Our view: Defend against cyber attacks | Editorials
Cybersecurity risks recently have come home in a forceful way to Joplin.
Joplin city officials said Thursday that an investigation is underway into a “network security incident” that led to the shutdown of many city services. Most of the city government’s computerized and online operations, including its internet telephone service, was disabled in the digital intrusion early Wednesday. Telephone service was restored to city of Joplin offices and departments Friday.
This attack on our city is part of a crime wave causing mayhem worldwide. Industries and institutions are girding against the incursions. Here, the Joplin School Board in June voted unanimously to spend almost $200,000 for detection of and response to possible computer and digital threats.
Kerry Sachetta, assistant superintendent for operations for the district, cited the cyber attacks in May on Continental Pipeline and on JBS, a meat processing company. But he also cited attacks on Crowder College and Missouri Southern State University.
The Justice Department has worked to expand its ability to seize cryptocurrencies (digital money) used to pay ransom to criminal hackers and has helped to recover a significant amount of money. Intelligence agencies are investigating sources of the attacks and are weighing operations to disrupt and disable the criminal outfits involved. The administration is also pursuing ways to discourage nations that permit, encourage or launch such attacks.
Governments, corporations, organizations and individuals pay for a range of defensive measures. Some buy insurance to offset the financial risk. But online attackers often enter systems by tricking individuals connected to the system. We all must be aware of good practices to protect ourselves and the systems we log into.
Five practices are fundamental to keeping networks safe:
• Strong passwords. Pick unique passwords for each account and change them frequently — say, every three months or so. Remember, longer is stronger for a password, as is a mix of numbers, letters and even special characters. If two-factor login is available (password and a code sent by text or email), use it.
• Don’t trust unsolicited emails. Even if an email appears to be from a known account, look at the address carefully. Criminals are clever about spoofing addresses, so pay particular attention to the characters right before or after the dot (.) — on a fake account, they generally will not be the ones you expect. Don’t open email from unknown email addresses.
• Trash attachments in unexpected emails and avoid risky clicks. Instead of following a link, right-click it and read the URL address. If you need to check with an online organization to see if an email is legit, type the address into your browser.
• Update your software. Software updates are frequently intended to correct security vulnerabilities.
• Don’t supply sensitive information or share it on social media. If a request seems odd, it probably is. It’s better to check with the company, agency or person before acting on a request for information online. Don’t respond to social media “polls” asking about your first pet, what city you were born in, your mother’s maiden name or other information sometimes used for security questions.
Cybercrime is everywhere, and it hurts us all. Do your part to limit the risks.