October 27, 2014

Four Steps to Keep Hackers at Bay

Adapted from the article, "Five Steps to Keep Hackers at Bay," © 2014 ePlace Solutions, Inc.

By Jennifer Paradise

Don’t forget that tomorrow is the cyber security presentation by a visiting FBI specialist. The talk will be in the Ott Auditorium from 1-2pm. Come one, come all, come learn about how to keep yourself safe with technology!

The Internet and email are powerful tools. They are also a significant avenue of vulnerability for online systems and sensitive information. Stealing usernames and passwords or tricking victims into downloading malware via email or malicious sites has become big business, and is a leading path for data breaches.

This bulletin outlines four basic steps to take to defend against such attacks. None of these alone will prevent all attacks, but together they provide a layered defense that significantly reduces risks.

  1. Uninstall software you don’t need. All software has bugs that hackers may take advantage of to install malware. Reduce risks of infection by removing any unneeded software from your devices. If you don’t need it, remove it. The same goes for apps.
  2. Use an anti-virus program. Anti-virus programs will not catch all of today’s sophisticated malware, but are still an important part of your defense system. On campus we use Sophos. Contact the IT Support Center if you have questions about Sophos.
  3. Keep all software updated. It is especially important to update your anti-virus program, operating system (e.g. Windows 7), browser (e.g. MS Internet Explorer, Mozilla Firefox, Google Chrome), applications used to read and play files (e.g. Java, Adobe PDF Reader, Flash, QuickTime, etc.) and browser plug-ins.
  4. Scrutinize emails before clicking on links and email attachments. Be wary of (and don’t click) links that purportedly lead to sensitive accounts (e.g. bank accounts or online payments). It is better to access such sites directly using bookmarks or typing the correct link yourself. Similarly, exercise caution with email attachments. If you don’t recognize the sender, it’s often best to delete the message and attachment without opening. If in doubt, contact the IT Support Center at x4225 or support@svsu.edu to verify the authenticity and purpose of the email. Hackers pretend to be the IRS, charitable organizations, the FBI, your bank, or the police. Spelling or grammar mistakes often give them away. Now the bad guys send messages pretending to be your friends or colleagues, making it much harder to spot illegitimate messages. Their spelling has improved too!

The bottom line - there are a lot of bad guys trying to fool you into giving them your logon credentials or download malware. Keep your guard up on the Internet and with email messages and follow these four steps to put up a layered defense.