Cybersecurity
Cybersecurity involves preventing, detecting, and responding to cyberattacks that can have wide ranging effects on an individual, organizations, the community, and nation. Cyber threats can be hard to identify and understand. Intruders can break into systems and alter files, use your computer or device to attack others, or steal confidential information.
Cyberattacks can:
- Use computers, mobile phones, gaming systems and other devices
- Include identity theft
- Block your access or delete your personal documents and pictures
- Target children
- Cause problems with business services, transportation and power
Protect Yourself Against a Cyberattack
- Keep your software and operating systems up-to-date
- Use strong passwords and two methods of verification
- Watch for suspicious activity. When in doubt, don’t click. Do not provide personal information.
- Use secure internet communications.
- Create backup files.
- Protect your home and/or business WiFi network.
The extent, nature and timing of cyber incidents are impossible to predict. There may or may not be any warning. Some cyber incidents take a long time (weeks, months or years) to be discovered and identified. Increase chances of avoiding cyber risks by setting up the proper controls.
- Only connect to the Internet over secure, password- protected networks.
- Do not click on links or pop-ups, open attachments, or respond to emails from strangers.
- Always enter a URL by hand instead of following links if you are unsure of the sender.
- Do not respond to online requests for Personally Identifiable Information (PII); most organizations – banks, universities, companies, etc.—do not ask for your personal information over the Internet.
- Limit who you are sharing information with by reviewing the privacy settings on your social media accounts.
- Trust your gut; if you think an offer is too good to be true, it probably is.
- Password protect all devices and user accounts that connect to the Internet.
- Do not use the same password twice; choose a password that means something to you and you only; change your passwords on a regular basis.
- If you see something suspicious, report it to the proper authorities.
Immediate Actions
- Check to make sure the software on all of your systems is up-to-date. If you have anti-virus software installed on your computer, update the virus definitions (if possible), and perform a manual scan of your entire system. Install all of the appropriate patches to fix known vulnerabilities.
- If you find a problem, disconnect your device from the Internet and perform a full system restore.
- By removing the Internet connection, you prevent an attacker or virus from being able to access your computer and perform tasks such as locating personal data, manipulating or deleting files, or using your device to attack others.
At Work
- If you have access to an IT department, contact them immediately. The sooner they can investigate and clean your computer, the less damage to your computer and other computers on the network.
- If you believe you might have revealed sensitive information about your organization, report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity.
Personally Identifiable Information (PII)
PII is information that can be used to uniquely identify, contact, or locate a single person. PII includes but is not limited to:
- Full Name
- Social security number
- Address
- Date of birth
- Place of birth
- Driver’s License Number
- Vehicle registration plate number
- Credit card numbers
- Physical appearance
- Gender or race
If you believe your PII is compromised:
- Immediately change all passwords; financial passwords first. If you used the same password for multiple resources, make sure to change it for each account, and do not use that password in the future.
- If you believe the compromise was caused by malicious code, disconnect your computer from the Internet.
- Restart your computer in safe mode and perform a full system restore.
- Contact companies, including banks, where you have accounts as well as credit reporting companies.
- Close any accounts that may have been compromised. Watch for any unexplainable or unauthorized charges to your accounts.
- File a report with local law enforcement so there is an official record of the incident.
- Report online crime or fraud to the FBI Internet Crime Complaint Center.
- Report identity theft to the Federal Trade Commission.
- If your PII was compromised, consider other information that may be at risk. Depending what information was stolen, you may need to contact other agencies; for example, if someone has gained access to your Social Security number, contact the Social Security Administration. You should also contact the Department of Motor Vehicles if your driver's license or car registration has been stolen.
- Sign up for cybersecurity alerts, tips and updates from United States Computer Emergency Readiness Team
- Sign up to receive the monthly Stop. Think. Connect newsletter from the Department of Homeland Security.
- Cyber and Infrastructure Security Agency
- DHS Stop.Think.Connect.™ Campaign
- Federal Bureau of Investigation
- Internet Crime Complaint Center
- Federal Trade Commission
- National Cyber Security Alliance
- National Center for Missing & Exploited Children’s CyberTipline
- Internet Crimes Against Children Taskforce
- NetSmartz
- Ready.gov