readydc

Ready DC
Ready DC

Cyber Attack​

A cyber attack is someone trying to gain illegal access to a computer system, network, or data. Attackers often want to disrupt, damage, or steal data. Our reliance on technology exposes us to cyber threats that can impact our jobs, finances, health, and safety.  Cyber threats are often hard to understand as these threats are not like physical threats needing immediate action. Cyber dangers may include viruses wiping out entire computer systems, people breaking into software systems and changing files, people using your computer or device to attack others or people stealing confidential information. 

Cyber Attacks Can:

  • Use computers, mobile phones, gaming systems, and other devices; 
  • Include identity theft; 
  • Block your access to or delete your personal documents and pictures;  
  • Target children; and 
  • Cause problems with business services, transportation, and power. 

Examples of possible attacks:

  • Data breach – the theft or unauthorized disclosure of sensitive, confidential, or proprietary information. 
  • Denial-of-Service (DoS) – the disruption of a computer system, network, or online service. DoS attacks may be on purpose or a byproduct of another type of cyber attack. 
  • Network intrusion – the illegal entry into a computer network to snoop, steal information, or insert malware. 
  • Phishing – sending emails or text messages to collect private information. Attackers may also trick victims into downloading malware. 
  • Ransomware – malware that causes the encryption or permanent destruction of digital data. The attacks are often financially motivated as they ask for the victim to pay a “ransom” before restoring access to victims’ files or systems. In some cases, though, the only motive is the destruction of data and computer systems. 
  • Vishing – Fake phone calls to steal money or trick victims into sharing private information. 

For more information on cybersecurity and threats, please visit:

 

How to Protect Yourself From an Attack

Below are steps you can take to protect your home, family, and pets before a cyber event:

At Home:

  • Stay Informed through local radio, television or official social media accounts. Download the free HSEMA app or AlertDC to receive updates wherever you are.
  • Avoid connecting personal or work devices to open and unsecured public WiFi. Public WiFi allows attackers to intercept unencrypted information sent over the network. If you must connect to public WiFi, use a virtual private network (VPN) to protect activity. 
  • Do not open attachments or links in emails you were not expecting. If the sender is someone you know, verify the email’s legitimacy through another means, such as a phone call. Remember, attackers can fake email accounts, so not all emails are legitimate.
  • Always enter a URL by hand instead of following links, particularly if you do not know the sender. If you receive a link that appears to be from a well-known company or financial institution, search for their official website online before following an imbedded link.
  • Do not reply to online requests for Personally Identifiable Information (PII), such as your address, social security number or telephone number. Most businesses/groups do not ask for your personal information over the Internet. 
  • Limit who you are sharing information with by checking the privacy settings on your social media accounts.
  • Trust your gut. If you think an offer is too good to be true, it probably is, steer clear.
  • Have an amount of cash on hand in case your ATM or credit card access is compromised.
  • Protect your personal devices by putting a password on each device that connects to the internet and user accounts.
  • Do not use the same password twice, select a password that means something only to you, and change your passwords regularly. Passwords should have uppercase and lowercase letters, numbers, and special characters. Passwords should be at least eight (8) characters long. Consider using a password manager to help create and store your account passwords. 

At Work:

  • If you receive a suspicious message on your work email system, immediately notify your IT department.
  • Call your IT department to verbally confirm any emails about updates or changes to your system. Remember, IT personnel generally will not ask you for your password or other PII information.
  • Avoid connecting work devices to open and unsecured public WiFi. Public WiFi allows attackers to intercept unencrypted information sent over the network. If you must connect to public WiFi, use a virtual private network (VPN) to protect activity. 
  • Always ask your IT department if an unfamiliar program or update appears on your work computer.
  • If you have sensitive information regarding the cyber attack, share it with the appropriate people within your company or organization, including network administrators.
  • Sign up for the United States Computer Emergency Readiness Team (US-CERT) mailing list to get the latest cyber-security news by email. These alerts are written for home and business users and provide timely information about current security issues and weaknesses.
  • Download mobile apps only from reputable, authorized app stores. Avoid downloading “free” apps as they can steal data, charge fees, or deliver adware to your device. Only install apps on work devices that your workplace IT department approves. 

 

What to Do If You Are a Victim of an Attack

If you are the victim of an attack, consider the following recommendations. These actions will help limit the amount of damage done to you, your accounts, and your workplace: 

  • Stay Informed through local radio, television or official social media accounts. Download the free HSEMA app or AlertDC to receive updates wherever you are.
  • Immediately change your username and password if someone steals them in a data breach. Enable two-factor authentication whenever available. If someone steals your work password, alert your organization’s IT department immediately. 
  • If someone steals your personal or financial information, alert your bank immediately. Always monitor your bank and credit card account for unauthorized charges. If available, enroll in a respected credit monitoring service. Consider using a fraud alert or security freeze with EquifaxExperian, and TransUnion
  • If malware infects your personal computer, run a scan using antivirus software or take your computer to a trusted expert. 
  • If you see a suspicious message or activity on your work devices notify your organization’s, IT department. Report instances of cyber crime and identity theft to the Metropolitan Police Department, the FBI Internet Crime Complaint Center, and the Federal Trade Commission.

 

After a Cyber Attack

Use the following tips for your home, family, and pets after a cyber attack:

Additional Resources: