One of the more terrifying things about a cyber attack is the thought that one could have already happened to your computer or phone and you don’t even know it. Being unaware of a security problem on your device means the hacker has more time and opportunities to infiltrate your data and take hold of for-your-eyes-only information such as bank account info and passwords to sites you frequent. One of the best ways you can stay on top of your device’s security is by knowing the signs of a problem.
Kathleen Hyde, the Chair of Cybersecurity Programs for Champlain College Online and an Assistant Professor instructing cybersecurity courses, outlines three ways you can identify a cyber attack — and ways you can protect yourself.
Something is off
Different types of cyber attacks will make themselves known in different ways, but generally speaking, the top sign is that something is different, Hyde says. “That something could mean getting an email about something you weren’t aware of or from someone you don’t know, noticing a new file or popup message, or suddenly seeing your device or network become sluggish and unresponsive,” Hyde says.
Hyde breaks it down more: “The most common cyber attacks that target consumers are typically found in the inbox because so much of what we do involves email,” she says. “Phishing attacks, for example, are used to harvest account credentials. In a phishing attack, the goal is to create enough intrigue, using a sense of urgency and something familiar, to get the victim to click on a link and input their username and password. What appears to be a legitimate website is actually one that is spoofed, meaning that the attacker/scammer has created a malicious website that is identical or nearly identical to a trusted site.”
You can no longer access your files
Ransomware attacks also use email, Hyde warns. “In a ransomware attack that uses email, the attacker’s goal is to get the victim to open a malicious attachment that will then install malware on the victim’s computer,” Hyde says. “Once the malware is installed, the device’s files are encrypted. In both of these attacks, the evidence that someone has become a victim is typically apparent within a short period of time. In a successful ransomware attack, for example, the affected files will become inaccessible within a matter of seconds to minutes. Any attempt to access them will result in a message that states how to pay the ransom.. Also, typically the file name, specifically its extension, will be altered.”
A successful phishing attack is often detected when the victim starts to receive notifications that there is suspicious activity on an account, Hyde continues. “This activity can include password changes, purchases, and even the addition of multi-factor authentication if it wasn’t previously enabled. Another sign is when the victim of the phishing attack attempts to sign into an account and they can’t. Suddenly the backup phone number has been changed and it is unrecognizable, for example.”
Another thing to keep in mind is that smartphones aren’t immune to attack. “Phishing attacks can also occur via text messages,” Hyde says. “When this happens — the attackers try to trick unsuspecting users into sharing their credentials or installing malware — it’s called smishing.”
Physical signs
Sometimes there are obvious physical signs that you’ve been attacked by hackers. “In an attack that puts a greater load on a computer’s processor, like a cryptojacking attack, the processor is likely to run at a higher temperature and this may cause the fan or fans in the device to run more frequently in an attempt to cool the processor,” Hyde says. “Cryptojacking attacks use malware to turn computers belonging to others into resources that can be used to mine cryptocurrency.”
How can you protect yourself from a cyber attack?
There are several ways that consumers can protect themselves from cyber attacks, Hyde points out:
** Keep software up-to-date — “Whether it’s the firmware on a device, an operating system or productivity software, or antivirus, it’s important to make sure that the latest updates and patches are installed,” Hyde says. “Doing this will help prevent an attacker from exploiting known security vulnerabilities. Keep those smartphones up-to-date too!”
** Use “strong” passwords, or better yet passphrases, and multi-factor authentication — “The longer and more complex a password, the less likely it will be susceptible to brute force attack,” Hyde says. “Passphrases – made-up sentences with at least four words – are even more difficult to crack. Multi-factor authentication is a must! When multi-factor authentication is enabled on an account, the person trying to log in must present at least two of three variables – something they know, something they have, or something you are.”
** Don’t use public Wi-Fi. — Public Wi-Fi is certainly convenient and it’s also free, but that doesn’t mean there are no costs associated with it, Hyde warns. “If your device is not up-to-date or its hardware or software has vulnerabilities that are not resolved, you could be at risk of becoming a victim of a cyber attack,” Hyde says. “Even something as simple as ordering a pizza using public Wi-Fi can be problematic. If the restaurant doesn’t have a secure website, your credit card number could be transmitted in plain text. Anyone intercepting the network traffic on the public Wi-Fi would be able to see it.”
** Use a VPN — A VPN (Virtual Private Network) uses encryption to secure your connection to the Internet, explains Hyde. “A VPN makes it more difficult for an attacker to eavesdrop and can also help protect your online privacy,” Hyde says. “Care needs to be used when selecting which VPN is right for you, however, since attackers sometimes use free VPN services to spread malware.”
Cyber attacks happen — but the more you know about the signs to look out for and how to prevent them, the better protected you’ll be.
