TIPS: Stop.Think.Connect. July Update (DHS)

Stop.Think.Connect. Blue Header

July 2013 Update

IN THIS ISSUE

  • Don’t Let Identity Theft Extinguish the Fireworks
  • DHS Component Spotlight: ICS-CERT
  • Announcing 2013 National Cyber Security Awareness Month Themes
  • Stop.Think.Connect. at 2013 AFCEA Symposium   

Don’t Let Identity Theft Extinguish the Fireworks

Father and child watching fireworks

The Stop.Think.Connect. Campaign hopes everyone had a safe and fun Independence Day. While every July we celebrate the freedoms we have as Americans, we should also take the time to understand how to protect ourselves against threats. A growing cyber threat is the rise of identity theft. According to the Federal Trade Commission (FTC), in 2012, over 360,000 people filed formal claims to the Federal government around identity theft.

Cyber criminals use many avenues to gain access to people’s personal information. They can install malware that gives them access to your online accounts. They send phishing emails – emails that are seemingly legitimate – asking for your personal information. They can use publically available personal information to guess your passwords and access sensitive information such as your social security number or bank account or credit card numbers.

Sometimes people become victims of identity theft without even realizing it. The FTC is a member of the Stop.Think.Connect. Cyber Awareness Coalition, and leading Federal agency for protecting American consumers against fraud. The FTC identify theft web page has many resources around how to identify identity theft, and what to do if your personal information is stolen.

Protecting your personal information is the best way to avoid becoming a victim of identity theft. Follow these tips to help protect against identity theft:

  • Set strong passwords. Especially for sensitive online accounts (such as online banking), make sure your passwords are complex and unique. Do not set passwords that will be easy for cyber criminals to guess.
  • Keep a clean machine. Keep your software and operating system updated. This will help your computer better fight against malware.
  • Be cautious online. Do not click on suspicious links or download items from unknown sources. Only use secure wireless networks and websites (those that start with https://) when conducting sensitive activities online.
  • Lock your devices when you’re away. Prevent others from accessing your computer and mobile devices by locking your devices when they are not in use.
  • Use social networks carefully. Do not divulge sensitive information (such as your address or birthday) over social media. Set your social network privacy settings so only your real friends and family can see your information.
  • Check your bank and credit card statements regularly. Make sure that any charges were authorized by you.

The Stop.Think.Connect. Campaign encourages all Americans to remain vigilant about Internet use. For more information to help you become more aware of growing threats and guard against them, visitwww.dhs.gov/stopthinkconnect.


DHS Component Spotlight: ICS-CERT Provides Hands-On Cyber Incident Support

Every day people take showers, watch television, drive cars, talk on cell phones, and use computers. None of this would be possible without the utility infrastructure that supplies us the water, electricity, gasoline, and telecommunications we use in our homes and communities. Industrial control systems are what support, monitor and run the essential utilities we rely on every day. Much of the United States’ critical infrastructure, which includes energy, chemical, water, and transportation, depends heavily on industrial control systems to function properly and many of these systems are operated by commercial enterprises.  One challenge is that these privately run systems are often the focus of advanced cyber attacks.

Just as cyber criminals attempt to control home computers for malicious purposes, criminals also try to breach the networks that run industrial systems, such as a water, power, or chemical plants. By accessing these industrial control systems, cyber criminals could cause service disruptions, economic losses, destroy property, or compromise public safety.

The Department of Homeland Security’s Industrial Control Systems-Computer Emergency Response Team (ICS-CERT) helps owners and operators of critical infrastructure prepare for, respond to, and recover from cyber incidents. ICS-CERT monitors cyber threats and incidents and issues timely alerts to warn the critical infrastructure community of potential threats to their business networks and production environments. ICS-CERT provides recommend actions to protect systems from specific threats and issues advisories about security issues and known vulnerabilities.

ICS-CERT also coordinates information sharing among Federal, state, local, tribal, territorial, and private sector organizations. ICS-CERT operations support the National Cybersecurity and Communications Integration Center (NCCIC), a centralized location open 24×7 for cybersecurity partners to work together. From NCCIC’s watch floor, ICS-CERT has access to the latest information on cyber activity as well as to cybersecurity partners at all levels of government, in the intelligence community, and in the private sector.

ICS-CERT works with owners and operators to assess their systems, find vulnerabilities, and address identified vulnerabilities to prevent cyber attacks. When incidents occur, ICS-CERT offers analytical support to affected organizations. Additionally, ICS-CERT runs a malware lab to test malicious code and the potential effects malware could have on industrial control systems.

Critical infrastructure owners or operators who need on-site help can request ICS-CERT personnel to come to their site to assist with cyber incident response. Specialized personnel form “fly-away teams” that work with onsite staff to address the cyber vulnerability and work on mitigating future attacks. During 2012, the team responded to 138 cyber incidents and supported six onsite deployments upon request of the owners or operators of critical infrastructure.   

 

ICS-CERT Cyber Incident Support Team  

In February 2013, ICS-CERT won Security Magazine’s “Security Team of the Year,” beating two other finalists from private sector companies. It also publishes the ICS-CERT Monitor, a newsletter that provides information about recent attacks, upcoming ICS-CERT activities, links to recently released ICS-CERT advisories, and situational awareness articles around ICS threats.

 

For more information about ICS-CERT, visit https://ics-cert.us-cert.gov/.


2013 National Cyber Security Awareness Month Themes Announced

 

National Cyber Security Awareness Month

October is National Cyber Security Awareness Month (NCSAM). Through a series of events and initiatives across the country, NCSAM engages public and private sector partners to raise awareness and educate Americans about cybersecurity, and increase the resiliency of the Nation and its cyber infrastructure. NCSAM 2013 will focus on a different critical cybersecurity issue each week in October:

  • Week One (October 1-4): Our Shared Responsibility; Stop.Think.Connect., and Cyber Security in the Next 10 Years
  • Week Two (October 7-11): Critical Infrastructure and Cybersecurity*
  • Week Three (October 14-18): Cyber Workforce and the Next Generation of Cyber Leaders
  • Week Four (October 21-25): Cyber Crime
  • Week Five (October 28-31): Being Mobile: Online Security and Safety*

 

*NCSAM themes for Week 2 and Week 5 may be reversed, pending event confirmation.

Visit http://www.staysafeonline.org/ncsam/about for more information and updates.


Stop.Think.Connect. at 2013 AFCEA International Cyber Symposium

AFCEA Logo

On Thursday, June 27, Kristina Dorville, Director of Cyber Awareness Programs for the U.S. Department of Homeland Security (DHS) and Marcus Sachs, Board Member of the National Cyber Security Alliance (NCSA), which is a Stop.Think.Connect. coordinating partner, participated in a panel discussion during the Armed Forces Communications and Electronics Association (AFCEA) International Cyber Symposium in Baltimore, Maryland. Panelists for this session, “Cyber Awareness and Education: Focus on the National Initiatives for Cybersecurity Education” included Dorville, Sachs, Dr. Ernest McDuffie, Lead for the National Initatives for Cybersecurity Education (NIST), Peggy Maxson, Director of DHS National Cybersecurity Education Strategy, and Dr. Robert Childs, Chancellor of iCollege and Deputy President for Cyber and Information for the National Defense University.  Panelists discussed the importance of building a strong cyber workforce to counter the increasing cyber threats Americans are facing both at home and at work. Mr. Sachs encouraged companies to promote cybersecurity among all their employees, as cyber criminals go beyond targeting networks and systems to targeting people. Ms. Dorville spoke about the opportunities for organizations to get involved in cybersecurity awareness, including joining the Stop.Think.Connect. Campaign’s National Network and participating in National Cyber Security Awareness Month activities in October 2013.


Stop.Think.Connect. resources Stop.Think.Connect. feedback information

Updated: July 30, 2013 — 5:36 pm

The Author

Rich Fleetwood

Rich is the founder of SurvivalRing, now in it's 20th year, author of multimedia CDs and DVDs, loves the outdoors, his family, his geeky skill-set, and lives in rural Missouri, just a few miles from the Big Muddy. Always ready to help others, he shares what he learns on multiple blogs, social sites, and more. With a background in preparedness and survival skills, training with county, state, and national organizations, and skills in all areas of media and on air experience in live radio and television, Rich is always thinking about the "big picture", when it comes to helping individuals and families prepare for life's little surprises.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.