Ghosts of Software
Have you made it through your first scary week in this spooky month? Have you done your best to keep yourself safe in the cyber world? Even though it may sound daunting and seems like a never ending loop of perpetual passwords/passcode changes and reminders to turn on the two-factor authentication part, but it makes a huge difference in the context of online safety.
To follow up on last week’s entry, we are now onto the next key component and behavior that is listed in the NCA and CISA 2024 campaign: Keeping your software up-to-date.
Imagine yourself at work, sitting at your workspace, or even at home with your computer in front of you, and an alert box continuously pops up. You X out of it and ignore it because it is just a pesky reminder to update your software. You don’t think about it again until a) the message pops back up; b) hackers have found a security flaw in the old software and now, well alarm bells are happening inside you and panic sets in because other weird things are happening on your computer. I do understand that is a pretty extreme possibility, but it is there if you don’t keep your software on your computer updated regularly. Software updates are there to patch zero-day exploits (unknown vulnerabilities that developers missed which are exploited by bad actors/hackers), update older and less effective protocols to the stronger-to-crack standards, and to improve performance. Hackers are out there working on ways to make what once was impenetrable, penetrable. To infiltrate your system and cause all sorts of chaos. They look for and find the security flaws, the vulnerabilities and pounce. Spying on your computer. Possibly downloading dangerous malware, ransomware or even collecting intel on your personal information to cause a greater headache, to take control of your accounts and/or to steal your identity.
I do not mean to scare you, but it is the month of spooky. I would rather give you information to keep yourself safe. And speaking on that, while you are doing what you should and update your software, keep a level of suspicion when you do. There are ways to double check that your update is true and not tampered with. Yes, updates can be tampered with and marketed to be the newest and best update. So, please never click on a link that you are hmming and hawing over. One solid way to check without getting too technical is to go on the organizations website and verify they in fact released a new update.
Next week, I will look into why it is a never good idea to click on unfamiliar or, truly even a familiar link in an email and/or post.
Malicious intent can hide anywhere.
SEEKING
W
ONDER
BY
SAMANTHA Y OCIUS CREATIVE MEDIA
