Harrisonburg, Virginia – Computer networks are only as secure as their weakest link and often the weakest link are the people who use those networks.
“The greatest threat is human-imposed where people can fall victim to phishing scams and email spoofing to trick them into revealing sensitive information such as passwords for email accounts , social media accounts and even bank accounts, ”Ahmad said. Salman, a professor of integrated science and technology who studies cryptography for secure communications in lightweight devices and also explores security and privacy issues in IoT devices and intelligent transportation systems.
On Cyber Security Awareness Month, Salman answered a few questions for us on the subject.
Question: What is cybersecurity?
A: Cybersecurity is the protection afforded to computer systems and networks in order to maintain the confidentiality, integrity and availability (known as the CIA triangle) of their resources, including hardware, software, firmware, data / information and telecommunications.
Question: There has been a lot of news about cybercriminals using ransomware to hold corporate and government websites hostage until they receive big ransoms. Besides ransomware, what are the other cybersecurity threats?
A: Many threats can be categorized as cybersecurity threats. Some of them are more dangerous than others due to the extent of the damage they can cause to institutes, businesses or individuals. Phishing is a type of social engineering attack where the attacker sends a fraudulent message designed to trick a human victim into revealing sensitive data or deploying malware on the victim’s device / network. Identity theft is the disguise of a communication from an unknown source as from a trusted source. This allows the attacker to gain access to the victim’s internal system, causing system damage and financial loss.
Question: What good practices can individuals use to reduce the risk of falling victim to cybercriminals?
A: There are several things people can do.
- Always use a strong password that is at least 10 characters long and includes a combination of upper case, lower case, numbers and special characters.
- Never use the same password for different devices and login sites. Password vaults such as LastPass and Dashlane can be used to generate strong passwords and securely store encrypted versions of them, reducing the hassle of remembering multiple passwords.
- Always use / enable two-factor authentication on all accounts that require login. It is perhaps the most important defense mechanism that can prevent financial loss and other damage.
- Always keep your devices up to date by installing the latest operating system updates and the latest security bundles released by their device developers and manufacturers as they become available.
- Never share your password with anyone or share sensitive data with anyone unless you are absolutely sure of their identity and whether or not they need to know this information. Cybercriminals always try to add a sense of urgency when trying to lure a victim, to prevent them from applying rational thinking. It is important to take your time before reacting to suspicious messages such as those containing unusual requests for money from co-workers or supervisors.
Cyber Security Awareness Month was launched by the National Cyber Security Alliance and the US Department of Homeland Security in October 2004 to raise awareness of the importance of cybersecurity in the United States. The theme for 2021 is “Do your part”. #BeCyberSmart ‘, helping empower individuals and organizations to take ownership of their role in protecting their part of cyberspace.
Contact: Eric Gorton, firstname.lastname@example.org, 540-908-1760
More information about James Madison University, including rankings and recognitions, is available at jmu.edu/about.