October Is Cybersecurity Awareness Month
Do Your Part. #BeCyberSmart.
Cybersecurity is everyone’s responsibility. You can do your part by reporting anything suspicious, implementing stronger security practices, and helping to raise awareness.
How to Be Cybersmart
Cyberattacks at work don’t just impact your co-workers and you – they also affect our residents and others who rely on us to keep their data safe. Last year, breaches due to cyberattacks at American businesses went up 17 percent. That’s 1,474 successful breaches nationwide. Cybercriminals don’t just use technology to steal information – they also rely on human error and our natural tendency to share information about our lives.
Stay vigilant: it only takes one mistake. Data breaches are rarely the result of a criminal hacking through an organization’s infrastructure. Often, they begin with a single vulnerability. One person is tricked into giving up their password or other information, and all the data that user has access to is exposed. Always be on alert for phishing and social engineering attacks. Be wary of unusual sources, do not click on unknown links, and report suspicious messages immediately to phish@nycha.nyc.gov.
Remember, if we work together to be cybersmart, we can keep our organization safe.
Simple Tips to Stay Safe
- If you see something, say something.
Employees: NYCHA employees should report IT issues to the NYCHA IT Service Center by opening a ticket on the NYCHA IT Service Portal or by calling (212) 306-7000.
NYCHA residents and other partners: If anything unusual is noticed on NYCHA web pages or in NYCHA applications, it should be reported to the CCC at (718) 707-7771.
- Business information is personal information. Many of us handle data at work that is sensitive. This doesn’t have to be credit card or Social Security numbers – it can be any employee, customer, or resident data, especially anything that can be tied to a specific person. Do not share company data with anyone outside the organization.
- Keep passwords smart and secure. Passwords should be easy to remember but difficult to guess. You can use a phrase or series of words, but make sure to include enough random elements that no one could guess them. Remember, especially if you are working from home, to keep any routers, networks, and connected devices configured properly.
- Be up to date. Periodically ensure your software is updated to the latest version available. While NYCHA pushes updates to its own computers automatically, if you work from home you will be responsible for updating commonly used software like browsers. Be sure to have virus/malware protection enabled on any computers you use for work, and run a scan regularly.
- Being cybersmart doesn’t stop when the work day ends. Social media is a part of the fraud toolset. Attackers can look for information on Google, on Facebook, or anywhere online to get information about you or others in our organization. Avoid sharing potentially sensitive information on social media or elsewhere online, and never use social platforms to conduct work-related business or exchange sensitive information.
Learn More
Learn how to #BeCyberSmart by watching these engaging videos
What Is Phishing?
Links in email, social media posts, texts, and online advertising are often how cybercriminals try to steal your personal information. Even if you know the source, if something looks suspicious, delete it. Don’t click on a link from a stranger. Here are some ways to recognize a phishing attempt:
What Is Ransomware?
Ransomware is a type of malicious software, or malware, that prevents you from accessing your computer files, systems, or networks and demands that you pay a ransom for their return. You can unknowingly download ransomware onto a computer by opening an email attachment, clicking an ad, following a link, or even visiting a website that’s embedded with malware. Once it is loaded on a computer, it will lock access to the computer or data and files stored there. You usually discover that your computer is infected when you can no longer access your data or you see computer messages letting you know about the attack and demanding ransom payments.
The best way to avoid ransomware – or any type of malware – is to be a cautious and conscientious computer user. Malware distributors have gotten increasingly savvy, and you need to be careful about what you download and click on.