3 things I taught NASA employees about cybersecurity

December 30, 2019

By Kim Komando

Working for NASA is a big job and a true honor. Every day, the talented men and women of NASA must think on a cosmic level because it’s not just about space exploration and research. Sometimes it’s about planetary safety, such as their plan to destroy Earth-ending asteroids. Tap or click here to read all about NASA’s innovative plan.

Other work involves preventing cyberattacks on Earth or the International Space Station. Like corporation or government agencies, NASA has to protect itself from the most sophisticated hackers.

But it begs the question: Do tens of thousands of NASA employees and contractors know how to protect their personal devices at home?

One vulnerable moment on a private server could lead to astronomical problems. So how do NASA employees defend their personal computers and myriad of devices? It starts by practicing good habits online. Tap or click to read 8 stupid things you’re doing on the web that put you at risk. Are you guilty of any of these?

I recently had the distinct pleasure of giving a keynote speech at NASA’s Glenn Research Center in Cleveland, Ohio for National Cybersecurity Awareness Month. I discussed important safety procedures everyone needs to know these days.

I covered three major topics during the event and, while each is important, luckily it’s not rocket science. You need to adhere to all three in 2020.

1. Your first line of defense

I get it, no one spends much time thinking about their router; you just want it to work. But for meaningful cybersecurity, your router is your first line of defense for keeping criminals out of your network.

Hackers could have compromised your router already and have complete access to your data, files and network. Tap or click here for a free test to see if your router has been hacked.

Right out of the box, your router comes with a default username and password. Since these credentials are available on the internet, amateur hackers know how to break in and do all kinds of damage. So, the first order of business is to log into your router’s administration console and get that generic password changed.

If you don’t know your router’s password, tap or click here to learn how to find it and change it.

Next, update your router’s firmware to the latest version. The exact steps depend on your router brand and model, but all the modern options have an administrator page you can access via browser.

All you have to do is type the default IP address of your particular router on your browser address bar and that will take you directly to that page. Tap or click here for detailed steps on updating your router’s firmware.

Once the credentials have been changed and the system is up to date, it’s time to adjust a few settings. If you’ve been using the same router for years and all you see in your security options is WPA or WEP, trust me, it’s time to go shopping for a new one.

Look for WPA2 or the latest standard, WPA3, and make sure your new router has a firewall, which comes built-in on just about every newer model. While you’re at it, there’s even more you can do. Tap or click here for 5 security settings to turn on before it’s too late.

2. Don’t leave home without it

Every time NASA provides a laptop for working remotely, the employee is required to use a VPN. That’s exactly why they were created in the first place — to securely connect business networks together through the internet to allow secure access from home.

A virtual private network, or VPN, is a layer of protection between your devices and the internet. It hides your IP or MAC address along with your location, and encrypts the data that travels from your device to websites you visit.

Most importantly, when you’re using public Wi-Fi, and not a trusted network, a VPN provides a critical layer of security. They’re inexpensive and easy to procure.

If you’re on an unsecured network like the one you might find at a coffee shop, airport, library or other public places, you send queries through cyberspace, and they route through private networks to other computers or servers, exposing you to skilled hackers.

If you want a more in-depth look at VPNs, tap or click for a complete guide to choosing and setting up your own VPN.

3. Beware the inbox

Phishing attacks are no joke. Scam attempts that come into your email, social media accounts and text messages can be very convincing at first — until you take a closer look.

Phishing scams have become more sophisticated in recent years. Instead of the long-lost uncle leaving you a $10 million inheritance, scammers pose as real businesses or government agencies.

You might get an email that looks like it’s from Netflix, saying your account has been compromised and you need to reset your password. Tap or click here to see what it looks like. If you click the link from your email, you’ll be taken to a website that probably looks like the real thing.

RELATED: Hackers are smarter than ever, and they have new ways to fool even the savviest among us. Tap or click here for 3 ways to avoid falling victim to these smart phishing attacks.

The next type of scam is called spear phishing, and it’s a little more personal: Realistic-looking emails from real companies or agencies might include your name, phone number and even your job title or home address. This information could be culled from social media, or maybe it originated from a data broker.

Phishing attacks could include malicious links or even attachments that can infect your system with malware. That way, they can access what’s on that device or worse: infect your entire network and potentially any other device on it.

So don’t wait. If these techniques are good enough for NASA, they’ll definitely work for you.

BONUS TIP FOR EXTRA KNOW-HOW: How to see all the devices connected to your network

If you use wireless internet at home, you probably have several devices connected to your network. It’s so easy to keep piling on additional devices, too: your new laptop, another video game console, a new tabet or even your friend’s phone.

You may even begin to lose track of everything that’s connected, or worse, notice things that don’t belong. There may even be users who have tried to connect yo your Wi-Fi network without your permission or knowledge.

This is bad news for a few reasons. Someone could be stealing your network bandwidth — or your personal information. Luckily, there are simple ways to determine which devices are connected to your network, and you can prune what should and shouldn’t be there.

Tap or click here to take a closer look at who’s using your connection.

What digital lifestyle questions do you have? Call Kim’s national radio show and tap or click here to find it on your local radio station. You can listen to or watch The Kim Komando Show on your phone, tablet, television or computer. Or tap or click here for Kim’s free podcasts.

https://www.komando.com/tips/cybersecurity/3-things-i-taught-nasa-employees-about-cybersecurity/