The 17th annual Cybersecurity Awareness Month (CAM) has officially started, and over the next few weeks, we’ll be looking at some different ways to help keep everyone safer online.
CAM, formerly known as National Cyber Security Awareness Month (NCSAM) in the U.S., was launched in 2004 by the National Cyber Security Alliance and the U.S. Department of Homeland Security. The goal is to inform individuals and organizations about the risks of being online. The effort has evolved over time and continues to deliver measurable results.
Each week of October has a specific topic that falls within a theme. This year the theme for CAM is “Do Your Part. #BeCyberSmart,” and the weekly themes are:
- Week 1: If you connect it, protect it
- Week 2: Securing devices at home and at work
- Week 3: Securing internet-connected devices in healthcare
- Week 4: The future of connected devices
The key outcome for the month is for people to understand the risks of online connectivity and learn how to minimize those risks through better security practices.
If you connect it, protect it.
Devices become vulnerable to attack within minutes of connecting to the Internet. The device could be a computer or a smartphone, but it doesn’t have to be. It could be a security camera, light bulb, teddy bear, or car. The world is becoming more connected, and cybercrime is getting easier and more accessible.
This is even more true now that COVID-19 has moved employees and students to remote locations. More people and devices are connected to the internet, and many are using applications like Zoom for the first time. Some were assigned devices that were secured properly by the IT department, but some just purchased whatever they could get their hands on while supplies were available. IT teams are still playing catch-up on securing these remote devices.
It isn’t just work and school devices that are at risk of compromise. Smart home devices are becoming less expensive and easier to install. These small intelligent devices promise to increase efficiency, reduce costs, conserve energy, secure the property, and more. To do this, they connect to each other and/or the internet and monitor their environment for sound, movement, temperature, or whatever it is they are meant to do. All of this information is being captured and transmitted to the cloud for processing and storage. The default administrator credentials for these smart home/office devices can be found in online user manuals or forums where lists of default credentials are shared. At last count, roughly 15% of these devices were still using those default credentials.
Tips to help secure devices
The team behind Cybersecurity Awareness Month has published this tip sheet to help secure smart homes and offices. This isn't a big intimidating process either; you can a long way in securing your devices with some simple steps:
Configure your privacy and security settings: As soon as possible, change the default credentials and configure the settings to secure the device. Disable any unnecessary services such as Telnet when not in use.
Keep software up to date: Monitor the device for updates from the manufacturer. When an update becomes available, it should be installed immediately if possible.
Think of where you put them: Webcams, security cameras, and devices that listen for a wake-up phrase may not be suitable for sensitive areas of the business. A compromised server could hold large amounts of private audio that could be used by criminals for identity theft or spear-phishing research. A compromised webcam in the home could be used to publish private videos to the public internet.
To learn more about securing smart devices and the Internet of Things, visit the Cybersecurity and Infrastructure Security Agency (CISA) here.
Barracuda provides solutions to secure internet-connected devices and operational technology for companies of all sizes. Visit our website for more information.
Christine Barry is Senior Chief Blogger and Social Media Manager at Barracuda. In this role, she helps bring Barracuda stories to life and facilitate communication between the public and Barracuda internal teams. Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years. She holds several technology credentials, a Bachelor of Arts, and a Master of Business Administration. She is a graduate of the University of Michigan.
Connect with Christine on LinkedIn here.