Cybersecurity

 
An excellent resource for cybersecurity is the United States Computer Emergency Readiness Team (US-CERT) web site. US-CERT is charged with protecting our nation's Internet infrastructure by coordinating defense against and response to cyber attacks.

The growing risks posed by homegrown terrorism, the rise of anti-Semitism and anti-Israel boycotts, coupled with the likelihood that Mideast tensions will continue to intensify, has given rise to a distinct and unfamiliar threat directly impacting homeland and Jewish communal security. Groups or individuals wishing to cause harm to Jewish institutions no longer require physical access. A criminal, hacker or terrorist-related group from the other side of the globe can breach an agency or synagogue computer network and silently gather its most vital information. Hackers and computer criminals now have the capacity to make digital copies of information that once filled floors of locked filing cabinets under the careful watch of staff and volunteers. Most troubling is that a theft of this nature can go undetected for years, if not indefinitely.


In terms of computer infrastructure, the country has seen marked growth in the need for heightened security of critical operations. Escalating use of information technology to improve performance; increased competitive pressures from deregulation and globalization; and fiscal demands to consolidate operations have resulted in a reduction in redundancy and reserve capacity.


The threat of cyber-terrorism will continue to grow as leadership positions in extremist organizations are increasingly filled with younger, "Internet-savvy" individuals. Most worrisome is a potential coordinated attack on national critical infrastructures. While the United States has not yet experienced this sort of attack, it is not hard to imagine such a threat based on the intrusions we have seen to date. Cyber attacks know no national boundaries and can be devastating in scope and effect. International cooperation and information sharing is therefore critical in order to more effectively respond to this growing threat.


Cybersecurity involves protecting information by preventing, detecting, and responding to attacks. Unfortunately, even the strictest precautions cannot guarantee protection from every attack. However, there are steps you can take to minimize the chances.


The United States Computer Emergency Readiness Team (US-CERT) has stated that the first step in protecting yourself is to recognize the risks and become familiar with some of the associated terminology.


Hacker, attacker or intruder - These terms are applied to the people who seek to exploit weaknesses in software and computer systems for their own gain. Although their intentions are sometimes fairly benign and motivated solely by curiosity, their actions typically violate the intended use of the systems they are exploiting. The results can range from mere mischief (creating a virus with no intentionally negative impact) to malicious (stealing or altering information).


Malicious code - This category includes code such as viruses, worms, and Trojan Horses. Although some people use these terms interchangeably, they have unique characteristics.
 

  • Viruses - This type of malicious code requires that you perform some action before it can infect your computer. This could be opening an email attachment or going to a particular web page.
  • Worms - Worms propagate without user intervention. They typically start by exploiting software vulnerability (a flaw that allows the software's intended security policy to be violated). Once the victim computer has been infected the worm will attempt to find and infect other computers. Similar to viruses, worms can propagate via email, web sites or network-based software. Automated self-propagation is what distinguishes worms from viruses.
  • Trojan Horses - A Trojan Horse program is software that claims to be one thing while doing something different behind the scenes. For example, a program that claims it will speed up your computer may actually be sending confidential information to a remote intruder.


In addition, the National Cybersecurity Alliance (NCA) has identified 10 cybersecurity tips:
 

  1. Keep all software on internet connected deivces current
  2. Create long, unique passwords
  3. Use a password manager
  4. Enable multi-factor authentification
  5. Think before you click or download
  6. Report phishing
  7. Use secure wi-fi
  8. Back up valuable work, music, photos, data, and other digital information
  9. Check your privacy and security settings
  10. Think before posting about yourself and others online


Protect Your Workplace


Posters


The following Department of Homeland Security (DHS) posters provide guidance on physical and cybersecurity and how to report suspicious behavior, activity, and cyber incidents. To view or download one of the posters, simply click the image. If you would like, you can download all of the posters at the same time using the Download Complete Series link. 

Download Complete Series