Cybersecurity

Every time we connect to the Internet—at home, at school, at work, or on our mobile devices—we make decisions that affect our cybersecurity

Malicious cyber activity threatens the public’s safety and security. Cyberattacks can lead to the loss of money or the theft of personal, financial, and medical information. These attacks can damage your reputation and safety.

Cybersecurity involves preventing, detecting, and responding to those cyber attacks that can have wide-ranging effects on individuals, organizations, the community, and the nation.

In 2021, the Federal Bureau of Investigation’s Internet Crime Complaint Center received 847,376 complaints, which was a seven percent increase from 2020, with potential losses exceeding $6.9 billion. You can read the full 2021 report  here.

TYPES OF CYBER CRIME

Social Engineering

An attacker uses social skills to obtain or compromise information on an individual or an organization and its computer system. Types of social engineering include:

  • Phishing. Uses email or malicious websites to get personal information by posing as a trustworthy organization. For example, they may say they are from a financial institution requesting account information and suggests there is a problem. Attackers may appear from other organizations such as charities. They take advantage of current events and certain times of year such as natural disasters, epidemics, economic concerns, tax season, major political elections, and holidays
  • Vishing. Uses voice communication. Often entices a victim to call a certain number and divulge sensitive information.
  • Smishing. Uses SMS or text messages to contain links to webpages, email addresses, or phone numbers. When clicked it may automatically open a browser window, email message, or dial a number.
  • Pharming. When malicious code is installed on your computer to redirect you to fake websites.


MALWARE

Intrusive software designed to damage and destroy computer systems. Malware includes:

  • Adware. Used to collect data on your computer usage and provide appropriate advertisements to you. While it is not always dangerous, in some cases it can cause issues, such as redirecting a browser to unsafe sites and can slow down your system noticeably.
  • Ransomware. Gains access to sensitive information within a system, encrypts it so a user cannot access it, and then demands a financial payout for the data to be released. Commonly part of a phishing scam.
  • Spyware. Runs secretly on a computer and reports back to a remote user. Often used to steal financial or personal information.
  • Trojan virus. Disguised as helpful software programs. Once it is downloaded, the Trojan virus gains access to sensitive data and then modifies, block, or delete data. Not designed to self-replicate like viruses or worms.
  • Viruses. A piece of code attached to a document, file, app, or text message attachment to execute its code from host to host. Once downloaded and opened, they disrupt a system’s ability to operate such as enabling frequent pop-up windows, changing your homepage, an unusually slow processing.
  • Worms. Rapidly replicate and spreads to any device within a network. It does not need a host program to spread. It infects a device via a downloaded file or network connection before it multiplies and spreads.


BUSINESS EMAIL COMPROMISE/EMAIL ACCOUNT COMPROMISE

One of the most financially damaging online crimes involves unauthorized access to email accounts. Criminals send a message that appears to come from a known source making a legitimate request. A scammer might:

  • Spoof an email account or website. There will be slight variations on legitimate addresses, such as john.kelly@company.com vs. john.kelley@company.com.
  • Send spearphishing emails. These messages look like they are from a trusted sender and trick victims into revealing confidential information.
  • Use malware. Malicious software infiltrates company networks to get access to legitimate email thread on billing and invoices.

DISTRIBUTED DENIAL-OF-SERVICE

Legitimate users are unable to access information systems, devices, or other network resources. Services affected may include email, websites, online accounts, or other services. It’s accomplished by flooding the targeted host with traffic until the target cannot respond or simply crashes.


HACKING

When an unauthorized user attempts or gains access to an information system. This is often used to compromise digital devices, such as computers, smartphones, tablets, and entire networks.


PROTECTING YOURSELF BEFORE, DURING, AND AFTER A CYBERATTACK

BEFORE
  • Keep your anti-virus software updated.
  • Use strong passwords. Passwords should be 12 characters or longer. Use upper and lowercase letters, numbers, and special characters. Change
    passwords monthly. Use a password manager.
  • Use stronger authentication.Use a pin or password only you would know. Consider using a separate device that can receive a code or uses biometric (fingerprint) scan. Switch on multi-factor authentication wherever offered
  • Check your account statements. Make sure there are not any suspicious withdrawals from your bank or credit card.
  • Use secure internet communications. Use sites that use “https” if you are accessing or provide any personal information. Do not use sites with invalid
    certificates. Use a Virtual Private Network (VPN) that creates a secure connection.
  • Use antivirus and anti-malware solutions, and firewalls to block threats.
  • Regularly backup files. Use an encrypted file or encrypted file storage device.
  • Limit personal information shared. Change privacy settings and do not use location features.
  • Protect your home network. Change the administrative and Wi-Fi passwords regularly. When configuring your router, choose the Wi-Fi Protected Access 2 (WPA2) Advanced Encryption Standard (AES) setting which is the strongest encryption option.
  • Think before you click. If asked to do something right away, asked for personal information, or seems too good to be true, be suspicious. When in doubt, DO NOT CLICK.
  • Be aware of current threats. The U.S Cybersecurity and Infrastructure Security Agency (CISA) regularly updates the most frequent, high-impact types of security incidents being reported to the U.S. Computer Emergency Readiness Team. You can find it here.
  • Be aware of suspicious activity. The IRS does not use email, text messages, or social media to discuss tax debts or refunds with taxpayers. A bank will never ask for your account number, full debit or credit card number, social security number, name, address or password in an email or text message.
  • When you share, act with care.
    • Only give your mobile number out to people you know and trust and never give anyone else’s number out without their permission.
    • Be careful about photos and communications you share with others and online. You lose control of what happens with it. Someone may have copied or screen-grabbed an image or a website may have a backup archive or record of what you’ve posted.
  • Protect children online. Even though children may have better technical skills, don’t be intimidated by their knowledge. Children still need advice, guidance, and protection.
    • Keep your computer in a central and open location.
    • Discuss and set guidelines and rules for computer, phone, and tablet use
    • Implement strong parental controls
    • Consider software that allows you to monitor your child’s email and web traffic.
    • Consider partitioning your computer’s hard drive
    • Know who your child is talking to online
    • Teach children online safety and never to give out personal information
    • If you know of a child in immediate risk or danger, call law enforcement immediately
DURING
  • Check your accounts. Look at your debit/credit card and bank statements for unrecognizable charges.
  • Check your credit report for any new accounts or loans you didn’t open
  • Be alert for emails and social media users asking for private information.
  • If you notice something strange, limit the damage by changing all your internet account passwords immediately
  • Consider turning off the device affected. Take it to a professional to scan for potential viruses and remove what they find. REMEMBER: A company will not call you and ask for control of your computer to fix it. This is a scam.
  • Let work school or other system owners know what happened.
  • Run a security scan on your device to make sure your system is not infected or acting more slowly or inefficiently.
  • If you find a problem, disconnect your device from the internet and perform a full system restore.
AFTER
  • Contact banks, credit card companies, and other financial service companies where you hold accounts. You may need to place holds on accounts that have been attacked. Close any unauthorized credit or charge accounts.
    • Place a fraud alert on your credit reports and review credit reports. Contact one of the three companies below. The company you call is required to contact the other two companies
      • TransUnion: 1-800-680-7289
      • Equifax: 1-888-766-0008
      • Experian: 1-888-397-3742
  • Let authorities know if you believe you have been a victim of a cyberattack.
    • For individual identity theft
      • File a report with identitytheft.gov
      • File a complaint with the FBI Internet Crime Complaint Center at https://www.ic3.gov/Home/ComplaintChoice
      • Review your Social Security work history by creating an account at https://www.ssa.gov. If you find errors, contact your local SSA office.
      • Contact the nearest DMV office to report your driver’s license lost or stolen
      • If your passport is stolen, call the state department at 1-877-487-2778
      • For additional identity theft concerns, go to identitytheft.gov

    • To report fraud, go to reportfraud.ftc.gov
    • For state agencies
      • Report issues to the Enterprise Service Desk by email: EDShelp@wi.gov, or by phone at 608-264-9383. The help desk is staffed at all times.
      • Report issues to the Wisconsin Statewide Intelligence Center (WSIC) online at https://wifusion.widoj.gov. You can also call 1-888-324-9742 (888-DCI-WSIC).
    • For local government or K-12 School Districts
      • Report issues to the Wisconsin Emergency Hotline at 1-800-943-0003. This desk is staffed at all times.
    • For law enforcement, emergency services, critical infrastructure, or Private Sector assistance
      • Report issues to the Wisconsin Statewide Intelligence Center (WSIC) online at https://wifusion.widoj.gov/. You can also call 1-888-324-9742 (888-DCI-WSIC).
    • Federal Agency Assistance
      • The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) can offer both public and private organizations assistance and uses information from incident reports to protect other potential victims. Organizations can report incidents and anomalous activity to CISA by email at: Central@cisa.gov; and by phone at: 1-888-282-0870.
      • The FBI also has resources available at all times. You may file an internet crime complaint at their Internet Crime Complaint Center at https://www.ic3.gov/Home/ComplaintChoice. You may also reach the FBI’s “CyWatch” team by phone at: 1-855-292-3937 or by email at CyWatch@fbi.gov

REPORT A CYBER INCIDENT

The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) can offer both public and private organizations assistance and uses information from incident reports to protect other potential victims. Organizations can report incidents and anomalous activity.

report here

additional resources

Internet and online safety for kids:

DPI logo
https://dpi.wi.gov/internet-safety

Wisconsin Dept. of Agriculture, Trade and Consumer Protection Identity Theft Information:

https://datcp.wi.gov/Pages/Programs_Services/IdentityTheftComplaint.aspx

Wisconsin Statewide Intelligence Center:

https://www.milwaukee.gov/wiwatch/wsic

Southeastern Wisconsin Threat Analysis Center:

https://www.milwaukee.gov/wiwatch

Federal Trade Commission Identity Theft:

https://www.identitytheft.gov/

FBI CYBER THREATS:

https://www.fbi.gov/investigate/cyber

Cybersecurity & Infrastructure Security Agency 

https://www.cisa.gov/

Preparing for a Cyber Incident:

https://www.secretservice.gov/investigation/Preparing-for-a-Cyber-Incident