Winter Olympics gets hacked – Here are some precautions that you can take against cyber-attacks
As the news of the Winter Olympics cyber-attack broke and the official website was taken offline, OSAC (Overseas Security Advisory Council) has put out this advice on how to take precautions against cyber-attacks that is useful for us all.
- Exercise caution and learn to identify spear phishing attempts: Malware samples are thought to have often been spread through spear phishing email messages. Certain indicators may signal a heightened likelihood that an email is a spear phishing attempt:
- Look for red flags such as misspelled words or poor grammar. Consider the relevance of the email, content, and sender. Malicious cyber actors may create fake domains designed to spoof the user into believing they are legitimate. For example, hackers may send an email from “…@stategov.com” in order to mimic the actual domain “…@state.gov.” Private-sector professionals are also advised to confirm that the subject and content of the email is pertinent to all parties involved.
- Confirm that links lead to the intended website and have not been altered. It is easy for hackers to edit the destination of a hyperlink, while leaving the language in the link unchanged. By hovering the cursor over a link, the user will be able to see the true destination, without actually accessing the link. Users should be wary of instances in which the text and the URL do not appear to have a logical relationship.
- Manually navigate to the website by inputting the desired URL into the web browser, instead of clicking on the link directly. Typing in the web address manually may prevent users from being unknowingly re-directed to an unintended website.
- Exercise caution when downloading attachments and while running executable files: Malware has been delivered through malicious decoy documents. When possible, all attachments should be scanned for malware.
Additionally, some organizations may decide to limit the privileges of non-admin users so that they cannot run executable files (e.g., those ending in .exe and .dwg). The installation of such files could potentially result in the transfer of malware onto an organization’s network. Exercise caution when prompted for password resets and software updates while overseas: Private- sector security professionals should also be wary of prompts encouraging them to reset their passwords or update their software while traveling or operating overseas. If prompted to reset one’s password, the user should verify that the URL of the re-direct page is associated with the account in question. Alternatively, and perhaps more cautiously, the user may consider accessing the password reset prompt directly through the service’s website, rather than through a link provided via email. Use two-factor authentication for all accounts where possible: Two-factor authentication acts as a second layer of security to prevent an actor from gaining access to an account in the event of a compromised password.
Private-sector security professionals are also encouraged to set up notifications for authentications and regularly check login records for suspicious login attempts. Confirm URL of websites, especially those requiring credentials: Hackers have demonstrated the ability to create convincing imitation websites in order to push malware and/or collect account information like usernames and passwords. Moreover, providing credentials to a malicious imitation website can be particularly problematic if the same username and password are also used on other sites, which may allow hackers access to more sensitive data and information.
(Sources: Yonhap, New York Times, USA Today)