October 29, 2020 All, Tech

Cybersecurity Awareness Month 2020

October is internationally recognized as Cybersecurity Awareness Month – and Halloween of course!

Why Should I Care?

TLDR: Use unique passwords for each of your online services!

Have you ever received:

  • an odd email, phone call, or social media friend request?
  • fraudulent charges on your credit card?
  • viruses on your computer?

All of these events are different types of cyberattacks – and the list does not stop there.

“It can’t happen to me…can it?” Yes, it can. It probably has happened to you hundreds of times already, despite being a Canadian. For myself, I had an organization leak my personal information last year. Thankfully, it was only sent to one person…

The CRA Cyber Attack

This year, the Canadian Revenue Agency experienced a cyber attack known as credential stuffing:

https://www.canada.ca/en/revenue-agency/news/2020/09/cyber-incidents.html

A Credential Stuffing attack is when an attacker uses a list of previously-gathered usernames and passwords (credentials) from other cyber attacks and use them against a website’s sign in page. This attack is usually successful as most people reuse their passwords.

If the folks who fell victim to the CRA hack used unique passwords for each of their online services, they would have been safe from the attack.

“But John, who can remember every single password?”

No one. That is why we use tricks to help us memorize passwords. Here is an example:

  • Bad password: johnboy123 (lowercase, numbers)
  • Decent password: JohnBoy123# (lowercase, uppercase, numbers, symbol)
  • Strong password: J0HnB0Y#123$ (lowercase, uppercase, numbers + letters, symbols, more numbers, lengthy)

What makes a strong password?

  1. It is complex – meaning it contains uppercase, lowercase, numbers, symbols, and has a minimum character length of 8.
  2. It is unique – it is only used for one online service and is never reused.
  3. It is yours – meaning it is something you know, that is not written down on a sticky note next to your computer

If you are lazy – use what’s called a Password Manager.

A Password Manager allows you to store all your passwords in a secure location and is locked by a “master password.” If you go this route, ensure the “master password” is complex and at least 14 characters in length.

This master password gives access to your digital life – so guard it with your life!

To End Cyber Awareness Month 2020…

Use unique passwords for each of your online services!

Next Cyber Awareness Month, I will cover another way to stay safe online.