Cyber Security Notes from Justin Mason

Cyber Security Notes from Justin Mason

Jun 10, 2022

Notes from our session today:

 Cyber Security Framework – CSF

https://www.nist.gov/cyberframework

Consist of 5 Core Functions:

Identify

·        You can’t protect what you don’t know about!

·        Assets – all the devices connected to your home network

·        Apps – and their vulnerabilities

o   Remove everything that isn’t used, including any “trial” software you might have installed

·        Data – your files – music, pictures but also sensitive data like tax returns, statements, etc

·        Identities – your online profiles, accounts and subscriptions

Protect

·        Don’t trust links or attachments from anyone if you weren’t expecting an email from. Don’t open the attachment and don’t click the links!

o   Never follow password reset instructions from an email that you get. No legitimate company will send you an un-initiated email asking you to reset your password! If in doubt, log directly into the website in question and reset your password after logging in.

o   You can do some research on links and IP addresses using this tool, but results are NOT guaranteed to be accurate. https://talosintelligence.com/reputation_center/ 

§  Be careful not to click the link when you’re trying to copy it!

o   Follow your email provider’s recommendations for security settings for spam, etc. Here’s Google’s: https://support.google.com/mail/answer/7036019?hl=en&co=GENIE.Platform%3DDesktop

·        Don’t click links from unknown or unexpected senders, including all other messaging apps (Facebook Messenger, Instagram, WhatsApp, etc.

·        Always be aware of who you’re “friends” with on social media. Many times criminals will impersonate your friend’s account and send you a new friend request. The goal is to get access to your personal information. Ask your friend outside of social media if they meant to do that before blindly clicking accept.

·        Be aware of what you post on social media. Try not to post things that can be used to guess your passwords or answer your security questions.

·        Don’t pay for online purchases using your debit card. Use a credit card instead, or something like PayPal.

o   Don’t pay individuals with instant payment systems like Zelle or CashApp. Once you send the money, it’s gone. Only use PayPal instead!

·        Enable dual-factor authentication (2FA or MFA) everywhere you possibly can

·        Enable auto-updates to everything you possibly can especially web browsers, AV and OS

·        Use a password manager or vault program: I use https://pwsafe.org/ but there are others out there https://www.cnet.com/tech/services-and-software/best-password-manager/

·        Use passphrases instead of passwords, but see:

o   https://proton.me/blog/protonmail-com-blog-password-vs-passphrase

o   https://www.zdnet.com/article/fbi-recommends-passphrases-over-password-complexity/

·        Don’t re-use passwords!

·        Use AV, and keep it updated with auto-update feature! I currently like Norton, but even Microsoft Defender is actually not bad. Just use something and keep it updated and configured with the best pro-active protections possible. Do full scans every so often.

·        Lock down your home network including the WiFi security settings and change all default passwords on your routers, firewalls, etc. See: https://www.cisa.gov/uscert/ncas/tips/ST15-002

·        Use a VPN service, especially when you’re on free wifi networks but you can do this at home too. I use the free one from Proton https://protonvpn.com/

·        Lock down access to all 3 credit bureaus! It’s free and easy to get a temp lift on them if you need to.

·        Make backups of all your data – including your mobile devices

o   Using OneDrive is good for hard drive failures, but not immune to ransomware encryption because most frequently OneDrive is also mounted a local folder on the computer and files are kept “in sync” between local and OneDrive cloud storage. So any changes to the local files gets replicated to the cloud version of the file!

o   Make a second off-line backup of your critical data!

§  External Hard Drives and Free File Sync are a good solution. Be sure to power off the hard drives between backups so it can’t be reached if your computer gets infected.

o   Know that you might not be able to back up some things like in-app purchases and you will lose them if you have to wipe your device (Mostly games the use consumable in-app currency but also depends on the app developer)

Detect

·        Has your PII been involved in a breach? Are you a victim of identity theft? You should try to find out!

o   https://haveibeenpwned.com

§  If you get a hit, stop using that password and change it everywhere you have used it!

o   Identity Theft resources:

§  https://consumer.ftc.gov/consumer-alerts/2022/02/how-tell-if-someone-using-your-identity

§  https://consumer.ftc.gov/articles/what-know-about-identity-theft#know

§  https://www.experian.com/blogs/ask-experian/how-do-you-check-for-identity-theft/

·        Get alerts about activity on your credit bureaus! Use something like LifeLock, or some credit cards such as Discover will do this for no cost. If you were a victim of a breach, like the Experian breach, they will typically offer a free year of identity monitoring services.

·        Regularly review your bank accounts etc. for suspicious activity

·        Sign up for alerts from everything you possibly can – banks, insurance, credit bureaus, ISPs, etc.

o   But always be suspicious when you receive these alerts in text or email, because this is one of the ways criminals trick you into putting your username and password into a fake site and steal it from you! I always go directly to the website or into the app to read messages, see the alerts or reset passwords (unless it’s a password reset process that I knowingly initiated of course).

Respond

·        Know the phone numbers to everything critical – banks, credit bureaus, insurance, ISPs, etc.

·        Know how to do password reset procedures for critical things like your banking app/website, email account, etc.

o   Set up a secondary recovery email account for your primary email account as well!

·        Know how to uninstall and reinstall apps on your devices

·        Know how to wipe and reset your devices if needed

Recover

·        You’ll primarily do this from backups – so make sure you’re regularly backing up everything important!

·        Know how to recover your device from a complete re-install if needed! Have all your software install or registration codes and your Windows Product Key (25 character code https://support.microsoft.com/en-us/windows/find-your-windows-product-key-aaa2bf69-7b2b-9f13-f581-a806abf0a886) saved offline (printed) somewhere if you need them.

·        Create a boot image for a USB drive or CD to get your computer back up and running quickly. For windows see: https://support.microsoft.com/en-us/windows/create-installation-media-for-windows-99a58364-8c02-206f-aa6f-40c3b507420d

·         

 Didn’t get too much into, but there’s a TON of great information and guidance here:

·        https://www.cisa.gov/uscert/ncas/tips

o   https://www.cisa.gov/uscert/ncas/tips/ST15-002

·        https://www.schneier.com/

·        Good cyber news site: https://threatpost.com/

Enjoy this post?

Buy Survive Everyday Podcast a coffee

More from Survive Everyday Podcast