You are here

Cyber Security

 

“Theft of consumer information and valuable intellectual property is not just a threat to our economy – it is also a danger to our national security.  . . . We have a mutual and compelling interest in developing comprehensive strategies for confronting this threat and it is imperative that our strategies evolve along with those of the hackers searching for new areas of weakness.  But we can only meet that challenge if law enforcement and private companies share the effort and work in cooperation with each other.  I am committed to working with you in order to strengthen our defenses against cyber breaches, prevent damaging crimes before they occur and bring wrongdoers to justice.” 

                                                Attorney General Loretta Lynch, April 29, 2015

 

Cyber crime is one of the greatest threats facing our country, and has enormous implications for our national security, economic prosperity, and public safety. The range of threats and the challenges they present for law enforcement expand just as rapidly as technology evolves.

In Rhode Island, the United States Attorney’s Office, and federal and state law enforcement have teamed up to investigate cyber crimes, and to educate the public and businesses on ways to help avoid becoming a victim of a cybercrime and what to if they become victimized.

If you believe you, your family or your company are a victim of a cybercrime, or are interested in learning more about protecting yourself or your company from cybercrimes, please contact:

Rhode Island Fusion Center:  (401) 444-1117 

Rhode Island State Police Cyber Disruption Team:  (401) 444-1718 or (401) 444-1710.

FBI Cyber Division CYWATCH  24/7 support:  1-855-292-3937 or email CyWatch to report intrusions cywatch@ic.fbi.gov 

United States Secret Service, Providence Resident Agency 24hr: (401) 331-6456

United States Attorney’s Office (401) 709-5042

 

Online Reporting & Resources

To report internet fraud/phishing: http://www.ic3.gov/default.aspx

DHS cybersecurity resources and information:  http://www.dhs.gov/topic/cybersecurity

To access cyber threat information in the National Cyber Awareness System go to the US Computer Emergency Readiness Team (US CERT): https://www.us-cert.gov/ncas

To join FBI Infragard: https://www.infragard.org/

  • Membership includes receiving emails concerning Cyber Threat Updates

  • Quarterly meetings with a Cyber Focus

General questions relative to connecting to federal resources or joining FBI Infragard contact Brian Pires at the U.S. Attorney’s Office at (401) 709-5042.

 

Below are links that provide important information and guidance on helping to avoid becoming a victim of cyber crime and answers to some frequently asked quetions:

Cybersecurity 101: What You Can Do at Home

Expert tips on how to protect your personal information online

https://www.consumer.ftc.gov/articles/0272-how-keep-your-personal-information-secure

10 Tips to Stay Cyber Safe While Travelling

http://www.welivesecurity.com/2016/06/29/stay-cyber-safe-road-10-tips-summer-season/

Information and photos to assist users in detecting ATM skimmers, gas pump skimmers and other related fraud devices.

http://krebsonsecurity.com/all-about-skimmers/

Three Ways to Thwart Hackers' Attempts at Persuasion

http://www.americanbanker.com/bankthink/three-ways-to-thwart-hackers-attempts-at-persuasion-1081451-1.html

4 Ways to Protect Against the Very Real Threat of Ransomware

https://www.wired.com/2016/05/4-ways-protect-ransomware-youre-target/

A Proactive Approach To Incident Response: 7 Benefits

http://www.darkreading.com/operations/a-proactive-approach-to-incident-response-7-benefits-/a/d-id/1324363?

 

Cybersecurity 101:  What the Average Business User Can Do

How to Protect Yourself from Macro-based Malware

http://thehackernews.com/2016/03/macro-malware-protection.html

My anti-virus is up to date so I am protected, right?

https://nakedsecurity.sophos.com/2016/05/16/my-anti-virus-is-up-to-date-so-i-am-protected-right/

7 common cyber security myths debunked

http://www.itproportal.com/2016/05/26/7-common-cyber-security-myths-debunked/

 

5 Email Security Tips to Combat Macro-Enabled Ransomware

Cybercriminals are increasingly looking to macro variants, leaving organizations to defend against advanced tactics like macro-based malware attacks any way they can.

Email clients and web browsers top the list of applications used to trigger the ransomware payload. It’s critical that organizations get a handle on their email traffic if they are going to protect against phishing and spearphishing attacks. The big problem, however, is that the ransomware threat extends well beyond the email traffic itself to encompass any file with macros – that is, embedded scripts that contain programming code.

Here are five recommendations designed to help stop weaponized attachments and macro-enabled malware delivered via email

1. Disable Macros

2. Use only essential applications

3. Enable email attachment sandboxing

4. Neutralize active code at the gateway

5. Train and educate your workforce

For more information on the five recomendations above clink the link below:

http://www.darkreading.com/vulnerabilities---threats/5-email-security-tips-to-combat-macro-enabled-ransomware/d/d-id/1326473

 

10 Important Cyber Security Tips for Small Business Owners

 

By Ahmad Hamidi March 10, 2017 in isBuzznews

 

(Excerpts) Small businesses are generally not well secured due to being labeled as small businesses, but their security threats are not necessarily small. On any given day, they can fell to the hacking, malware, ransomware and data breaches due to their cheap and dated protection. But with the few steps, you can avoid such cyber security risks. If you think that your small business is not vulnerable to cybercrimes like big corporations, you need to think again. 43 % of cyber-attacks target the small businesses!

 

Here are simple yet efficient cyber security tips for the small business owners to minimize the risks of hacking, malware, and ransomware.

 

Use Strong Passwords:

 

You must use strong passwords composed of numerals, alphabets and characters. If your passwords are strong, it is a tough job for someone to crack it. Encourage your employees and users to create strong passwords.

 

Minimize the Number of Password Attempts:

 

A hacker will try all of the passwords randomly till they successfully open up your account. It means that your account is not safe even with a 6 digit pin creating a million unique possibilities.

 

Remember, a password cracking software can guess your codes in minutes. So, you must limit the number of attempts at all stages of your authentication process. This point is as useful as creating strong password for your system.

 

Choose Your Password Manager Software Wisely:

 

Password manager tool creates strong passwords and remembers them for you. This is why many businesses prefer using password manager software. If you are considering the same, you have to think many times because of the various concerns. For example, your all passwords are stored in its database, meaning a hacker can get all if he goes for just one.

 

Prefer On-Screen Keyboard to Feed Sensitive Information:

 

Nowadays, hackers are so sophisticated that they can record your keystrokes with the help of keylogging software, especially when you are using shared networks. What you can do to avoid your information leaking to other ends is that by using virtual or on screen keyboard, keylogging software can’t keep the track of the on screen keyboard being operating with the mouse clicks.

 

Be Careful About Backups:

 

What about your data backup? While data backups are essential to effective security, mismanagement and mishandling of backups can make them vulnerable to the theft. For example, if you choose cloud storage, your data is stored at remote location. Any negligence means that someone can gain access to your data easily. Therefore, you must encrypt and password-protect your documents before storing them on the cloud or remote server. You must go extra mile to encrypt your sensitive data. In this way, you can have a peace of mind knowing that you have an extra layer of protection for the remotely secured documents.

 

Educate Employees About Cyber Security

 

When security breaches are more common than you think, it is good to educate your employees about cyber security before you have any breach. Here are the few strategies to keep in mind to train your employees in cyber security:

•Train everyone—from top to the bottom

•Conduct seminars frequently

•Tell them how to recognize the attack

•Regularly test your employee’s IT security knowledge

•Make clear your policies about hacking, data breaching and use of devices in your organization.

•Identify the inside threat in your company

 

Avoid Storing the Customer’s CVV Number

 

Getting the customer’s card details, with customer’s consent, can help you make the future checkouts convenient. On the flip side, this practice makes your customers data exposed to the hackers.

 

Control Physical Access to Systems and Network Components:

 

Don’t permit outsider or unauthorized person to use your system. If it is required, in the case of technician from another firm, provide them the general PC or have someone to supervise them during the tasks. Lock your computer up after leaving them and insist your staff to do so. Apart from that, you have to monitor the personal devices of the employees.

 

Update Your Software Regularly:

 

Never ignore the pop up messages on your screen which remind you about upgrading your software. Allowing software updates is one of the most important things you can do with your computer security. If you don’t, your computer is vulnerable to malware and hacking. Software vendors release software updates to address the security risks in their existing products that could be exposed to the hackers anytime. They generally contain vulnerabilities fixes and product enhancement.

 

Secure Your Networks:

Make sure your Wi-Fi network is hidden and secure to avoid the unauthorized access. And here are the ways to do that:

•Hide your Service Set Identifier available in wireless access point and router.

•Encrypt your wireless access point

•Disable access from the outside network

•Scan your network regularly

 

http://www.informationsecuritybuzz.com/articles/10-important-cyber-security-tips-small-business-owners/

 

 

 

 

Updated March 10, 2017