{ "version" : "https://jsonfeed.org/version/1", "content" : "news", "type" : "single", "title" : "Beware the Cyber Security House of Horrors! |Digital.gov", "description": "Beware the Cyber Security House of Horrors!", "home_page_url" : "/preview/gsa/digitalgov.gov/bc-archive-content-3/","feed_url" : "/preview/gsa/digitalgov.gov/bc-archive-content-3/2014/10/30/cyber-house-of-horrors/index.json","item" : [ {"title" :"Beware the Cyber Security House of Horrors!","summary" : "Ghosts. Ghouls. Zombies. Multi-stakeholder content audits. This Halloween there is no shortage of terrors lurking to keep federal Web managers up all night, and our work is largely done in one of the scariest domains of all: cyberspace. Every moment of every day, a vast system of computers and networks are actively working to support","date" : "2014-10-30T04:29:46-04:00","date_modified" : "2025-01-27T19:42:55-05:00","authors" : {"jordan-higgins" : "Jordan Higgins"},"topics" : { "emerging-tech" : "Emerging tech", "security" : "Security", "social-media" : "Social media" },"branch" : "bc-archive-content-3", "filename" :"2014-10-30-cyber-house-of-horrors.md", "filepath" :"news/2014/10/2014-10-30-cyber-house-of-horrors.md", "filepathURL" :"https://github.com/GSA/digitalgov.gov/blob/bc-archive-content-3/content/news/2014/10/2014-10-30-cyber-house-of-horrors.md", "editpathURL" :"https://github.com/GSA/digitalgov.gov/edit/bc-archive-content-3/content/news/2014/10/2014-10-30-cyber-house-of-horrors.md","slug" : "cyber-house-of-horrors","url" : "/preview/gsa/digitalgov.gov/bc-archive-content-3/2014/10/30/cyber-house-of-horrors/","content" :"\u003cp\u003e\u003ca href=\"https://s3.amazonaws.com/digitalgov/_legacy-img/2014/10/600-x-414-Clown-Photo-Credit-Kris-Gonzalez-Terror-on-Thomas-Court-Halloween-clown-on-mobile-phone.jpg\"\u003e\u003cdiv class=\"image\"\u003e\n \u003cimg\n src=\"https://s3.amazonaws.com/digitalgov/_legacy-img/2014/10/600-x-414-Clown-Photo-Credit-Kris-Gonzalez-Terror-on-Thomas-Court-Halloween-clown-on-mobile-phone.jpg\"\n alt=\"Halloween clown mask seen on a smart phone.\"/\u003e\u003c/div\u003e\n\n\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eGhosts. Ghouls. Zombies. Multi-stakeholder content audits. This Halloween there is no shortage of terrors lurking to keep federal Web managers up all night, and our work is largely done in one of the scariest domains of all: cyberspace. Every moment of every day, a vast system of computers and networks are actively working to support virtually every aspect of modern life, and along with it creating opportunities for Internet trolls, goblins, and other nefarious villains to target and exploit all manner of personal and professional information.\u003c/p\u003e\n\u003cp\u003eOctober is also \u003ca href=\"http://www.staysafeonline.org/ncsam/landing-page/\"\u003eNational Cybersecurity Awareness Month\u003c/a\u003e, and it is a great time to look at how we can help our agencies (and each other) be safer and more secure online. You may have heard in the news about high-profile incidents like data breaches at large retailers that expose customer information, but the even scarier reality is that cyber attacks happen 24/7 all over the world and have the potential to affect a broad range of aspects of our lives, including transportation, our economy, agriculture, essentially anything that is connected to a network. In this post, we’ll take a look at how the fast pace of connected technology creates cybersecurity challenges in the devices we use at home and at work, and look at few simple guidelines that can help us stay safer online.\u003c/p\u003e\n\u003ch2 id=\"not-scared-here-are-some-things-to-consider\"\u003eNot scared? Here are some things to consider\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIt’s estimated that approximately HALF of Americans have been \u003ca href=\"http://money.cnn.com/2014/05/28/technology/security/hack-data-breach/\"\u003ehacked in the past year\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThese attacks have compromised systems across \u003ca href=\"http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/\"\u003egovernment and the private sector\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe graphic below is visualization from cybersecurity firm Norse that maintains a network of 8 million computers simulating potential attractive targets of information like commerce and corporate databases. These attacks largely come from automated bots.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://s3.amazonaws.com/digitalgov/_legacy-img/2014/10/576-x-360-NORSE-Real-time-data-visualization-of-cyber-attacks.jpg\"\u003e\u003cdiv class=\"image\"\u003e\n \u003cimg\n src=\"https://s3.amazonaws.com/digitalgov/_legacy-img/2014/10/576-x-360-NORSE-Real-time-data-visualization-of-cyber-attacks.jpg\"\n alt=\"A screen capture of NORSE real-time data visualization of cyber attacks.\"/\u003e\u003c/div\u003e\n\n\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eReal-time data visualization of cyber attacks (this is only showing 1% of what they track!) (Source: \u003ca href=\"http://map.ipviking.com/\"\u003eNORSE\u003c/a\u003e)\u003c/p\u003e\n\u003ch2 id=\"the-internet-of-things\"\u003eThe “Internet of Things”\u003c/h2\u003e\n\u003cp\u003eWhile it sounds like it could be the name of a scary movie, the “Internet of Things” refers to the growing group of devices that can send and receive data over the Web. These devices often talk to each other and include different types of sensors to make that data more useful, and in turn make our lives easier. While the most common device now is typically a smartphone, here are some other ways connected devices are becoming increasingly popular and will present new security concerns we need to keep in mind.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eWearable devices\u003c/strong\u003e (example: FitBits, Jawbone, Google Glass) can track physical activity, diet, and sleep habits that can help us live healthier lives. \u003cem\u003e(But also store and transmit a tremendous amount of personal data \u0026amp; habits.)\u003c/em\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAppliances\u003c/strong\u003e can be programmed remotely and even automated to perform actions under conditions we choose. Thermostats and lights may be set automatically, ovens may be preheated or turned off, and utility usage can be monitored. \u003cem\u003e(While connected and accessible can make many things more cost effective and useful, all track usage data that may provide unintentional indicators of potential security concerns like not being at home.)\u003c/em\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHome Security Systems\u003c/strong\u003e with network connectivity can offer tremendous peace of mind with access to features like remote monitoring of video cameras, alarm notifications, and the ability to arm or disarm the system remotely. \u003cem\u003e(But also have the potential to be compromised and exploited.)\u003c/em\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCars\u003c/strong\u003e will increasingly have the ability to interact and connect with our smartphones, providing valuable services like maps and directions as well as alerting us when service is required \u003cem\u003e(and like the devices in our homes continue to track and store valuable data on our daily activities).\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe “Internet of Things” will continue to change our lives at a rapid pace. How quickly? Here are some predictions:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e25 billion\u003c/strong\u003e devices connected to the Internet by 2015; \u003cstrong\u003e50 billion\u003c/strong\u003e by 2020! (Cisco IBSG)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e4.5 billion\u003c/strong\u003e users on mobile devices; \u003cstrong\u003e1.75 billion\u003c/strong\u003e users on smartphones!\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e750,000 spam emails\u003c/strong\u003e sent during a two week period spanning December 2013 and January 2014 by Internet-connected devices (like media players, smart televisions, and even a refrigerator) as part of a network.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eHow scary is this really? Consider the case of a Forbes journalist who was able to \u003ca href=\"http://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/\"\u003eaccess a complete stranger’s entire automated home\u003c/a\u003e after a simple Google search, gaining access to remotely control many devices in the house. Like the malevolent spirits portrayed in movies like Poltergeist, an attacker could turn lights and the television on remotely, or any other device connected to the network. By simply not changing the default passwords on these new types of connected devices, the home was left vulnerable. Potentially even more terrifying is the possibility that a compromised connected home doesn’t have such obvious signs of being compromised, and instead just left silently doing the work of the very real people attacking it rather than the fictional outbursts of unhappy spirits.\u003c/p\u003e\n\u003cp\u003eThe reality is that the “Internet of Things” is already here and can easily be compromised and exploited in ways that we may not realize. Here are 3 simple steps from the \u003ca href=\"http://www.staysafeonline.org/ncsam/landing-page/\"\u003eNational Cyber Security Alliance\u003c/a\u003e about what you can do to stay safe as you connect more devices at home and at work.\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\u003cstrong\u003eKeep a clean machine\u003c/strong\u003e\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre\u003e\u003ccode\u003eJust like your laptop, smartphone, or desktop computer, any device that connects to the Internet has the potential to be compromised by things like viruses and malware. Watch for updates to your devices, and watch out for any unusual change in the way a device functions.\n\u003c/code\u003e\u003c/pre\u003e\n\u003col start=\"2\"\u003e\n\u003cli\u003e\u003cstrong\u003eThink Twice about Your Device\u003c/strong\u003e\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre\u003e\u003ccode\u003eJust got a new fitness monitoring or other connected device? Read the details on how it connects to the Internet, and what information it tracks and where it is stored. There will often be a website or other online service where your data may be accessible, and you’ll want to make sure it’s secure.\n\u003c/code\u003e\u003c/pre\u003e\n\u003col start=\"3\"\u003e\n\u003cli\u003e\u003cstrong\u003eYou are Only as Strong as the Network to Which You Connect\u003c/strong\u003e\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre\u003e\u003ccode\u003eAll of these devices will generally connect through your networks at home and at work. Follow your provider’s instructions to make sure your networks are properly secured, your passwords are strong, and your software is up to date. If an attacker is able to get in through wireless network, there’s a very good chance they’ll have access to every connected device as well.\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eWith a little knowledge and some active vigilance, the benefit of the Internet of Things can be enjoyed without compromising our safety online. Knowing, as the old saying goes, is half the battle.\u003c/p\u003e\n\u003cp\u003eFor more information about cybersecurity, check out the \u003ca href=\"http://www.staysafeonline.org/stop-think-connect/\"\u003eSTOP.THINK.CONNECT. website.\u003c/a\u003e\u003cem\u003e\u003cstrong\u003eJordan Higgins\u003c/strong\u003e is a Web and social media manager in the Office of Corporate Communications at the Defense Intelligence Agency, and an active leader in the \u003ca href=\"/preview/gsa/digitalgov.gov/bc-archive-content-3/communities/social-media/\" title=\"Social Media\"\u003eFederal SocialGov Community\u003c/a\u003e. The views expressed in this article are the author’s personal ones.\u003c/em\u003e\u003c/p\u003e\n"} ] }