Phishing, Ransomware Headline Biggest Online Threats in 2020

FORT WRIGHT, Ky. — It has never been easier to be hacked. The current landscape online presents threats people will have to be weary of.

Fort Wright Mayor Dave Hatter is also a cybersecurity consultant. He warns phishing attacks are not going away anytime soon.

“The FBI says that they estimate roughly $26 billion has been lost to business email compromise which usually starts with phishing,” said Hatter. “I think you’re going to continue to see phishing. It’s cheap and easy and they’re making a lot of money.”

Ransomware attacks will continue to be relevant in 2020. These are crafted and designed to hold information and data systems hostage.

Deepfakes are something a lot of online users might not be familiar with. Cyber criminals use publicly available video and audio and then use the computer to manipulate it to make it appear someone is saying and doing things that they didn’t do.

“We really are getting to a place where you can’t believe your ears or your eyes,” Hatter said. “It really is amazing technology but unfortunately it’s got a huge downside which is in many cases it is difficult if not impossible to discern if something is actually fake.”

Hatter said hackers will continue to take advantage of poor cybersecurity hygiene including password reuse, lack of patching, misconfiguration, use of public Wi-Fi, lack of anti-virus software, lack of awareness and risks.

Signs that indicate you’ve been hacked:

  • A ransomware message appears demanding ransom
  • You can’t login into accounts but have not changed your username/password
  • Your device increasingly consumes battery power even when you are not actively using it
  • Your device starts to lag and get slower over time
  • Your homepage is redirected and/or your internet searches are redirected
  • People get social media invitations from you, or see posts that you didn’t send
  • Your mouse moves on its own or your device does things without input from you
  • Anti-malware software or other system related software is disabled and you can re-enable it.
  • Your online accounts are missing money
  • Your confidential data has been leaked
  • A friend tells you you’ve been hacked because of something they’ve seen or that you have supposedly done

What you can do if hacked:

  • Wipe the device and boot it back up to a time where it wasn’t compromised
  • Get a new device
  • Check your bank accounts
  • Freeze your credit
  • Monitor your credit. Consider an Identity Theft Protection Service
  • Run a virus scan
  • Warn your family, friends and contacts
  • Prevention is the best cure
  • Use Anti-Malware / End Point protection
  • Install Software patches & firmware updates regularly
  • Use a Password Manager
  • Enable Multi-Factor Authentication (MFA) everywhere
  • Use a Firewall
  • Avoid Public Wi-Fi
  • Use a Virtual Private Network (VPN)
  • Don’t download “free” software you have not vetted
  • Use Encryption (at rest and in motion)
  • Backup data and verify the backup integrity
  • Take a Zero Trust stance
  • SETA (Security, Education, Training and Awareness)