMishing - This is the practice of sending text messages with the intent of tricking the receiver into providing personal or financial information. (It gets its name from SMS Short Message Service [texting]).

    5. juice jackng - This is when a public charging station is contaminated with malware or viruses that infect the unsuspecting user.

    It’s a big, crazy world out there. Be careful and be aware.

Computer and Data Security for Authors

I returned from a rainy week in Orlando to buckets of rain in Central Virginia. I went to an IT conference and heard about all kinds of new technology. One of the highlights was when I had liquid nitrogen ice cream. Literally, too cool. The smoky fog (and probably all the rain outside) gave me flashbacks to the "Creature from the Black Lagoon" and "Swamp Thing."

nit.jpg

While I was there, I had the pleasure of attending Dr. Eric Cole's keynote presentation on IT Security. Many of the key points relate to authors. It's important to protect your data and your devices.

He reminded the audience that most people buy security/alarm systems AFTER a break in. Security should be a constant thought in order to defend against hacks and attacks. You need to be prepared.

As a user, you need to be aware of passwords. Don't use the same one for everything. You're giving a hacker the keys to the kingdom. Be careful what you click on and what attachments you open. You are one click away from being compromised.

The risks of compromise will always be there. You need to minimize or mitigate these risks. Don't click on strange links. Make sure that your security settings on your device are set.

Regular patching is important to ensure that known vulnerabilities are corrected. Make sure that your PC/laptop gets its regular updates. 

Know the value of your data. And know where your critical files are. He talked about his million dollar laptop. He has files and client work on his device. Add up the value of what you've stored. Data is king. What would it cost you if you lost that document. Regular backups are important.

Also, free doesn't always mean "free." Games, apps, and services that are free are often mining or monitoring your data. Read the user agreements before you access them. And watch your children's free games. Many of them monitor or share your location. 

If you're traveling to parts of the world where hacking is rampant, he suggested taking a "throw-away" device for use there. Don't access your critical information (e.g. banking, etc.). Don't use the device when you return. 

Security often becomes an after-thought in today's busy world. Be careful. The chances of being hacked are high. Be prepared and do what you can to mitigate the risks.

7 Things Writers Need to Know about Cybersecurity

Recently, I attended RVASec, a cybersecurity conference in Richmond, VA. Mikko Hyponnen of F-Secure was the keynote speaker. He is also the curator for the Malware Museum at the Internet Archive. He focused on where we've been and what's next with technology. He also talked about vulnerabilities and things we need to be aware of in this every-changing world.

Here are seven things I learned from his presentation:

  1. We've experienced the Internet revolution. Right now, we're experiencing the Internet of Things (IoT) revolution. There are thousands of smart devices out there, and you need to consider security. He said that the next big revolution will be Artificial Intelligence (AI). I'm not sure I'm ready for the rise of the machine just yet.
  2. The first case of ransomeware happened in 1989. I thought it would be in the late 90s or 2000s. Cybercrimes have been around for a while.
  3. He reiterated this point several times. DO NOT CLICK on the ENABLE content button on websites. He called this the "please infect by PC" button.
  4. "Data is the new oil." You will not be able to avoid smart devices. Soon, anything that plugs in will have some kind of smart of computer component. He gave lots of examples like smart mattresses and smart lightbulbs. And these devices are sending data and analytics about your use of them back to the manufacturer.
  5. Appliances and other smart devices (that we don't think of as computers) will come with software licensing agreements and configuration instructions. Anything that runs on electricity will eventually be connected to the Net.
  6. Your smart devices (cameras, lightbulbs, thermostats, etc.) are vulnerable. If you take it out of the box and plug it in without reading the instructions and checking the security settings, you could be susceptible to hacks or attacks. (If you can turn a camera on or unlock a door with your phone, so can a hacker.)
  7. Make sure that you set strong passwords on your devices. Things that are easy to remember are also easy to hack.

I love new technology and gadgets, but I think it's also good to have a healthy awareness of some of the dangers of lax security. What's your favorite smart device?

"It's a Great Time to be a Geek!" - Ideas for Writers

I returned this week from the Gartner IT Operations Strategies and Solutions Summit in Orlando, Florida. It's a "Great Time to be a Geek!" Technology is always changing, and there will be exponentially more devices and applications in the next five years that will access the Internet. It's mind-boggling.

Good writers are always looking for ideas - no matter where they are. I came up with a great plot line for my PI series. Here's some of what I learned:

  • There are already smart elevators that use scans to get to your floor, rather than buttons.
  • There are mining operations with computer-driven equipment, including trucks.  The biggest problem they had was with the ruts in the road. All of the trucks took the same path back and forth, and caused a lot of damage. The operators had to program a variety of algorithms to save the mining roads.
  • Ethical reviews are important with technology. For example, should medical devices be blue-tooth-enabled for monitoring? It's a great way for your physician to monitor you, but what happens if it's hacked? Think about the possibilities for legal and medial thrillers.
  • Everything is possible, and nothing is certain. Sounds like a lot of change in the future. As a writer, you do need to be careful when mentioning specific technology unless your work is set in a specific time period. Fax machines and flip phones are out of date.
  • By 2020, over 25 BILLION things will be connected to the Internet. In addition to phones, tablets, and laptops, things like printers, copiers, cars, hospital beds, and refrigerators will be reporting data or communicating to other devices and services.
  • Work is now an activity and not a place. People can work anywhere, anytime.