We鈥檙e living more of our lives online than ever. Due in large part to the pandemic, e-commerce was up 32.4 percent in 2020 over the previous year (United States Department of Commerce). And we鈥檙e using telehealth services at a rate that鈥檚 38 times higher than before the pandemic (McKinsey & Company).
But with the convenience of online banking, Amazon, Etsy and eBay, healthcare portals, and 24/7 connectivity come increased risks of a cyberattacker stealing your identity or hijacking your computer.
Kees Leune, PhD, is an assistant professor of mathematics and computer science who also serves as Adelphi鈥檚 information security officer. In the latter role, he leads a team of IT professionals tasked with keeping Adelphi鈥檚 computers and servers secure.
Dr. Leune explained that while data breaches at large corporations or government entities make headlines, attacks on individuals aren鈥檛 as nearly well publicized. He explained that an attacker can break into your computer and 鈥渟teal your usernames and passwords or other personal information and sell that for a profit, or unleash crypto-mining software so your computer is creating Bitcoin for someone else, and all you get is the electric bill. This happens quite regularly.鈥
And when it does, anything on your hard drive鈥攖ax returns, personal photos, the novel you鈥檙e writing鈥攃an be 鈥渆ncrypted and lost, and there鈥檚 no getting it back,鈥 he said.
Since October is National Cybersecurity Awareness Month, it鈥檚 a good time to take action to protect your identity and information. Dr. Leune offered the following tips we should all follow to keep our data safe online.
- Strong passwords are good; multifactor authentication is better.听We鈥檝e been advised in the past鈥攁nd even required鈥攖o make our passwords longer and more complex, with upper- and lowercase letters, numbers and special characters. And now we鈥檙e supposed to take the extra step of answering security questions or typing in our cellphone numbers so we can retrieve and enter a code? Do it, said Dr. Leune. 鈥淭he use of strong passwords, and the longer the better, is taking a backseat at this point. The predominant guidance now is to turn on multifactor authentication wherever you can. It鈥檚 an extra layer of security.鈥
- Get updated.听Software makers are constantly looking for security holes and bugs and releasing updates containing patches and fixes. Many programs and operating systems for computers and phones will even let you know when an update is ready for you. Download them.
- Use antivirus software.听Most antivirus manufacturers give away a free version. Dr. Leune said Adelphi鈥檚 3,200 computers run Sophos antivirus software. The company offers a free version you can use at home, he said, though he adds that Sophos isn鈥檛 the only vendor, and 鈥渢hey鈥檙e all good.鈥 Mac users: This advice goes for you too. 鈥淢ac users are targeted just as [often] as Windows users,鈥 he said. 鈥淯sing a Mac doesn鈥檛 make you secure.鈥
- Make backups.听鈥淥nce ransomware gets onto your computer, it is nearly impossible to get it off again, other than wiping the full contents of your device,鈥 said Dr. Leune. He recommends uploading important files to a cloud service provider that will have a team of professionals protecting the servers on which your data resides. Downloading files onto a USB drive or external hard drive not connected to your computer works too. Better yet, do both. 鈥淚f there鈥檚 an issue with the cloud service provider, you can go to your own copy; if there is a problem with your copy, you can go to the cloud.鈥
- Don鈥檛 take the (phish) bait.听Have you ever received an email or text, or seen a social media post, that seemed out of character? This could be an instance of phishing鈥攚hen an intruder essentially dangles bait for you to click on that leads to a malware-infected link. 鈥淧hishing is a major issue; this is why we still send all employees phishing messages once a month,鈥 Dr. Leune said. Adelphi also rolled out a phish alert button on Gmail for users to click to make it even easier to report incidents of phishing to Adelphi鈥檚 Office of Information Technology.
- Use common sense.听Getting hacked is more often due to human error than a problem with the technology. Gaining access to a password or a social security number can be as easy as asking for it. Cyberattackers will use what鈥檚 called social engineering鈥攑osing, via phone, email or in person as a network administrator or other trusted figure and persuading people to part with their passwords. So be careful.
Dr. Leune pointed out a recent initiative created to advance our understanding of the relationship of cybersecurity and psychology: Adelphi鈥檚听. Anita D鈥橝mico, PhD 鈥84, now vice president of products at Synopsys Inc., is an experimental psychologist who has studied how human behavior affects cybersecurity and software security.听听will support research by faculty and graduate and undergraduate students in areas related to cybersecurity, psychology or the intersection of the two domains.