Let’s face it. 2014 was a bad year for Internet security. But 2015 doesn’t have to be the same.
Whether it be the White House, Home Depot or your home computer, more and more we’re thinking — where’d they go wrong?
Lucky for you, we have a guide on what to do if another Target security breach happens, and how to protect yourself in the future. This is Newsy’s Stop, Drop and Firewall.
Alright, so let’s say the next Heartbleed or Target hack gets announced tomorrow. What’s the first thing you do?
First, change your passwords. Immediately. As the keys to your various Internet kingdoms, these are your first and best lines of defense against hacking.
A common hack is a user database dump. That’s when a massive list of usernames and their related passwords gets posted up in the dark recesses of the Internet. Sony, Yahoo, eBay and Adobe have all been subject to this kinds of hack. The methods vary, but your response should not — change your password.
A good place to start is having, at the very minimum, eight characters in some sort of mix of lowercase letters, uppercase letters, numbers and symbols. Try to make it a phrase you can easily remember and is unique to you.
But managing complicated passwords can be difficult. Luckily, there are a few good password managers out there to help. While some of them can be pricey, 1Password, LastPass and Dashlane are all examples of great programs that can help store your passwords.
So new, impenetrable password set — what’s next? Well, now you need to figure out if you’re even affected by the hack. Don’t worry, it’s not as hard as it sounds.
If we have another Target or Home Depot situation on our hands, you’ll need to know if you’ve shopped at that place in the time frame of the hack.
For example: the Target hack took place between November and December in 2013. The Home Depot breach was longer, between April and September in 2014.
Anyone who made purchases with those stores during those times would then want to keep a close eye on their bank accounts. Luckily, banks are often proactive about this and will make some effort to contact you about a breach.
General research of any bug online can reveal any further action needed on your part and will oftentimes point you to the initial report on the bug from whoever discovered it. You know, just in case you really want to do your homework.
And try not to get too worked up over the various media reports on a bug. Things tend to get overhyped, such as when 2014’s Bash bug, also known as the Shellshock bug, was compared to the Heartbleed bug. Yeah, not accurate.
So now you’ve got a new password and done your homework. But how to prevent this in the future?
The United States Computer Emergency Readiness team has a wide range of tips for safe Internet use. Some of the big ones include watching out for “social engineering attacks” such as phishing attacks, keeping your firewall or anti-virus software up-to-date and using two-factor authentication.
Two-step verification is a great tool for keeping anything with a password extra secure. If a service you use offers it, then go for it.
And anti-virus software isn’t the only thing you should update. Browsers and operating systems both require software updates regularly to stay on top of their game in fighting against security holes. Keep them updated.
There are many more ways one can pump up their cyber security, but these are some of the basics that you really, really need to pay attention to. To learn more, the United State Computer Emergency Readiness Team has a full list of more nuanced tips a person can use to ensure they stay safe online.