October is Cybersecurity Awareness Month!

GDPR (General Data Protection Regulation) and your data rights

Cybersecurity and protecting personal data go hand-in-hand. Think about it! Cybercriminals try to trick, lie, and steal with social engineering to get their hands on personal information; yours and your organization. The “security” in cybersecurity is really all about data. Secure data means the well-being of the organization. Secure data means peace of mind for you, both at work and at home. The mission is clear: Don’t let bad actors near it!

A person typing on a computer Description automatically generated

1. Right to Access: You have the right to know what personal data is being collected and how it's used. Ask for your data!

2. Right to Rectify: Correct inaccuracies in your data. Your info should be accurate and up-to-date.

3. Right to Erasure: Also known as the "Right to be Forgotten." You can request the removal of your data in certain cases.

4. Right to Data Portability: You can move your data between services easily.

5. Right to Restriction: You can limit the processing of your data under specific circumstances.

6. Right to Object: Say "No" to your data being used for marketing or specific purposes.

7. Rights Related to Automated Decision Making: Know if decisions about you are made solely by machines. You have the right to human intervention.

8. Right to be Informed: Organizations must be transparent about how they use your data.

9. Right to Lodge a Complaint: If you feel your data rights are violated, you can complain to your data protection authority.

Recognizing a Ransomware Attack

Ransomware cost the world $20 billion in 2021. That number is expected to rise to $265 billion by 2031. In 2021, 37 percent of all businesses and organizations were hit by ransomware. Ransomware attacks are on the rise, and being able to recognize the signs early can make all the difference in protecting your data and your organization. Here are some key indicators to watch out for:

A person in a hoodie with a question mark on their face Description automatically generated

1. Unusual Pop-ups or Messages: If your screen suddenly displays threatening messages demanding payment to regain access to your files, it's a red flag.

2. Locked Files: In a ransomware attack, your files may become inaccessible or encrypted, often with a new file extension added.

3. Unexpected File Changes: Keep an eye on unexpected changes to file names or extensions. Ransomware may rename your files.

4. Ransom Notes: Attackers often leave a ransom note on your system, typically with instructions on how to pay the ransom.

5. Network Issues: If you notice a sudden slowdown in your network or increased data traffic, it could be a sign of ransomware actively encrypting files.

6. Disabled Security Software: Ransomware often seeks to disable antivirus or security software to operate undetected.

7. Phishing Emails: Ransomware attacks can begin with a phishing email containing malicious attachments or links. Be cautious with email from unknown sources.

8. Unauthorized System Access: Monitor for any signs of unauthorized access to your systems or unusual login activity.

9. Increased CPU Usage: Ransomware can cause a spike in CPU usage due to the encryption process.

10. File Extensions: Be wary of files with double extensions like ".pdf.exe" or ".jpg.vbs," as they can be a sign of malicious activity.

Deepfake

Deepfakes are AI-generated manipulations that create convincing fake videos, audio, or images, often making it challenging to discern real from fake. These deceptive tools can be misused for misinformation, fraud, or impersonation. Let's educate ourselves about the risks of deepfakes and collaborate to enhance our digital defenses. Together, we can recognize and mitigate these threats.

A robot hand reaching for another hand Description automatically generated

Deepfakes are often used for malicious purposes like:

1. Misinformation and Fake News: Deepfakes can be used to spread false information or manipulate public perception by making it seem like prominent figures said or did things they never did.

2. Identity Theft and Impersonation: Cybercriminals can create deepfake profiles of individuals to impersonate them for fraudulent activities.

3. Cybersecurity Attacks: Deepfake audio or video can be used for social engineering attacks, manipulating people into disclosing sensitive information or taking actions they wouldn't ordinarily.

4. Political Manipulation: Deepfakes can be employed to impersonate politicians or world leaders, potentially causing political turmoil or uncertainty.

Disclaimer: The information provided in this article is intended for general informational purposes only. It is not intended to be, and should not be taken as, professional or financial advice.