Cyber Security for the Holiday Season and Beyond
Yesterday I was going through my mail at home, and a nicely decorated print ad caught my eye with a title “Cyber Monday Event.” Wow, it’s only early November, but retailers are already racing to jumpstart the holiday shopping season, including online shopping promotions. Are you ready to dive in?
In my previous blogpost, I shared information about National Cyber Security Awareness Month in October and how Cisco supported this great event. I attended the October 6 “A Unified Message for Cybersecurity” forum at Intel and other related activities. With the “Stop. Think. Connect.” message in place, the support of excellent public and private partnerships, and participation from numerous organizations and individuals, I feel that the cybersecurity awareness campaign has reached critical mass this year. In the meantime, the need for cyber security is further evidenced by a number of events, such as Firesheep and new online banking security flaws disclosed within the past 30 days.
Firesheep is an incredibly easy-to-use tool to hijack network sessions, especially those destined for social networking sites. With Firesheep, when a user in a unsecure public Wi-Fi spot visits Facebook, Twitter, Flickr and other sites known to Firesheep, a hijacker can instantly log in to those web sites as that user by a click of a button. The best precaution for users at this time is to use fully encrypted sessions (such as a VPN connection) or to avoid accessing sites involving personal information from an unsecure public Wi-Fi spot.
The newly discovered security flaws in online banking involve vulnerabilities in wireless banking apps that run on iPhone and Android-based devices. Such vulnerabilities could allow a hacker to access the victim’s sensitive data including username, password, and account information. Users should make sure they are using the latest version of these apps that have fixed the vulnerabilities.
From social networking to online banking to ongoing discussions on Advanced Evasion Techniques, there are plenty of reasons to keep up cybersecurity efforts. Visit the Cisco Cyberspace Action for Education website to learn more information.
May you have a happy and cyber-safe holiday season!