Defending yourself against cyberattacks starts with understanding the risks associated with cyber activity, what some of the basic cybersecurity terms mean, and what you can do to protect yourself.
What is cybersecurity?
It seems that everything relies on computers and the internet now—communication (e.g., email, smartphones), entertainment (e.g., digital cable, mp3s), transportation (e.g., car engine systems, airplane navigation), shopping (e.g., online shopping, credit cards), medicine (e.g., medical equipment, medical records), and the list goes on. How much of your daily life relies on computers? How much of your personal information is stored either on your own computer or on someone else's system?
Cybersecurity involves protecting that information by preventing, detecting, and responding to cyber attacks.
What are the risks to having poor cybersecurity?
There are many risks, some more serious than others. Among these dangers are malware erasing your entire system, an attacker breaking into your system and altering files, an attacker using your computer to attack others, or an attacker stealing your credit card information and making unauthorized purchases. Unfortunately, there's no 100 percent guarantee that even with the best precautions some of these things won't happen to you, but there are steps you can take to minimize the chances.
What can you do to improve your cybersecurity?
The first step in protecting yourself is to recognize the risks and become familiar with some of the terminology associated with them.
- Hacker, attacker, or intruder - These terms are applied to the people who seek to exploit weaknesses in software and computer systems for their own gain. Although their intentions are sometimes fairly benign and motivated solely by curiosity, their actions are typically in violation of the intended use of the systems they are exploiting. The results can range from mere mischief (creating a virus with no intentionally negative impact) to malicious activity (stealing or altering information).
- Malicious code (Malware) - Malicious code, also called malware, is a broad category that includes any code that could be used to attack your computer. Malware can have the following characteristics:
- It might require you to actually do something before it infects your computer. This action could be opening an email attachment or going to a particular webpage.
- Some forms of malware propagate without user intervention and typically start by exploiting a software vulnerability. Once the victim computer has been infected, the malware will attempt to find and infect other computers. This malware can also propagate via email, websites, or network-based software.
- Some malware claims to be one thing, while in fact doing something different behind the scenes. For example, a program that claims it will speed up your computer may actually be sending confidential information to a remote intruder.
Examples of malware include: viruses, worms, and ransomware.
- Vulnerabilities - Vulnerabilities can be caused by software programming errors. Attackers may try to take advantage of these errors to infect your computer, so it is important to apply updates or patches that address known vulnerabilities (see Understanding Patches for more information).
NCCIC's other cybersecurity Tips provide additional information onhow to recognize and protect yourself from cyberattacks.