Archive for May 24, 2024

| May 24, 2024
Comments Off on Creating Strong Passwords is Good For You

Creating Strong Passwords is Good For You

Creating Strong Passwords is Good For YouYou can buy a small padlock for less than a dollar—but you shouldn’t count on it to protect anything of value. A thief could pick a cheap lock without much effort, or break it. Yet, many people use weak passwords. They use them to “lock up” their most valuable assets, such as money and secrets. Fortunately, everyone can learn how to make and manage stronger passwords. It’s an easy way to strengthen security both at work and at home.

What makes passwords ‘Strong’?

What makes passwords ‘Strong’?We all hate the dreaded “you must change your password” email from IT. It must be at least 12 characters long. It must include numbers, symbols, and upper- and lowercase letters. You think of a word you can remember, capitalize the first letter, add a digit, and end with an exclamation point. The result: Strawberry1!

Unfortunately, hackers have advanced tools. They can easily defeat passwords based on dictionary words. These are words like “strawberry” and common patterns. An example is capitalizing the first letter.

Increasing the complexity, randomness, and length of a password makes it stronger. These changes make it more resistant to hackers’ tools. You can see in the table below from MyITRisk.com. An attacker could guess an eight-character password in 8 seconds. But, a 12-character password would take four years to guess.

Password space charactersLength required charactersDefeted in.
26 (a-z)8.0077 Seconds
52 (a-z, A-Z)82 Seconds
62 (a-z, A-Z, 0-9)88 Seconds
26 (a-z)1259 Minutes
52 (a-z, A-Z)12168 Days
62 (a-z, A-Z, 0-9)124 Years
26 (a-z)1651 Years
52 (a-z, A-Z)1691 Years
62 (a-z, A-Z, 0-9)1655,988.220 Years
MyITRisk.com

 

It is also important to pay attention to password complexity. Also you should also pay attention to password unpredictability. You want to avoid common substitutions (e.g., ‘a’ to ‘@’, ‘s’ to ‘$’).

Why Uniqueness Matters

Why Uniqueness MattersPeople reuse passwords for many accounts. This risky behavior opens the door for attackers. Even a single password, even a strong one, can lead to access to valuable accounts. Password reuse can lead to a domino effect of account breaches.

Reusing passwords, even strong ones, can leave accounts exposed to attacks.

Here’s a real-life example

Ten years ago, Daisy joined an online gardening forum. She also created an online payment account and used the same password. She soon forgot about the gardening forum. But, someone accessed her payments account years later and stole a lot of money.

Daisy didn’t know someone had hacked the gardening forum. The hackers leaked users’ logins online. An attacker likely tried reusing Daisy’s leaked password on popular sites. Eventually, the attacker got lucky.

Guarding your passwords

  1. Don’t write them down. Many write passwords on post-it notes and leave them in plain sight. Even if you hide your password, someone could still find it. Similarly, don’t store your login information in a file on your computer, even if you encrypt that file.
  2. Don’t share passwords – You can’t be sure someone else will keep your credentials safe. While at work, you may have to take responsibility for anything that occurs when someone is logged in as you.
  3. Don’t save login details in your browser. Some browsers store this info in unsafe ways. Another person could access your accounts if they get your device.

Tips for keeping passwords secure

Consider sharing these password tips with family and friends.

  1. Never reuse passwords – Create a unique, strong password for each account or device. This way, a single hacked account doesn’t endanger other accounts.
  2. Create long, complex passwords. Don’t use passwords based on dictionary words, pets’ names, or personal information. Attackers can guess them.
  3. Use a password manager. These tools can store and manage your passwords. They can also generate strong new passwords. Some can also notify you when a password might be compromised.

rb-

A strong password is the main barrier keeping most of your online accounts from being hacked. Without up to date practices, you might be using passwords that cyber-frauds can easily guess within minutes.

The average user creates passwords to fight data theft. The user could switch up the characters in your passwords and “Tr1Ck” your way into security. However. in today’s environment you need to create passwords that can fight modern password theft methods. Today, cyber-criminals use sophisticated technology to get your passwords. Users must consider the hackers software that is designed to account for user behavior as it guesses your passwords.

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , ,
| May 18, 2024
Comments Off on War on SPAM: Do New FCC Rules Help?

War on SPAM: Do New FCC Rules Help?

War on SPAM: Do New FCC Rules Help?

In the battle against SPAM, the Federal Communications Commission (FCC) has made a move that may help us. Back in December 2023, the regulators published new rules to close loopholes used by spammers. FCC commissioners voted 4 to 1 in favor of these regulations, but skepticism remains. Will these changes reduce the flood of unwanted messages we get every day?

These rules focus on closing lead generation-based loopholes. Companies are exploiting the loopholes. They use them to flood consumers with robocalls and texts without consent. Reuters predicts the new rules may “double or triple” the number of lawsuits against spammers. This sounds promising. But, we still need to see how well authorities will enforce these rules. Another concern is if the new rules will succeed. They aim to stop the unethical tactics used by spamming entities.

More control over who can contact them

more control over who can contact themThe new rules require consent from consumers on a per-seller basis. This will give consumers more control over who can contact them. The new rules make clear that it is no longer “business as usual.”

Websites that compare prices and lead generators must get consumer consent to receive robocalls and robotexts. The consent applies to one seller at a time. It can’t apply to many telemarketers at once.

But, the approach’s efficacy remains uncertain. It relies on these entities’ willingness to adhere to the regulations.

SPAM red flags

SPAM red flagsFurthermore, the FCC now has the authority to “red flag” select phone numbers. Carriers must prevent the flagged numbers from sending texts. The new rules also expand the federal “Do-Not-Call” registry. It will now apply to unwanted marketing texts. It still remains unclear how this will be implemented in practice. There are so many SPAM calls and texts flooding consumers’ phones. Spotting and flagging specific numbers may be hard for the FCC.

Colin Sholes has covered SPAM’s dubious tactics. He is cautiously optimistic about the potential impact of these rule changes. Mr. Sholes, told Business Insider the FCC’s rule changes were “a long time coming.” He predicted they’ll have a big impact. They will decrease the number of SPAM calls and texts consumers get each day. He thinks the new FCC rule put companies “out of business” for using “slimy” tactics.

Politics as usual

Political exemptions in anti-spam lawsIt’s worth noting that political and campaign-related messages remain exempt from regulations. This is a significant gap in the FCC’s approach to combating SPAM. This loophole raises questions. Can the new rules fully address the SPAM problem?

Sholes predicts the exemption will last. It will last due to political benefits. Campaign stuff is just never going to go away. Members of Congress and their campaigns benefit from mass communication services. They carve out political exemptions in anti-SPAM laws to protect those conduits.

They may reduce SPAM. But, Sholes also stresses the challenges from political exemptions. He also notes the growing cunning of spammers.

SPAM continues

SPAM continues to plague consumers with no end in sightDespite FCC efforts, SPAM continues to plague consumers with no end in sight. Sholes points out that the FCC’s rules only apply to groups that use robocalling and robotexting tools. Marketers are generally allowed to call or text consumers without consent. This is true as long as they manually dial the phone numbers.

Stricter rules may lead to more lawsuits against spammers. But, it’s unclear if this will actually help consumers flooded by SPAM.

rb-

In conclusion, skepticism persists about the effectiveness of new FCC rules.  As we  await the outcome of these regulatory changes, the battle against SPAM calls and texts wages on, leaving many wondering if true relief will ever be achieved.

 

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , ,
| May 10, 2024
Comments Off on Data Breach Ensnares Michigan Politician

Data Breach Ensnares Michigan Politician

Data Breach Ensnares Michigan PoliticianHardly a day goes by that another company announces a data breach. In 2023, 353 million people had their personal info stolen. One reason for this many data breaches is the rise in healthcare data breaches. Since 2020, the healthcare sector has recorded the most data breaches. Healthcare is digitizing and storing lots of sensitive data. This sensitive data is a desirable target for hackers. Attackers can re-use the stolen information. They can use it to run more attacks. These include ransomware, SPAM emails, phishing, vishing, and bogus websites.

Data LeakOne example of why breaches in the healthcare sector are increasing is Perry Johnson and Associates (PJ&A). PJ&A is a health care consulting and medical transcription firm. It is largest private provider of transcription services in the United States. They have offices in Troy MI at the world headquarters of Perry Johnson Inc. Perry Johnson, of Bloomfield Hills MI, heads the firm. His claim to fame is as a “quality guru.”

Politics

Johnson has a dubious political track-record. He spent more than $20 million of his own money to get elected. He ran for governor of Michigan, as a Republican in 2022. But, before the Republican primary, they removed him from the ballot. This was due to fraudulent and invalid petition signatures. Johnson later started a campaign to become the 2024 Republican candidate for president. He abandoned that effort in October 2023.

PoliticanA data breach controversy has also ensnared Johnson. PJ&A suffered a data breach in March 2023. The PJ&A data breach is the second-largest healthcare data breach of 2023 and the 6th largest ever. The cyberattack exposed the medical and other personal data of at least 14 million people in the U.S. according to The HIPAA Journal, an online publication that covers the Health Insurance Portability and Accountability Act.

What Happened

PJ&A found unauthorized activity in its IT systems on May 2, 2023. It hired third-party cybersecurity experts to investigate the incident. The experts were assigned to find the attack’s nature and scope. They were to see if the attackers took sensitive data.

unauthorized activityThe investigation confirmed unauthorized network access. The unauthorized access occurred from March 27, 2023, to May 2, 2023. During this time, attackers got data from its clients. PJ&A told its clients about the cyberattack on July 21, 2023. In the following days, they confirmed unauthorized access to data.

Data compromised in data breach

Investigators completed the PJ&A data breach investigation on September 28, 2023. PJ&A said the information accessed by the unauthorized party included:

  • Name,
  • Address,
  • Date of birth,
  • information accessed by the unauthorized partyMedical record number,
  • Hospital account number,
  • Admission diagnosis,
  • Date/time of service,
  • Social Security number,
  • Insurance information,
  • Medical and clinical information including:
  • Laboratory and diagnostic testing results,
  • Medications,
  • The name of the treatment facility, and
  • Healthcare provider name.

Who does the data breach impact?

Health care providers that have reported data breaches related to Perry Johnson & Associates:

  • Health care providers that have reported data breachesConcentra (NY) 01/09/2024, almost 4 million records.
  • North Kansas City Hospital (MO) 01/05/2024, over 500,000 records.
  • Cook County Health (IL) 1.2 million individuals.
  • Northwell Health (NY) 3,891,565 individuals.
  • Mercy Medical Center (IA) 97,132 patients.

rb-

In recent years, the healthcare industry has become a prime target for cyberattacks. Data breaches are a big threat to patient privacy and institutional integrity. The Perry Johnson & Associates incident shows the vulnerabilities in healthcare systems.

The repercussions of such a breach are far-reaching. This exposure could lead to identity theft and financial fraud. It affects individuals and reveals their personal and medical information.

For patients, the incident is a wake-up call. They need to guard their personal data. They must also watch their digital footprint. Consumers can take actions to protect against data misuse. These include placing a credit freeze. You can also take these additional steps:

  • Place a credit freeze, which would prevent thieves from opening a new account in their name,
  • Put a fraud alert on their credit report so lenders can take extra steps to verify your identity before issuing credit,
  • Obtain copies of their medical records and review them for any errors,
  • Contest unrecognized medical billing, and
  • Inform your insurance company.
Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , ,
| May 1, 2024
Comments Off on Eight Tips to Save Your Battery

Eight Tips to Save Your Battery

Eight Tips to Save Your BatteryOur lives center on smartphones today. But, even the newest device is useless if its battery dies often. The majority of modern smartphone devices use Lithium-ion (LI-ion) batteries to keep them running. Lithium-ion batteries are the high-end of the rechargeable battery industry. They are smaller in size, require low maintenance and are environmentally safer than older batteries. Here are some tips to extend your battery life. Follow these expert tips from Credo to keep your phone charged all day.

What is a Lithium-ion battery

What is a Lithium-ion batteryLithium-on batteries in mobile phones consist of an anode (typically made of graphite), a cathode (often composed of lithium cobalt oxide), a separator, an electrolyte, and two current collectors (positive and negative). They operate by transferring lithium ions from the anode to the cathode during discharge. This transfer creates free electrons in the anode which generate a charge at the positive current. This electrical current then powers the device.

When the battery is charged, the process is reversed, with the lithium ions moving from the cathode back to the anode. This allows the cycle to start again when the device is used.

 

How save your mobile phone battery

Don't wait for your battery to die.Charge Smart, Charge Often – Don’t wait for your battery to die. Today’s batteries like frequent top-ups. So, charge your phone often. Aim to keep it above 50% for best results.

Unplug at Full Charge – Once your battery hits 100%, unplug it. Trickle charging cuts its lifespan. Avoid smothering your phone under pillows or books.

Turn Off WiFi and Bluetooth – Switch off these features when not in use. This saves power. If you’re out and about running errands all day, the phone is going to attach any AP it can find. This increases the power drain. So, switching WiFi off will extend your charge and the overall life of your battery.

Identify the Culprits – Check which apps use the most power. You can delete them or adjust settings to save power. Credo reports that the four most power-hungry features are: camera, location, microphone and WiFi connection. When all those functions are running in the background, they’re burning up a lot of your charge. Cloud storage provider PCloud found the top 10 battery hogs to be:

  • Check which apps use the most powerFitbit
  • Verizon
  • Uber
  • Skype
  • Facebook
  • Airbnb
  • Bigo Live
  • Instagram
  • Tinder
  • Bumble

Dim the Screen – Lower the screen brightness slightly to save your phone’s energy.

  • On your iPhone, go to Settings > Accessibility > Display & Text Size > Turn off auto-brightness. Then, adjust the brightness bar until you’ve reached your desired level of brightness.
  • On your Android device, tap Settings > Display > Tap the slider next to Adaptive brightness and switch it to the off position. Then, adjust the brightness bar until you’ve reached your desired level of brightness

Dark Mode Magic – Use dark mode for a stylish look and better battery life. It consumes less energy.

  • On your iPhone, go to Settings > Display & Brightness. Select Dark to turn on Dark Mode.
  • On your Android device, open Settings, tap Display, then toggle on Dark.

Upgrade Wisely – If your phone always needs charging, consider a new one with a better battery.

Rb-

Master these techniques to say goodbye to midday charging! Now, enjoy uninterrupted digital adventures!

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , ,