Why does what’s happening in Ukraine matter for cybersecurity?
Everyone can be a national cybersecurity defender
I wrote about the consequences of weak cybersecurity at an organization on the overall security of our country in the first chapter of Cybersecurity for Executives in the Age of Cloud. We are there. Right now today. Your cybersecurity may affect a lot more than your company’s data. If you don’t understand how please read my book.
I was talking to someone today who said what’s happening in Ukraine doesn’t affect him. He’s not going to worry about it until Russians are knocking on the door. I frustratedly explained to him that’s not the problem. That’s not likely what will happen.
Here’s what will.
What if you try to pull your money out of the bank and you can’t? What if you try to turn on the light and it doesn’t work? What if your cell phone doesn’t work? What if you cannot connect to the Internet, or *gasp* watch Netflix? What if something happens to an oil pipeline and you can’t get gas, such as just recently happened to us here in Georgia not far from us? What if your local hospital can’t take care of patients, which also happened here in Savannah recently?
If you want to learn more about how these things already happened in other countries check out my cybersecurity book reviews. I provide a brief synopsis of each book. You’ll get a better understanding of how governments leverage cybersecurity attacks if you read or listen to those books.
These are not scare tactics. I’m not sitting here worrying about these things. Why? Because I’m doing the best I can to help ensure my systems aren’t leveraged in a cyberattack. I also try to help my clients protect their cloud environments with cloud and application penetration tests and cybersecurity assessments. I provide cybersecurity information to help people secure home networks and personal data on my blog.
I just hope every organization and person out there take cybersecurity seriously as they should and understands the bigger picture. I explain in my book how your systems can be used to attack someone else’s. You might not even notice. Protect your data and help protect everyone else’s systems with basic cybersecurity best practices.
Every single person can help defend their country. The little things add up. When you secure your systems, they help defend us all. When you find and report a cybersecurity problem, you can help a lot of other people who may be infected by the same malware.
Simple steps to improve your cybersecurity
If you’re a home user one simple thing you can do to improve your cybersecurity is to change the DNS records in all your devices. Point them to a service that automatically blocks your system from reaching known malicious domain names. Here’s how to do that:
Easy DNS Change To Prevent Attacks
22.214.171.124 and 126.96.36.199 for Safer Home and Small Business Networks
Don’t forget to change your DNS entries for all your networking equipment, IoT devices, and mobile devices. Those also can be protected by pointing to the above DNS servers or similar.
Update your router and device passwords if you have them at the default. Maybe it’s a good time to change them. While you’re in there, make sure all your systems and devices are updated and using the latest software.
Use a hardware multi-factor authentication (MFA) device when possible. Use whatever kind of MFA you can everywhere. I explained what MFA is in my book if you’re not familiar. Use a hardware device for MFA where you can. I explained what a Yubikey is in this blog post:
If you’re a bit on the technical side, learn how to set up a firewall and monitor your network. This is one of the important things you can do to improve cybersecurity on your home network.
Even if you download something you shouldn’t, if you have strong network rules and monitor your network, you may be able to notice and stop an attack. When you become familiar with what is normal and what is not you can block things that are malicious. It takes time to learn network security but it is one of the best ways to protect yourself.
Hopefully, you have already heard of phishing and know that you should not click suspicious links and attachments in email. Also, avoid installing applications on your computer or mobile devices unless you know the author is trustworthy.
Organizations seeking to improve security can keep following my blog, read my book (s < new ones on the way), or schedule a call with me or other IANS faculty members if you have cybersecurity questions. If you need a cloud security assessment or penetration test you can reach out to me on LinkedIn. I can help your company find and fix cybersecurity problems and reduce the chances you are giving attackers to break into or use your systems in a cyber attack.
Teri Radichel — Follow me @teriradichel
© 2nd Sight Lab 2021
More in this series listed in this blog post:
Secure Code By Design
Programming tactics that prevent vulnerabilities and defend applications against cyber attacks
Want to learn more about Cybersecurity and Cloud Security? Check out: Cybersecurity for Executives in the Age of Cloud on Amazon
Need Cloud Security Training? 2nd Sight Lab Cloud Security Training
Cybersecurity & Cloud Security Resources by Teri Radichel: Cybersecurity and Cloud security classes, articles, white papers, presentations, and podcasts