Editor’s note: October is National Cybersecurity Awareness Month, and each week Blue Sky will be featuring a story about cybersecurity and related issues to highlight the importance of digital safety in airports and beyond.
Without ever petting your dog, a computer hacker could end up loving your canine nearly as much as you do – if you use its name as a password.
It’s easy to fall victim to hackers, phishing scams and other online traps, particularly if you’re careless. During National Cybersecurity Awareness Month in October, you can learn how to protect yourself from falling victim to such schemes.
The month is a collaborative effort between government and industry to emphasize the importance of taking steps to enhance cybersecurity at home and in the workplace.
Airports take cybersecurity very seriously, said Steve Milcic, infrastructure manager for information technology at Pittsburgh International Airport.
“Security events are of mission-critical importance to all organizations, and airports are no different,” he said. “A general best practice in all aspects of security is to stay up to date and be aware of your environment.”
But how can you protect yourself if you don’t have your own information technology team? Here are three tips from Lorrie Cranor, director and Bosch distinguished professor in security and privacy technologies at Carnegie Mellon University’s CyLab Security and Privacy Institute.
- Use strong, unpredictable passwords. Some say you should change your passwords frequently, but Cranor says that isn’t necessary unless the need arises, and the need is far less likely to occur if you make those passwords strong.
“Make them unpredictable,” she said. “Don’t use your birthday, don’t use the same digit four times or phrases that everyone else does. ‘I love you’ is very common. Current celebrities are very popular.”
As are dog names. Don’t use them, because hackers might easily figure out your password is, say, TippyBarks2019.
“People think that it’s OK because no one knows their dog’s name, but there are a lot of commonalities with dog names,” Cranor said. “And hackers have software that can allow them to make millions and billions of guesses.”
- Use a password manager to keep track of your passwords. Many people use the same password for many different accounts and websites because of worries they won’t remember multiple passwords and fear of using a manager tool. Cranor said that fear is mostly baseless.
“Password managers are safe as long as you use one of the name-brand ones,” Cranor said. “They’re much better than putting your passwords on Post-It notes and putting them on your computer screen.”
- Think twice before responding to requests for personal information. Common phishing scam emails say they’ve noticed suspicious activity or log-in attempts, claim a problem with your account or payment information, request that you confirm personal information, want you to register for a government refund or offer a coupon for free merchandise.
“Check the email address and the link in those instances,” Cranor advised. “Is the information they want you to send really going to your bank, for example, or is it going somewhere else?”
Even being as diligent as possible, there are still ways for unscrupulous hackers to obtain your personal information.
“There’s no such thing as perfect cybersecurity,” Cranor cautioned. “There are always ways to be compromised.”