Page 5 - OI2T Share Newsletter

Basic HTML Version

Did you
Your Internet browser, such as Internet Explorer,
Firefox, Chrome, or Safari, is one of the primary
tools you use to interact with the Internet. Cyber
attackers know this, which makes your browser
one of their primary targets. Also, your browser
may collect a great deal of personal informa-
tion about you that you may not be aware of. In
this article we cover the steps you can take to
protect both your computer and your privacy.
Plugins (sometimes called Add-Ons) are addi-
tional programs you can install in your browser.
The problem with these additional programs is
they can expose you and your system to greater
risk. Each program you add to your browser has
its own unique vulnerabilities or weaknesses.
The first step to protecting yourself is always
using the latest version of your browser. It does
not matter which browser you use; what is im-
portant is that you use the most recent version
of your browser. Cyber attackers are constantly
searching for, and finding, programming errors
and other flaws in browsers. These mistakes
(often called vulnerabilities) can be exploited,
giving attackers access to, and sometimes even
complete control, over your system.
Here are a few tips on how to keep safe while
internet surfing and how to fall victim to the social
networking world.
“You are what you tweet.”
- Alex Tew
The more information adversaries can obtain, the more opportunities they have to
cause damage at your expense. Practicing good operations security (OPSEC) will
minimize the risks that come from participating in SNSs, and help you to recognize
and protect your critical information.
Your critical information is any information that you or your mission manager
considers sensitive. Here are some examples:
• Names and photos of you, your family and co-workers;
• Usernames, passwords, computer and networking information;
• Job title, location, salary, grade, clearances;
• Operational, security, and logistical data;
• Mission capabilities or limitations;
• Schedules and travel itineraries;
• Social Security numbers, credit card, and banking information;
• Work or personal addresses and phone numbers; and,
Follow computer security guidelines:
Adversaries prefer to go after easy
targets. Keep your computer security up-
to-date and make yourself a hard target.
Never login from risky locations:
lic SNSs generally do NOT have secure
login available (HTTPS with the lock
icon). If you login from a hotel, cyber-
café, or airport hotspot, particularly ones
in foreign countries, your name and
password can be captured at any time.
Keep your password secure:
different, strong passwords for each
online account. Never give your
password away.
Modify your search profile:
Do a
search for yourself and if too much
data comes up, go to your settings and
restrict your search profile.
Don’t depend on the SNS for
Even SNSs that aren’t
open and public by design can become
so due to hacking, security errors, poor
data management practices, and data
brokering. In some cases, the site terms
of service explicitly claim ownership of
all your posted content.
Treat links and files carefully:
cial engineers and hackers post links
in comments and try to trick you into
downloading an “update,” “security
patch,” or “game.”
Don’t trust add-ons:
Plugins, games,
and applications are often written by
other users, not the SNSs themselves.
The authors can easily gain access to
your data once you install them.
Don’t post critical information:
you don’t want it public, don’t post it.
Search engines and functions make it
easy for adversaries to find what they’re
interested in. Once information is on the
Internet, it is there forever.
Review your friends’ profiles:
photos or information they post about
you may be a problem.