This post was written by Jason Johnson, director, IS Information Security, Parkview Health.
October is designated as Cybersecurity Awareness Month, an observance to promote diligence and behavioral changes to encourage cyber safety.
From a government perspective, we have The Cybersecurity & Infrastructure Security Agency (CISA). This is a federal agency within the United States entrusted with the paramount responsibility of safeguarding the nation's critical infrastructure. CISA is also dedicated to elevating cybersecurity measures and resilience across diverse sectors. Its inception was driven by the imperative need to shield the nation's critical infrastructure from cyber threats and other security vulnerabilities.
From a personal standpoint, there are steps we can take to keep ourselves safe from cyber-attacks, but first, it’s important to know the risks online.
Cybersecurity and our mental and physical well-being
While there are many, the two types of cyber-attacks we see trending currently are:
Vishing – A voice phishing attack is the fraudulent use of phone calls and voice messages using social engineering techniques to convince individuals to reveal private information such as bank details and passwords.
Smishing – A combination of “SMS” and “phishing,” a smishing attack, is the fraudulent use of deceptive text messages to lure victims into sharing personal or financial information, clicking on malicious links, or downloading harmful software or applications.
The rise of vishing and smishing attacks can affect our mental well-being by adding stress to our lives. The constant attacks are becoming more frequent and sophisticated, making it difficult to distinguish between genuine and hack attempts.
When a hack is successful, it can affect one's physical well-being with financial impact.
Knowing the most significant cyber risks
The broad spectrum of different types of phishing attacks presents the biggest risk to our cybersecurity today. There are many types of phishing: spear phishing (an attempt to acquire sensitive information or access to a computer system by sending counterfeit messages that appear to be legitimate), smishing and vishing. It can certainly be overwhelming, particularly for those who are not very technologically savvy or aware of the potential risk.
How to protect yourself
If I could make three recommendations for people to enhance their cybersecurity, I would recommend remembering the following:
- Pay attention and trust nothing.
- If it looks too good to be true, it probably is.
- If it does not sound right, pick up the phone and call the appropriate individuals.
The CISA recommends several steps for staying safe online, including using strong passwords and updating software. You can read more on their tips for cyber safety here.