Below is a quick reference, distilled list of six easy tips for any news organization employee at risk of being targeted by malicious adversaries. These tips come the Safe Travels Online campaign that the Tibet Action Institute has been developing over the last two years, to assist Tibetan exile human rights organizations, and it has proven effective in reducing the amount of successful “cyberattacks”, and minimizing impact of successful attacks to only a single infected machine (instead of the entire organization).
The recent story on cyberattacks against the NYTimes indicates that email attachments infected with malicious code was likely the source of the infiltration. These types of attacks have been a common pattern that the Tibetan exile of community has experienced for years, and I am happy to now to share of their painfully-acquired wisdom with all of you. With each tip, I have also included a link to a short public service announcement video on the TibetAction YouTube channel.
1. Use HTTPS to Stay Secret, Safe & Secure: You should always keep your network traffic secure to online services and applications, whether at the office, home or traveling abroad
https://tibetaction.net/knowledge/tech/https-eng/
httpS Keeps You Secret, Safe & Secure!
Keep your secrets safe using HTTPS
2. Detach from Attachments: Email attachments are a plague on the information age. There are many better, safer and more effective ways to share files in the 21st century
https://tibetaction.net/detach-from-attachments/
(this is one of our most popular tips, so I’ve embedded it for easy viewing!)
Detach from Attachments!
3. Keep Your Enemies Out Of Your Inbox: Google provides the best set of tools for defending against intrusion, or at least knowing when you may have been compromised
https://tibetaction.net/knowledge/tech/keep-enemies-out-of-your-inbox/
Keep your enemies out of your inbox!
4. Don’t Share Drives: The culture of sticking a USB flash drive in any old USB slot, must end; it’s like having sex without protection; again, there are better ways to share files
https://tibetaction.net/knowledge/tech/dont-share-drives/
5. Strong Password (keep you safe online): You must use better passwords, enable features like Google’s two factor authentication, and use services like LastPass or KeePass
https://tibetaction.net/knowledge/tech/strong-passwords/
6. Think Before You Click: Hyperlinks have revolutionized our lives, but when they come inside an email message, they can lead to a whole world of hurt.
https://tibetaction.net/think-before-you-click/
(this is our latest tip, and as it is quite relevant here, I’ve embedded the video)
… and here is just one of the great posters available for printing and posting at your workplace, available at https://tibetaction.net/safetravels. Yes, it has Tibetan writing on it, but that makes it even more legit, doesn’t it?
Tashi Delek!