This past week, the U.S. Government issued a warning about possible cyberattacks from Russia as tensions between that country and Ukraine continue to escalate. Russia is notorious for performing cyber attacks throughout the world. In fact, Russia has some of the best-known hackers in the world! Notice I said, “known”. A good hacker everyone knows about, a GREAT hacker no one knows about. With my experience with Homeland Security, let me just say, we have some GREAT unknown hackers on our team. It’s a new-age military tactic, which can be very effective. We want to briefly walk you through what a cyberattack is and if you should worry about a cyberattack happening, and what you can do to protect yourself from a cyberattack.
What Is A Cyberattack?
Cyber attacks work by exploiting vulnerabilities in computer networks or individual computer systems. Hackers can use various methods to gain access to these systems, including viruses, worms, and Trojans. Once they have access, they can steal sensitive data or damage the system’s software or hardware. You can see why a successful cyberattack can prove useful in a military situation. Cyber attacks are a growing threat to businesses and individuals alike. Even governments are at major risk.
Yes, you should worry about a cyber attack! Cyber attacks are becoming increasingly common and can cause a lot of damage. They can destroy data, disrupt business operations, access personal data, access financial records, and even put people’s safety at risk. Businesses need to be especially careful, as they are a prime target for cyber attacks. But individuals are also at risk as well and should take steps to protect themselves online.
The U.S. most likely will not be the target of a cyber attack from Russia, but it could set off a chain of events that could potentially increase the risk of a cyberattack on your data. Let us paint a couple of scenarios in which this could likely happen. First, cyberattacks aren’t always performed in a controlled fashion. They can grow out of control and affect other areas. Suppose Russia launches one on Ukraine. There is no guarantee those attacks will stay In Ukraine. Bordering networks could potentially be at risk. If you live in the U.S., this scenario is most likely not going to happen. But…we’re seeing the U.S. get involved with sanctions that will put economic pressure on Russia, so it would not be a surprise to anyone if Russia retaliated in a non-violent manner in the form of a cyberattack.
There are outside forces at work in the cyber world as well that governments have almost NO control over. For example, the hacking collective Anonymous just this week announced a “cyberwar” against Russia and Putin. There have been reports that they have been slightly successful as some of the propaganda arms of the Russian media have experienced outages and been taken down. Anonymous is no joke. But here’s the thing, Russian counterparts can do the same thing. In fact, in a digital retaliation move, a Russian ransomware group threatened any country and group that targets Moscow. This ransomware gang is responsible for some hall-of-fame-level cyberattacks too. They nearly crippled the Ireland health system in May 2021. This dangerous group of cyber thugs is very capable of launching a cyberattack on the U.S., especially considering that President Joe Biden has already been presented with a plan on how to carry out a massive cyberattack against Russia.
Furthermore, who knows the level of crazy we could see coming out of a desperate Russia. Most likely those attacks are going to be in areas that would affect the U.S. economy: large companies, government departments and agencies, and financial institutions. Even though most cyber security experts are saying we have a low risk of an attack, I can’t think of a better time than now to take immediate action to protect yourself from a cyberattack. These are all reasons why you need to take special precautions now.
How Do I Protect Myself From A Cyberattack?
Okay…so hopefully you are not freaked out about what’s going on in the world from what we mentioned above. It’s okay to be concerned and cautious. We don’t mean to scare or entice fear either, but we are passionate about you being protected from a cyber attack. There are a lot of people with emergency food storage, bug-out bags, and all of that stuff. Quite frankly…protecting yourself from a cyberattack is more practical because you are more likely to experience digital attacks than having complete infrastructures in the country shut down. That’s a fact.
So…what are you supposed to do? Here are several things you need to do right now to protect yourself from a cyberattack:
The best way to protect yourself against cyberattacks is to keep your computer systems up-to-date with the latest security patches.
Be uber careful about opening emails or attachments from unknown sources. As of now, if I’m not expecting an email from a sender, I’m going to be very cautious about opening it. In fact, if I don’t know you…I’m not opening that email.
Same thing with phone calls and text messages from unknown numbers. If you’re not on my contact list, it’s going to be hard to contact me for the next little bit.
You should also change your passwords and use very strong passwords. Avoid the “Password1234” laziness type ones as well.
Use anti-virus software to help protect your networks and devices.
Update your browsers. If you have a browser installed on your device and you don’t ever use it, uninstall it.
Get a VPN as they are known to protect you from most cyberattacks, especially ones targeting your IP address. I’d go with Firewalla’s Purple as it’s easy to set up, easy to use, and effective.
Be super careful about what links and websites you click on and what files, extensions, and applications you download.
Update your router’s firmware. If you have a TV, update your TV’s software.
Your phone is also a major weak spot. Where applicable with apps (banking and shopping especially), give your security a boost and enable two-factor authentication.
Take Action Now To Protect Yourself And Your Data From A Cyberattack!
Are you taking the necessary steps to protect yourself from a cyberattack? A cyberattack can happen to anyone and it’s important to be prepared. A cyberattack can be devastating. Can really mess up your life. Your personal information, your company’s data, your financial security, and even the nation’s infrastructure can be compromised in a cyberattack. If you take the necessary precautions now, you can help protect yourself from a potentially devastating attack. Remember, cybercriminals are opportunists and flippin’ smart. They will go after the easiest targets possible. The best way to protect yourself is to have good cybersecurity hygiene. Follow what we’ve outlined above. This includes using strong passwords, updating software regularly, and being aware of phishing schemes. You should also back up your data frequently so you will have copies if your computer is ever hacked. Cybersecurity is everyone’s responsibility and we all need to do our part to stay safe. Have a plan of attack to protect yourself from an attack.
Just last week, Google announced a surprising and draconian measure for all Legacy free G Suite users: start paying for their Google accounts or you’re going to lose your data (files, images, folders, purchases…yeah…all of it). Panic set in for those who were under this umbrella (mostly those who initially created these types of accounts from 2006 to 2012 and wanted to use a custom domain for their email rather than the free @gmail.com were going to be affected) and deservedly so. Luckily since that announcement about these kinds of accounts, Google has backtracked a little bit and is going to give these accounts the option to migrate data to a free account.
But according to their support page: “The G Suite legacy free edition will no longer be available starting May 1, 2022. Starting May 1, Google will seamlessly transition you to Google Workspace, which you can use at no cost until July 1, 2022. We recommend you upgrade now to a Google Workspace subscription that meets your needs.” As you can see, we still don’t know what will happen after July 1st.
There was a lot of confusion and frustration on the interwebs once this announcement was made because the threat (or even the idea) of losing all of your data stored to your Google account is quite the feeling. There were rumors that users would lose all their data. There were rumors that a data migration wasn’t an option UNLESS you migrated to a paid Google account (I don’t think Google realized how polarizing this new policy was going to be). So we did some research on what practical trick we could do to possibly save all that information from one of those accounts being threatened. Insert Google Takeout.
Download All Of Your Data With Google Takeout
We all know Google stores a LOT of our data. Did you know you can download most of that? It’s pretty cool. You can use Google Takeout to do this. You can export photos, log files, emails, documents, business messages, contacts, user reports, and on, and on, and on. We’re talking terabytes of data on your patterns and behavior. But in this scenario, I only cared about my Google docs. You know…the good stuff you store in Google Drive that you just don’t want to lose.
The export process was actually super easy. Just clicked on that Google Takeout link and was taken to the settings page where I could select between 44 different data locations where Google is storing information. The other genius thing about Google Takeout is you can download/export these files in multiple formats (game-changer)!
Four Easy Steps To Exporting All Of Your Google Drive Data
Again…the process was really easy. Because I had about 30 GB of data, it took a little bit of time to download, but the process was simple. The steps below are just for exporting Google Drive files that you own and have been stored on your My Drive and Computers (this will not export files that have been shared with you from another account).
Step 1: Find Google Drive
Once you’ve landed on the Google Takeout page, you’ll need to select the data you want to include. I first “deselected” everything, then scrolled down to “Drive” (they’re in alphabetical order) and clicked on its box.
Step 2: Decide On Your Export Format
There are multiple formats you can choose depending on file type. Just click on “Multiple Formats”. If you want Documents exported in PDF that is an option. If you just want them in DOCX format (for Microsoft Word), you can choose that as well for example. You can also add advanced settings to include more details and select with Google Drive folders to perform the entire export on. Scroll down and click the Next Step button.
Step 3: Delivery Method
There are all kinds of delivery methods for this export: send a download link (which I preferred for a backup measure), add to Drive (which you can use to add to another Drive account), add to Dropbox, and a handful of others. Once you decide on that, hit “Create Export”.
Step 4: And wait
Just kidding, kinda. Depending on what you created determines what happens next. I chose a download link and it arrived in a handful of minutes. But that time will depend mostly on how much information you have in your account and which option you chose to export. Just a Google Drive export shouldn’t take that long. However, if you download terabytes of personal data…well…that’s a different story.
Should You Export Your Google Drive Data…
…even if the Legacy Google Account issue doesn’t affect you? Yes! You just never know when you could potentially lose access to your Google Account. They have done a great job of providing recovery emails and security enhancements to make sure your data is extremely safe, but it is a good practice to export your Google Drive data at least once a year. Just follow the steps above and move that data to a safe, external hard drive so you have an extra backup of your files.
We’re going to show you how you can use a DNS content filter called Open DNS to make sure you can filter out the kind of content you deem inappropriate for your home and network. Again, not every home has the same benchmarks and standards for the type of media and content that comes through their network, which is another reason why we like content filters through a DNS.
What DNS Filtering?
First off, what is DNS? The Domain Name System (DNS) is like the phonebook for internet users. We navigate to websites through domain names, such as TMZ or Google. However, web browsers interact with IP Addresses instead. Essentially the DNS translates these numerical codes into human-readable formats so you don’t need to memorize an address that can become outdated over time. Without it, we literally would be lost!
Furthermore, DNS filtering can keep your computer safe from malware and other threats by blocking access to websites that have been determined as harmful or hosting malicious content. This way, the user will basically never receive any file or code which could potentially infect one system with a virus! Depending on the service, setting up a DNS filter is relatively easy (more on that below). We highly recommend a DNS content filter because even though someone could circumvent access to bad content and media, they still won’t be able to do it through your network.
How Can Kids ByPass A DNS Filter?
One way someone can bypass a DNS filter is through the use of a VPN. We’ve talked about VPNs a couple of times. A VPN will take the computer or device and put it on a different virtual network. This new network most likely wouldn’t have the DNS filters set up for those certain websites you wanted to block, essentially rendering your DNS filter on your network useless.
Another clever trick (and maybe not so clever) kids can do to get around a DNS filter is by typing in the IP address directly. For example, if I know that ESPN.com is supposed to be at 45.63. 254.129. I could type those numbers in and that website is going to pop up. And this brings up another interesting topic in and of itself about access to VPNs in your home.
How To Setup Open DNS For Content Filtering
One of our favorite DNS content filters is called OpenDNS. This service is free for home users, which is just awesome. Below are the steps to get you going on this free DNS content filter services (exact instruction may change over time, but the idea is still the same:
From here, go to the “Learn More” button on the Consumer side.
Once you’re in the consumer section, go to “Open DNS Home” and click “Sign Up”. A little side-note here on free vs paid versions. There is a paid version of OpenDNS which is around $20 a year. It gives you Usage stats and an “Optional Allow-list Mode”, which blocks everything except for the things that you have specifically wanted to allow.
Go ahead and sign up by entering all the signup information (it’s required…but hey…it’s free).
You will be directed to a page after signup that will help you set up Open DNS (Set Up OpenDNS On Your Device). When you get to this page you will see the name servers are two IP addresses. This is what you are going to add to your Wi-Fi route. These will be the external DNS servers that you would enter in your Wi-Fi router configuration.
After you set up your account, you will be directed to this page to help you set up your Wi-Fi router. These are the name servers for OpenDNS and will always be the name servers no matter what your account is. Because of that, you’ll want to write these down (or save them in Notepad and email them to you). You will need to enter them into the appropriate location on your Wi-Fi router or your modem.
You’ll want to click on “Home Routers” under “Choose Your Device” to get detailed instructions on different types of routers and modems. If your Wi-Fi router or modem is not listed here (and chances are that it might not be…there are thousands of routers), you’ll want to contact your wi-fi router or modem company on how to set a manual DNS on their device.
Further Customizations Through The OpenDNS Dashboard
Once you get your settings and router (or modem) configured properly, click “Test Your Settings”. You will see the OpenDNS dashboard and will be able to see all the stats and logs for your network. It’s kinda cool if you like to geek out on that stuff. You can also change the settings for your particular network as well, which is another nice added benefit of a free DNS content filter. When diving into the Settings (click on “Web Content Filtering”), you can do custom settings and block all of the categories that you want to be blocked. There are a lot of options to customize: gambling, pornography, alcohol, dating, nudity, sexuality, games, ads, weapons, and on and on. We love the custom setting. But if you’re not into dialing down to the specifics, you can choose between High, Moderate, or Low, which all have specific pre-built category filters set in place for you.
The DNS content filter is now set up and ready to operate. It’s not a perfect solution (a little disclaimer) and there are workarounds that someone can do to circumvent the filter, but you’re getting just another added level of protection on what kind of media and content is streaming through your family’s screens. And we like that.
I had a Q&A with Scott Bekker over at Redmond to talk about cybersecurity challenges, best practices and major concerns resulting from all the employees forced into home offices by COVID-19
While I was out in New Zealand, I dropped into Hobbiton to see if any of my favorite Hobbits were home. I walked around trying to see if any of the Baggins was around. I also tried their famous Ginger Beer, and of course, spilled it all over myself. If you are ever in the area go check out Hobbiton™ Movie Set Tours. This has been on my bucket list for years. So glad I was able to visit this special place.
