Teach your staff to:
A) Stop and Look, Assess the Situation.
B) Then, Do Something.
Teach Your Staff: First Aid, and Teach Psychological First Aid.
Teach Respect, Tolerance, and Understanding.
In the end, it’s a sense of hope and optimism that people acknowledge, and which brings resilience.
1) YOU ARE YOUR DATA
Criminals need 2 things to perpetrate cyber crime: Your Personal Identifying Information, and access to a Point of Compromise.
Examples of Personal Identifying Information (PII):
Date of Birth
Mother's Maiden Name
Social Security Number
Examples of Points of Compromise:
Physical Items -
Dumpster diving, mail theft, check fraud, burglaries, purse/wallet snatching
Skimming, Shoulder Surfing, Gas Pumps, Point of Sale (POS) devices, Radio Frequency Identification (RFID)
Computer and Internet
Social Media, Email, Unsecure Websites, Online Shopping, Classifieds, Unsecure Wifi, Filesharing, Bot Nets, Data Breach
SMS Phishing, GeoTagging, Spyware, Malware, Bluejacking, Near Field Communication (NFC), Quick Response Codes
2) IF IT HAS A LOCK, USE IT
Secure Points of Compromise- Balance convenience versus safety/security
Use physical locks, purge, shred, secure mail
Credit versus Debit versus Cash (Pin number versus Zip Code)
Computer and Internet
Strong Passwords - A password as a lock (15 digits or more, Caps, lowercase, Number, Symbol!) StrongPassCodes@HomeBEasy693.us
Two Factor - If a dual authentication method is available USE IT
Limit access, use passcodes/application locks/pin access to applications
3) WHEN ASKED FOR, ASK WHAT FOR?
Practice responsible sharing
WHY do you need my PII?
WHAT are you going to do with it?
HOW will you protect my data?
HOW can I monitor my data?
WHAT will you do when you are done with the data?
Plan for Safety -
It costs more NOT to pay attention
Use technology to monitor and protect your data
Educate yourself on emerging technologies
Be mindful of safety versus convenience when accessing technology
Resources for Remediation:
Federal Trade Commission: File a complaint: 1-877-FTC-HELP or 1-877-382-4357 http://www.ftc.gov
Identity Theft Resource Center: 888-400-5530 http://www.idtheftcenter.org
Privacy Rights Clearinghouse: http://www.privacyrights.org
These tips provided by NOVA - National Organization for Victim Assistance 1-800-879-6682.
FREE Tools/Offerings to help alleviate potential cyber related problems.
--- - ---
FREE Anti-Malware Security and Brute-Force Firewall: https://wordpress.org/plugins/gotmls/
--- - ---
--- - ---
SUCURI Security WordPress Security plugin is also free to all WordPress users.
It is a security suite meant to complement your existing security posture with seven key security features:
1. Security Activity Audit Logging
2. File Integrity Monitoring
3. Remote Malware Scanning
4. Blacklist Monitoring
5. Effective Security Hardening
6. Post-Hack Security Actions
7. Security Notifications
--- - ---
--- - ---
For the more technical folks, here are some tools that you could be leveraged to investigate their website for unwanted/suspect code, etc.
--- - ---
This one looks pretty in depth as to investigation of code, etc. https://aw-snap.info/
Full Article/Link: https://blog.sucuri.net/2016/10/ask-sucuri-is-my-website-hacked.html
--- - ---
Some other things of value would be the following:
Free Website Malware and Security Scanner: https://sitecheck.sucuri.net/
Heimdal Security: https://heimdalsecurity.com/en/
Personal Software Inspector: http://www.flexerasoftware.com/enterprise/products/software-vulnerability-management/personal-software-inspector/
We hope that this helps to make your computing environment a safer one.
If you find a USB drive (thumb drive, memory stick, or pen drive) on the ground outside your office, or when you are out and about, please do NOT put it in your computer.
There are so many hacks that can be executed from a found drive, that can do everything from auto installing malware, to quite literally causing physical damage to the circuitry in your computer. Don't take the chance.
The Red Cross has a new app for phones and tablets that is geared to helping young children learn the drills to be safe during emergencies like Earthquakes, Fire, Flood, and Severe Storms.
Look for more information here: http://www.redcross.org/monsterguard
U.S. Department of Homeland Security / Secure Community Network
Jewish Community Outreach
Jewish Federation of Greater Seattle / SAFE Washington
DATE: March 1st 2015
LOCATION: (Will be announced with RSVP Confirmation)
This session will also be Broadcast on the SAFE Washington Network using GotoMeeting for those that cannot attend in person.
BACKGROUND: In the past year, there have been multiple attacks against the Jewish community to include the January 2015 raid on a kosher food market in Porte de Vincennes, France where 19 Jewish patrons were held hostage and four of the patrons eventually murdered; the December 2014 stabbing attack at the Chabad-Lubavitch Headquarters in Brooklyn, NY; and the fatal shootings at the Kansas Jewish Centers in April 2014.
In an effort to enhance security within the Jewish Community, the Department of Homeland Security Deputy Secretary conducted an initial call with senior Jewish community leaders on December 11, 2014, to coordinate heightened outreach. This Jewish Community Outreach will continue previous collaborative efforts.
Who should attend? Leaders of an agency, synagogue, or those responsible for the safety and welfare of their constituents & staff members.
In order to attend in person, or attend via webinar, you must RSVP to: AndrewC@SAFEWashington.com by no later than. An RSVP response will go out with special instructions for attendance and confirmation.
When you RSVP for this Community Outreach, please include your name, the agency you represent, your title, and contact information including phone number.
Note: Only those on the visitor list will be allowed to enter the building, and webinar attendance will be limited to those that RSVP (there are some limits to the number of attendees that can sign in via the web, so please RSVP for webinar early if you cannot attend in person.
Have you noticed a unique sound and vibration coming from your cell phone? You may have received a Wireless Emergency Alert (WEA) - a nationwide emergency alert system notifying you of a pending emergency in your area. These messages provide information about extreme weather warnings, local emergencies, AMBER Alerts™, and Presidential Alerts during a national emergency.
WEAs look like a text message and show the type and time of the alert, any action you should take, and the agency issuing the alert. If you receive a WEA, follow any directions advised by the message and seek additional information from local media or authorities.
WEAs are sent by authorized government agencies through your mobile carrier. Government partners include local and state public safety agencies, FEMA, the Federal Communications Commission, the Department of Homeland Security, and the National Weather Service.
Loss of power can jeopardize the safety of the food stored in your home refrigerator or freezer. In the event of a blackout, do you know how to determine if your food is safe to eat? The U.S. Department of Agriculture(USDA) offers tips to minimize the potential loss of food and lower the risk of foodborne illness.
Before a blackout:
Bacteria in food grow rapidly at temperatures between 40 and 140 degrees Fahrenheit. The USDA instructs setting your refrigerator at or below 40 degrees Fahrenheit. If the power is out for less than four hours and the refrigerator door is kept closed, your food should be safe.
Following a blackout:
Power outages can occur anywhere at any time of the year. Make sure you and your family are prepared and know what to do to avoid getting sick.
We've come to depend on our smartphones so heavily it is hard to remember what we did before we had them.
If you have a smartphone, you now carry a fully functional computer in your pocket or purse.
That's a tremendous amount of information at your fingertips. Therefore, it is paramount that you safeguard your smartphone.
Common Risks for Smartphones
Take a moment to consider each of these areas:
• Loss of device and information theft. Smartphones are small and can easily be lost or stolen.
Unauthorized users may access your accounts, address lists, photos, and more to scam, harm or
Embarrass you or your friends; they may leverage stored passwords to access your bank and credit card
Accounts, steal your money or make credit card charges; gain access to sensitive material, and more.
• Social Engineering. A common mobile threat is social engineering. Whether via text message, image, or
Application to download, an incoming communication may be an attempt to gain access to your information.
A current example consists of a text message that comes from an unknown number, telling you that if you
Click on the link provided, you'll have access to thousands of free ringtones. If this sounds too good to be
True, that's because it is. The link is in fact a malicious link. Clicking on it will compromise the security of
• TMI (Too Much Information). Guidelines for protecting privacy, safety, and reputation when sharing via
Computers also apply when sharing via smartphones. Mobile devices enable instantaneous capturing,
Posting and distribution of images, videos, and information. They may also broadcast location information.
• Public Wi-Fi. Smartphones are susceptible to malware and hacking when leveraging unsecured public
• Bluetooth and Near Field Communications (NFC). Bluetooth is a wireless network technology that uses
Short-wave radio transmissions to transmit voice and data. NFC allows for smartphones to communicate
With each other by simply touching another smartphone, or being in proximity to another smartphone with
NFC capabilities or a NFC device. Risks with using NFC and Bluetooth include eavesdropping, through
Which the cyber-criminal can intercept data transmission, such as credit card numbers. NFC also has the
Risk of transferring viruses or other malware from one NFC-enabled device to another.
Simple Steps to Protect Your Smartphone:
1. Update the operating system. Smartphones are computing devices that need to be updated. Updates
Often provide you with enhanced functionality and enriched features, as well as fixes to critical security
Vulnerabilities. Your smartphone manufacturer should notify you whenever an update is available.
2. Use of security software is a must. As the smartphone market is increasing, so too is the amount of
Malware designed to attack smartphones. The software security solutions that are available for desktops
And laptops are not as widely available for smartphones. A key protection is to use mobile security software
And keep it up-to-date. Many of these programs can also locate a missing or stolen phone, will back up
Your data, and even remotely wipe all data from the phone if it is reported stolen.
3. Password-protect your device. Enable strong password protection on your device and include a timeout
Requiring authentication after a period of inactivity. Secure the smartphone with a unique password - not the
Default one it came with. Do not share your password with others.
4. Think before you click, download, forward, or open. Before responding, registering, downloading or
Providing information, get the facts. No matter how tempting the text, image, or application is, if the
Download isn't from a legitimate app store or the site of a trusted company, don't engage with the message.
Personal information. If the app requires more access to your account and/or device than is needed to run
The service, do not continue. In addition, be aware that terms can change over time. Review your terms of
6. Be cautious with public Wi-Fi. Many smartphone users use free Wi-Fi hotspots to access data (and keep
Their phone plan costs down). There are numerous threats associated with Wi-Fi hotspots. To be safe, avoid
Logging into accounts, especially financial accounts, when using public wireless networks.
7. Disable Bluetooth and Near Field Communication (NFC) capabilities when not in use. Capabilities
Such as Bluetooth and NFC can provide ease and convenience in using your smartphone. They can also
Provide an easy way for a nearby, unauthorized user to gain access to your data. Tum these features off
When they are not required.
8. Enable encryption. Enabling encryption on your smartphone is one of the best ways to safeguard
Information stored on the device, thwarting unauthorized access.
9. Securely dispose of your device. With the constant changes and upgrades in the smartphone market,
Many are upgrading their devices on a regular basis. It is important that you wipe the information from your
Smartphone before disposal. Additionally, make sure any SD cards are removed and erased. If you are not
Redeploying the SIM card to another device, then make sure your personal information stored on the SIM
Card is erased or destroyed.