If you’re a Department of Defense employee touching a DoD network, at some point you have had to take the DoD Cyber Awareness Challenge.
We all know not to chase that guy who stole our cell phone, and we never listen to Tina’s music she wants us to plug into our computers. While this training is a necessary reminder of workplace cyber security, we rarely follow the same guidelines of safety and security when we get home. Luckily, there are a few simple techniques you can do at home to keep yourself just a little bit safer in the Wild West of the Internet.
While you may not feel like you’re important enough for a hacker to take interest in you, rest assured, if you have weak cyber security at home you are indeed a target. You won’t find yourselves in the crosshairs of a hacker due to who you are, necessarily, but instead it’s simply because hackers don’t want to work hard if they don’t have to.
Exploiting the easy targets is the first thing a hacker will attempt, and through automated tools that scour the Internet for weaknesses, they don’t even have to break a sweat. By implementing good password security, email hygiene, and potentially using a VPN, you can harden your home Internet use and make yourself just a little bit more difficult to target.
GOOD PASSWORD SECURITY
Security experts are now recommending switching from a password to a passphrase. The inherent flaw in using a password is that the more complicated you make the word, the harder it is to remember and the more you’re likely to write it down or save it in an easily accessible location. Leaving default passwords on new devices, or simply using the same password repeatedly, is a quick way to find your information stolen or used for malicious purposes.
Unlike a password, which is usually a heavily altered single word, a passphrase is a simple short sentence that is easy to remember. The complexity you can achieve from a passphrase makes the difficultly of cracking your password almost insurmountable. For instance, a hacker could break the password "P0t@t0!" in approximately seven minutes. On the other hand, a passphrase like “This is my email!” would take 610 trillion years to crack with today’s technology, and “Th1s Is my em@il!” would take four quadrillion years.
The emails you receive at work have already gone through the DoD’s filtering system, and even then, some phishing may still get through. Typically, your personal email is used and abused far more than your work email. You provide your personal email constantly to sign up for new services, enter into contests, get receipts from purchases, or simply as a form of communication.
With that level of exposure, it is inevitable that your email will cross the path of a bad actor who wishes to use it for potentially malicious purposes. Additionally, it becomes harder to know what is real and what is fake when your inbox is getting 300 emails a day.
Therefore, the same principles apply at home that you should be using at work—don’t click on any attachments from suspicious or unknown sources; be wary of egregiously misspelled emails; avoid any urgent notifications that you must respond to or risk losing something; and anyone attempting to give you money for free.
If you’re a savvy user, and you wish to activate something for a one time use, consider setting up a temporary email using services like Guerrilla Mail or Mailinator which set up a temporary email that disappears after 60 minutes but will allow you to activate whatever services you are interested in. (Please note, this is not an endorsement of either of those particular companies and there are many other “disposable email” providers reachable through a simple search.)
VIRTUAL PRIVATE NETWORK
If you’ve traveled recently, listened to the radio, or even caught the television at the right time, you’ve likely heard someone advertising a VPN service. Many military members overseas are known to use VPNs to access their Netflix or other US-based services that would otherwise be blocked by the IP geolocation they’re accessing from.
However, VPNs still provide great security measures for those who live stateside as well. A VPN is used to create a private encrypted tunnel between you and a server that then accesses the Internet on your behalf. When accessing public Wi-Fi hotspots, a VPN encrypts your traffic so anyone that may be snooping cannot freely access it. This is especially important in protecting those passphrases you created, because a passphrase is only secret if no one knows it.
Additionally, if you’ve ever thought it was creepy how a Google search can cause Facebook to advertise what you just searched for, VPNs can help! VPNs can protect your data from aggregation by those who would wish to sell your browsing history and personal information to advertising websites. Nearly 25 percent of the world’s Internet traffic routes through a VPN, and that will only expand as people wish to have their private information remain private.
In conclusion, the VPN, email hygiene and good password security are some simple techniques you can employ right away to protect your household from cyber threats. Unfortunately, none of these techniques is quite the panacea we’d like, but they will make you less of a soft target for malicious actors to easily manipulate. Good luck out there, and as always, stay cyber aware.