Practicing Good Cyber Hygiene to Avoid Holiday Cyber Attacks

By Dr. Bob Duhainy, Walden University Doctor of Information Technology core faculty member

While millions of holiday shoppers will be spending money on the best gifts for their loved ones, cybercriminals will be highly active due to the huge increase of online financial transactions, increasing the chances of stealing confidential information.

Security experts at Carbon Black caution that individuals can expect to see more attempted cyberattacks starting with Black Friday and continuing through the holiday shopping season. Experian also reported that 43% of consumers who had their identity stolen say it happened while shopping online during the holidays. To stay safe online during the holiday shopping season, take the following cybersecurity steps:

Understand your threats. It is important to realize the various vectors malicious actors are utilizing so you can properly defend yourself. Threat intelligence is an important service that information security professionals and everyday users should leverage for better protection. Before stepping out the door, examine current activity and take precautions to protect yourself. For example, the Cybersecurity and Infrastructure Security Agency (CISA), an entity within the Department of Homeland Security, provides free and up-to-date current activity and alerts, as well as a weekly vulnerability summary. CISA will also provide updates to state-run activities, which security professionals can digest and make useful to their organization, friends, and family.

One currently active alert from April 2018, coded under GRIZZLE STEPPE for malicious Russian cyber activity, denotes a vulnerability with Simple Network Management Protocol (SNMP) enabled network devices. Russian actors can extract device configurations, collect login credentials and impersonate privileged users, among other actions. By understanding threats to this level of detail, the appropriate mitigations can be implemented. Make threat intelligence actionable intelligence.

Zombie devices to botnets. While your local coffee shop may seem like a great place to get some online shopping done, remember that free, public wireless networks make it easier for cyber hackers to obtain your information. Make sure you use WPA-2 for authentication and 802.1x for remote access using IPsec/VPN tunnel before entering your personal information for online order. Be aware of the VPN you utilize because not all VPNs are 100% secure. As of October 2019, an advanced persistent threat (APT) was discovered to exploit vulnerabilities in Palo Alto, Fortinet and Pulse Secure products, which allow actors to collect credentials. These stolen credentials can later be used at accessing a root shell for increased privileged activity.

Metadata spoofing attacks. Cybercriminals exploit vulnerabilities of web-based applications due to vulnerabilities associated with various apps, especially when they are outdated. Keep up with the latest security updates on your computers, browsers and mobile devices. Setting your antivirus software to auto-update will also help safeguard your computer from the latest viruses.

In addition, ensure that you remain abreast of threat intelligence and immediately apply required patches to your systems. Many examples have been encountered in which patches were available but had not been installed as directed, resulting in an information assurance event or compromise. Think back to the Marriott, Target, and Office of Personnel Management hacks – each could have been prevented by appropriate patching.

Authentication attacks. Once the malware has been unleashed onto an electronic device, cybercriminals use brute force attacks to break the encrypted password saved in the form of an encrypted text. Never save your personal information – including your name, passwords, address and credit card information – using the remember me feature on shopping websites. Logging out of your account after each purchase ensures that your personal information won’t be compromised if your online retailers have a data breach. People often make the mistake of using the same password for multiple applications, even adding add a number or symbol to the original password after it expires. With an inverse correlation between security and convenience, users must carefully assess their circumstances. A trusted password manager can assist in producing strong and random passwords.

Masquerading emails. During this time of the year, email marketing campaigns are prevalent, and phishing is an area of major concern. The Anti-Phishing Working Group (APWG) reported that phishing attacks have increased to their highest levels since 2016. Simple Mail Transfer Protocol does not possess the necessary mechanisms to verify legitimate email addresses. Users cannot trust in Domain-based Message Authentication, Reporting and Conformance (DMARC) to protect them from spoofed emails. As you’re sifting through your inbox for the best holiday sales, verify the sender’s credentials before clicking any links. Even e-mail attachments and links forwarded from trusted entities may have malicious code. Get in the habit of manually typing websites in your internet browser to avoid any unforeseen cyberattacks.

In addition to phishing, malicious actors are also exploiting vishing and smishing approaches. Always be suspicious of unsolicited information requests and make sure you know where your information is going.

Use multi-factor authentication. Whenever possible, use multi-form authentication (MFA) to secure your devices and data. Use two of the three possible authentication methods: something you know, something you have and something you are. Going one step further, adaptive MFA applications can compare locational data, travel patterns, device context, and network context. By combining these results with a developed baseline, adaptive MFA can further secure your systems. Make use of MFA to make it more difficult for attackers to compromise your data and systems.

In addition to these tips, be discrete about any upcoming holiday travel plans. Do not share your location or go live on social media while you’re on vacation. Using the check-in feature makes you more vulnerable to digital and physical consequences as this lets hackers know where you are and where you aren’t. Hold off on sharing your vacation details online until after your trip is over.

Good cyber hygiene, the practice of proactive cyber safety habits, is the best way to protect your information from online criminals. Adopting these cyber safety tips during and beyond the holiday season will greatly reduce your probability of becoming a victim of cybercrime.

About the Author

Dr. Bob Duhainy, a core faculty member with Walden University’s Doctor of Information Technology program, has nearly 30 years of experience in technology and computer security. He teaches a variety of courses in data communications and computer security online. He is involved in various security-related research projects, including advanced authentication techniques interoperability, nefarious code detection, and system vulnerability assessments. Dr. Duhainy received training from the National Security Agency (NSA), Federal Bureau of Investigation (FBI), United States Secret Service (USSS), Central Intelligence Agency (CIA), Director of National Intelligence (DNI) and Department of Homeland Security (DHS) on various topics. He is also an active member of IEEE, ACM, AFCEA, Cisco Networking Academy, ISC2 and the FBI-InfraGard.