Dwight Watt - Newspaper Article #476 10/9/2019

Question: Are you a human firewall?


Yes, you are a human firewall for cybersecurity and protecting your computer device and your network. This was a new term to me that I learned at a cybersecurity conference at Montreat College last week.

The term, human firewall, makes a lot of sense. The biggest weak link in protecting networks and computer devices is the human who is running them. They are the way many of the threats get in the computer devices and networks.

How can you be a human firewall and protect your computer devices and networks? The biggest way is by not clicking on malicious links in emails and on web pages. These are links that do not go places you think they are and instead they either install malicious software on your computer or size control of your computer device or network. The one that gets the most publicity and does most damage is where it does a ransomware attack and encrypts everything connected to your computer and demands a ransom be paid for the key to decrypt everything.

These links often appear as links to information about packages, or about security problems in your account at the bank or similar. Banks and other financial institutions will not send an email with a link about resetting passwords to your account. The also will not call you and ask for information to do that.

Shipping companies do send links on following shipments, but you can ignore them and just go to shipper web site log in and look at data.

Phishing emails will work similar and have links that then have you enter passwords etc. so they can steal and get in your account. Another to watch for is if you work in accounting to not just send payments to places requesting a payment with doing multiple verifications. Also do not change people’s direct deposits based on an email as Suzy can send you a email saying she is Nancy and to change the direct deposit for Nancy to a different account and if you do Suzy gets the deposit and steals Nancy’s pay.

The emails are getting better but still you can often spot fraud ones. If you are on PC (won’t work on tablet or phone, but I wish they would fix) hover over the link (do not click) and at bottom of page the real link will appear. Make sure it goes where it should.

On the sender name look at the email address that it shows, or you can click on it and see and see if it is right. In the example above it may say Suzy at Joe’s Hardware but when you look at email address it is Suzy at we-steal.com You then realized it was not Nancy and not to do it. Report to your IT staff.

Being vigilant you can block many attacks from happening, just like locking all the doors at home can stop may break-ins in your house.