Académique Documents
Professionnel Documents
Culture Documents
SECURITY
GUIDE
FOR
DUMMIES
A BEGINNERS GUIDE
opendatasecurity.io
TABLE OF CONTENTS
03
PART I
This is the Internet, the oasis
in which we live in
11
PART II
A home with all doors closed,
the key to cybersecurity
18
PART III
Cybersecurity for the
workplace
26
PART IV
Symptoms and remedies:
how to face cyberthreats
OPENDATASECURITY.IO
PART I
This is the Internet,
the oasis in which
we live in
Wake up and look at the phone. Have a You are part of that exorbitant amount of
shower, get dressed and close the door when users in the network that generate
leaving your house. Get in the car, put on the information every time you:
seat belt and drive to work.
It is not until you have your very first coffee, Connect to a wifi network.
when you realise you have been acting on Do a search on Google or any other search
autopilot mode. Without thinking.
engine.
Click on a link.
It is logical to close the house door; we
Register in a web or application.
assume that for safety you have to put on
your seat belt when getting in the car. We Download and install an application on
know that using a helmet when riding a your device.
motorcycle protects us, and for the same Send or receive an e-mail or an instant
reason, we try to look before crossing the message.
street. Buy something in an online store.
Like a publication on social networks.
We integrate these actions in order to survive Publish content on a social network, blog,
the dangers of real life. But the question is:
application or web.
are we prepared to survive in the online
world?
While reading this, you are one of the 3,764 And the list does not end here. It is much
million people connected to the Internet. longer because we are doing more and more
things from our Internet-connected devices.
OPENDATASECURITY.IO 4
That’s why we produce much more that are willing to pay for it or to obtain it
information than we can imagine. using methods of doubtful ethics.
“Hacker” is a widely used term today. Its What matters to users is cybercriminals
meaning may vary according to the context in design complex attack methods every day to
which it is used. obtain sensitive information about us. And
they get it. Of course they do.
For example, the first meaning that appears in
the dictionary of hackers, points out that it is According to the data, we are talking about
“the person who likes to investigate the the criminal activity that generates the most
intricacies of programmable systems and how money in the world. In fact, in a recent report
to squeeze their capabilities, unlike the by the Accenture consultancy, it is pointed out
majority of users who prefer to learn the that a cyberattack can have higher costs than
minimum.” a natural disaster.
OPENDATASECURITY.IO 5
Attack techniques with which they get
what they want
The danger on the Internet exists for which the attackers act and the way in which
absolutely everyone. In cybersecurity, it is we can prevent ourselves from being victims
often said that zero risk does not exist. For of a cyberattack.
that reason, we should not stop trying to
protect ourselves.
PHISHING OR IDENTITY THEFT
The attacks we will see below are the most
common ones, those that generate the most It is the most common scam on the Internet. It
headlines, and to complicate this situation is based on posing as a person of trust or in a
even more, the way in which they can be company of which we are customers to obtain
presented can be very varied. our data: passwords, banking information,
among others.
OPENDATASECURITY.IO 6
1
To answer the e-mail by providing user Phishing is also present in fraudulent
information. websites you can access because they
havemanaged to appear in Google results or
because they are in the profile of a user of a
social network.
2
To answer the e-mail by providing user
information. For all the above, the best prevention for
phishing is based on distrusting the content
we receive through e-mail, instant messaging,
3
To click on a link that leads to a social networks and even distrust when
fraudulent web page in which the someone calls us to ask for private
attacker can ask for other actions such information over the phone.
as putting personal data that will be
used by the attackers. There are also antivirus and tools that scan
the attachments of our emails or block
potentially damaging links. These are
recommended and valid solutions, but not as
Phishing attack scenarios are not limited to
effective as caution.
email. It is possible to be attacked by instant
messaging or by phone calls if you pose as a
trusted person.
Screenshot of a phishing email requesting the download of an attachment. In it you can see a strange
email address and there’s no return address.
OPENDATASECURITY.IO 7
RANSOMWARE, THE WORM Therefore, it is best to have the backup
copies of your files updated so that we can
THAT BLOCKS ACCESS TO YOUR restore it in case our equipment is blocked
COMPUTER and the information is encrypted.
OPENDATASECURITY.IO 8
EXPLOITING VULNERABILITIES
AND ERRORS
It is usual that we have to update our devices DDoS attacks have been registered
every time a new version of the operating with a duration of 277 hours.
system or the applications we have installed Source: Quarterly Report on Malware
is released. Many times, this happens of Securelist 2017
because they bring news, such as new
functions.
Sometimes, what they do is solve a security system are not fixed until attacks already
breach that could compromise the occurring. Therefore, most of the time we are
information of the users. That’s why is is not aware of when they have attacked us and
important to keep the latest updates. a long time passes until we find out. A time in
which attackers take advantage to extract
Occasionally, the security breaches of a private information from users.
As we said at the beginning, the main Any sensitive data can be very precious, from
objective of cybercriminals is to earn money. the content we keep in our email, to our
Therefore, when they steal information from computer or mobile phone; logically, e-mail
us through a computer attack, their next step addresses, bank and credit card information
is to sell it on the black market or take are also of great value.
advantage of it.
OPENDATASECURITY.IO 9
We make the mistake of
thinking that our data has no
value, when it's actually the
main reason why cyber attacks
occur
PART II
advantage to cybercriminals to extract more
money. The result is to be expected: a bad
experience ending up as a looting.
OPENDATASECURITY.IO 10
PART II
A home with all
doors closed, the
key to cybersecurity
In the last few years, technology has advanced A click on the wrong place can cause great
in such a way that nowadays we can do damage not only to large organizations, but
practically everything without moving from also to people. In our daily life we carry out a
home. Thanks to the Internet we have series of simple and daily activities that can
everything in our hands, literally. Our finger is represent a very high risk for our security.
the only thing that separates us from clicking
on “Buy”, “Download”, “Tweet”, “Send”, etc. We arrive home and, normally, the first thing
we do is turn on the router (in case we ever
It is no longer necessary to go to the cinema turn it off). We connect our smartphone or our
to see the latest releases; nor go to the device to the Wi-Fi network of our home and
physical stores to buy any product we want to we are ready to navigate. And your neighbor
buy. We can even shop in the supermarket may know about this.
from home.
Wait, how will my neighbor know that I am
But, what if instead of buying some shoes or connected to the Internet? In fact it’s very
downloading a game, we were actually giving easy. They may have used your Wi-Fi on
away our bank details to a criminal? It is more than one occasion. If ever the speed of
totally possible, and we would not even notice navigation has been particularly slow despite
it. having a very high bandwidth, it may be due
to this: someone is accessing the Internet
This is how some cybercriminals act. As we from your network.
explained in the first Part of this dummie’s
cybersecurity guide, there are multiple risks Although public Wi-Fi connections are the
and dangers on the Internet. And all of them ones that receive most of the cyber attacks,
take advantage of the ignorance or domestic networks are not exempt from
misleading of the users, whose information this danger, as they can be easily accessed.
can be very precious.
To prevent unauthorized users from connecting wirelessly to our router, stealing our Internet
connection and even accessing other computers in our local network, these are usually protected with
a password.
OPENDATASECURITY.IO 12
The solution? Changing the password
OPENDATASECURITY.IO 13
What other methods are there to
protect our devices?
We must be careful with what we publish on In fact, and even if the cybercriminal could get
our social networks. They store large amounts all the shared information, they would only
of information about the activities we do, the see codes that could not be deciphered.
places we visit, the people with whom we
interact, our hobbies, the food we like, etc. When surfing the Internet, it is recommended
to do it on those websites where HTTPS is
All this information can be used by an placed in the address bar, which also give the
attacker to know our profile or plan and user an extra encryption. When the URL of a
launch custom attacks such as the phishing website starts with https: //, your computer is
that we mentioned in the first part of this connected to a page that is speaking to you in
guide. In addition, the information collected a coded, invader-proof and more secure
can be used even for kidnappings or language. And we must navigate in these type
extortions. of websites especially when we make online
purchases, as long as they are linked to
How to know which application is safe? recognized electronic payment gateways as
Visa, Mastercard, Paypal, among others.
In mobile technology, most messaging
services such as WhatsApp, for example, offer
an encryption system in all our FIREWALLS
conversations. This means only we and the
person with whom we communicate can read An additional tool to protect against Internet
the messages, preventing access to third threats is the use of a firewall. It is simply a
parties. security tool that controls which applications
have access to the Internet and which
OPENDATASECURITY.IO 14
connections are allowed to access our communications between the two parties.
computer. Firewalls are usually programmed
to automatically recognize threats, which ANTIVIRUS
means they are usually easy to use and do not
interfere with the way we use the computer. And of course having an antivirus. It is
essential to keep our operating system
VPN OR PRIVATE VIRTUAL updated and use the best antivirus to alert
and protect us against possible threats. It is
NETWORK also important to run it periodically in order
to find and remove malware, as well as
Another very good measure is to use a VPN perform automatic updates.
(Virtual Private Network), which is a network
technology that allows us to create a local If you are debating whether to buy an
network (LAN) even if we are browsing antivirus license or get one for free, we must
remotely and we need to pass the information bear in mind that although most of the free
through a public network. An VPN creates a software are of high quality and offer a
kind of tunnel and prevents anyone from reasonable level of security for home users,
catching and using that information. they do not always offer the same level of
protection.
Thereby, we make sure everything that comes
out of our devices is encrypted until the The best option would be to consult with an
receiver of the message gets that information. expert, and if possible, choose an antivirus
This can prevent man-in-the-middle attacks, that has technical support to help us with the
atype of threat in which the cybercriminal configuration.
acquires the ability to divert or control
OPENDATASECURITY.IO 15
The best option is not to trust innocently in insert it into our computers. They could have
the first thing that comes in to our email hidden malware in it without even knowing.
inbox, in that link offering us a free product, Therefore, it is essential to scan with an
in that user who wants to add us to a social antivirus every element we introduce in our
network and that we do not know, etc. devices or download from the web.
We must think twice before doing any of those Last but not least, we should get used to
actions: if something is too good to be true, backing up our device periodically to
then it is very likely to be fraudulent or minimize data loss.
harmful.
Devices such as a smartphone, a tablet, a own phone. This is the Internet of Things or
smart TV; smart appliances such as IoT.
refrigerators or ovens; even thermostats,
blinds, doors and lights controlled from your Currently all these devices are connected to
OPENDATASECURITY.IO 16
each other through Wi-Fi, Bluetooth or Internet of Things devices collect data about
infrared connections and communicate with us: they know what television programs we
a central control which is usually found in the see, what we say inside a room, at what time
same domicile or in the central server of the we arrived home, etc.
manufacturer.
And as the number of networks, operators,
The tendency shows there will be more consumers and devices increases, so does the
devices than people in each house. And these risk of a breach.
devices play an increasingly important role in
domestic life. A great example of that risk is one of the
scenes of the Mr. Robot serial, in which the
However, the IoT represents a difficult network of a house is hacked, altering the
challenge for security. The sensors of all behavior of all the devices that are in it.
Even the vacuum cleaner robots that have According to its CEO, Colin Angle, the
become so well-known in the last few years intention is to improve the technology of
can store valuable information about our smart homes, and Google, Amazon and Apple
homes. The internationally known brand are the possible buyers of that information.
Roomba stores information about the
dimensions of the houses and plans to sell it But should we trust this information will not
to other large technology companies. be shared with third parties? Our privacy is at
stake, and as we said, we can not trust
anyone, we can not even control what
happens in our own home.
The IoT or Internet of Things
If we can not feel safe at home, how would it
represents a difficult challenge be in our workplace? We’ll leave that for the
for cybersecurity, as it collects third part of this cybersecurity guide for
dummies.
data about us
OPENDATASECURITY.IO 17
PART III
Cybersecurity for
the workplace
The principle of scarcity says that we value an the data of the clients are an important part
asset higher when it has a scarce availability, of the economic activity. That is why
while we tend to think that what exists in protecting information should be one of the
abundance has little or no value. It is possible priorities of companies, but in most of them
that this theory explains why we do not give it is not yet.
importance to the information that we
generate as users. The Internet has given us a window of
business opportunities that sometimes makes
Possibly, this is the reason why cybercrime it difficult to perceive real threats. This means
has turned into one of the most profitable that, in terms of cybersecurity, companies are
criminal activities of these times, and this reactive and not active, which means that
situation will continue as long as we ignore they only look for solutions when they have
how much data our email address or ID been hit by an attack instead of preventing it
number can provide anyone who asks for by the implementation of cybersecurity
them. policies .
Things get worse when cybercriminals target But let’s go back to the beginning of the
companies. The corporate information and problem.
Remember, how was your first day of work? without delay. They explained to you details of
the company while you thought that it was
Surely, it was not one of the easiest. You had possible that you would forget everything
to learn the names of your mates not after a while.
OPENDATASECURITY.IO 19
But none of that information had to do with take advantage of it, just as they do with the
how to protect yourself from cyberattacks or frenetic rhythm that many workers have in
how to perform your job more safely. their offices.
And why is that a problem? Lack of awareness and rushing make up the
perfect context for an attack with high
Because every day we receive dozens of probability of success. And part of that
emails from customers, suppliers and success is determined by the methodology
advertisers; we manage orders through that cybercriminals use, like for example,
corporate or third-party applications; and in social engineering and phishing.
short, we carry out tasks proper to the
activity we perform without the necessary
security training.
Lack of awareness and rushing
The next click might end with the ransom of
the equipment and the encryption of the data makes the perfect setting for an
stored in it. Cybercriminals are aware of the attack with high probability of
lack of security training of most users. They
success
An exercise of persuasion. This is how you and social skills, the social engineer aims to
could define what people do when gain sensitive information.
performing social engineering.
An example of social engineering could be
Through a set of psychological techniques receiving the mail of someone who
OPENDATASECURITY.IO 20
supposedly is your manager. In the mail, he money transfer, but also download a
asks you to send certain confidential malicious file that can compromise your
information that you have or, depending on company’s infrastructure (phishing).
your responsibility, to make a bank transfer to
an account number that provides you with the Like this case, cybercriminals create every day
excuse that it is necessary to make that new ways to carry out attacks using social
payment as soon as possible. engineering and phishing. In this scenario,
learning to recognize a cyberthreat becomes
It seems that the CEO Scam is quite obvious, a need for all the people who work with
but the reality is that it has achieved a high electronic devices connected to the Internet.
level of sophistication, so it is a fairly
common attack among companies.
Also, this example can be even more A phishing attack may seem
terrifying if possible. On the one hand, it is
making you think that the mail comes from a obvious, but the reality is that it
manager (social engineering); on the other is more common than most
hand, it could not only ask you to make a
imagine
“The truth is out there”. Do you remember? They may be the people you spend more time
That’s what they said in the X-Files series, with than your family. It is possible that they
letting us know that we had to look for the are your work mates.
dangers outside, but how wrong they were.
According to a study that IBM published in
When it comes to cybersecurity, the people 2015, 60% of attacks came from within an
who make an attack possible do not have to organization. From that number, 44.5% of the
wear a hooded sweatshirt or be in front of attacks were perpetrated by evil, while
their computer at dawn. They can wear a suit 15.5%of those attacks originated by accident,
and tie or have an office schedule. which means by a worker who has allowed
access to the company’s infrastructure
without wanting to.
OPENDATASECURITY.IO 21
What are the basics of cybersecurity for
a company?
Information is power, but more powerful is If there is a reason why cybercrime has
the one who knows what to do with become the most profitable criminal activity
information. in the world, it is because the majority of
users are still not aware of how to identify
The really important thing is to know what to and proceed when there is a potential
do with that information, acquire the cyberthreat.
necessary knowledge to protect yourself, and
ultimately, it is important to have security The objective of computer security training is
training. precisely that.
We often think that we need a good antivirus But you also learn the importance of other
to protect our equipment. The truth is that protection methods: setting secure passwords
having these types of tools installed is fine, or trying to keep computers and applications
but they are useless when we allow (by updated.
mistake) all kinds of malware to access our
systems.
OPENDATASECURITY.IO 22
On the other hand, security training for a 3. SPECIFIC POLICY FOR
company should have some characteristics:
SENSITIVE DATA OF THE
COMPANY AND CUSTOMERS
Personalized security training according to
the activity of the organization: because it
is not the same to train bank workers as Does the acronym GDPR sound familiar to
those who manage a computer in a textile you?
store.
Different security training depending on They respond to the General Data Protection
the department: because the financial Regulation, a regulation that came out in May
department will be more susceptible to 2016 to be applicable in May 2018. This time
receiving potential threats than the people frame was granted so that all organizations
who are in customer service. Also, keep in operating in Europe will implement the
mind that hackers can design attacks for necessary policies and procedures.
positions with more responsibility because
they have more privileges and critical This regulation will give consumers more
information of the company. control over their information, as it implies a
lot of changes for organizations that handle
user data and we have talked about it at
length here and here. For the privacy of the
users it is good news, because the companies
2. ASK YOURSELF, HOW OFTEN (only those that operate in Europe) should
DO YOU BACK UP? take care of the information they store about
us.
The first thing we think when the disaster
takes place are the backup copies. They are
always ready to be used if those copies are
made…
Learning to recognize a
Maybe this is one of the most repeated
computer security tips, but we are going to
cyberthreat is a fundamental
say it once again. exercise to protect the
resources of a company
Backup copies must be done.
OPENDATASECURITY.IO 23
But not all cyberattacks are like the famous You execute it and, despite nothing happened
Wannacry ransomware, which infected at this time, you suspect that something went
thousand of devices around the world. There wrong…
are attacks that go unnoticed and it takes
months to know that there has been For these cases and many more, there should
information theft. be an action protocol: like contacting a
cybersecurity company or an IT security
For example, you download (unintentionally) a expert, if there is no one within the
file from an email that seemed trustworthy. organization.
In the business world, costs are everything. much data has been leaked, reestablish
infected equipment… costs vary according to
One of the first issues that arise when the type of attack that has been suffered.
improving the safety of companies is if it is an
expensive service.
OPENDATASECURITY.IO 24
that it is not a good look for a company to
have customer information stolen from its
customers. And ultimately, the consequences
of a cyberattack can affect the sales of the
organization.
PART IV
OPENDATASECURITY.IO 25
PART IV
Symptoms and
remedies: how to
face cyberthreats
Prevention and distrust are two concepts we should we do if we have been attacked by a
can not forget when putting ourselves in front cybercriminal?
of a device. This is definitely clear after seeing
how we are affected by the lack of security at In this fourth and last part of the guide, we
home and at work, as well as knowing how to will make a list of steps and recommendations
prevent a cyberattack. to follow once we have been victims of some
of the multiple threats already mentioned
And we will not stop saying it: conscience and throughout this manual.
good practices. Always remember that in
terms of cybersecurity, every precaution is From knowing how to detect them, to how to
helpful. face them, we bring you an index in which the
emphasis will be on reacting in time and
But what happens when it’s too late? What trying to minimize risks.
OPENDATASECURITY.IO 27
Among some of the symptoms that we can It is always advisable to go to the financial
find if they have supplanted our identity are institution in which we operate. We must ask
the following: for advice about the possible repercussions
and the steps we must take in case the
account has been affected by an attack.
You can not access your personal accounts
with the credentials with which you
normally use to login. SUBMIT A REPORT TO THE
You receive emails from purchases you AUTHORITIES
have not actually made.
Content is shared on your social networks
It is important to gather all the information
from your account even if you have not
possible, through screenshots, paper
published it.
documents, links, email addresses, emails,
You do not get some of the bills you usually
messages… and give a report to the Police.
receive.
CONTACTING GOVERNMENT
If we believe that we have been victims of AGENCIES
identity theft, there are a series of steps we
can take to respond to the incident and
It is not usual for cybercriminals to be behind
recover from it.
this type of personal data, but if they have
stolen documentation regarding the driver’s
CLOSE AFFECTED ACCOUNTS license or the social security number, we must
contact the relevant social security offices.
IMMEDIATELY AND CHANGE
PASSWORDS
Luckily, we can avoid in time the attacker If our identity has been
taking advantage of our resources if we freeze supplanted, we must close our
or change credit cards or bank accounts, as
well as all access passwords, even those of
personal accounts and change
our social networks or email. all passwords
2. What to do if I am a victim of a
ransomware attack?
If they are asking us for a ransom to re- On the other hand, trying to pinpoint the
establish the normality of our equipment and exact moment of the infection can help
return the decrypted information, then we are when identifying the type of ransomware or
facing a ransomware attack. determine the extent of the attack once it has
occurred.
Again we must act as soon as possible. First
we must turn off our device, as it stops the If we have backups, consider returning to a
encryption process. previous state in the system.
OPENDATASECURITY.IO 28
Once again, we must report the attack to the
authorities of our country and contact a
We should never pay the company specialized in cybersecurity so that
ransom since we will not know it can help us solve the incident.
We should never pay the ransom. In this way On average, a cyberattack takes
we will only be encouraging the cyber 170 days to get detected and
criminals to commit these type of attacks and 45 days to solve it.
we are not sure that we will recover the
Source: Panda Security
information.
Sometimes it is difficult to know if we are There are cases in which cyber criminals send
suffering a Distributed Denial of Service an email to notify of the incident and force
(DDoS) attack. If your website is down, it may payment so the attack is avoided. In fact, to
be because of legitimate traffic and not show that it is not a joke, they cause a brief
because of an attack. The key to interruption or an unexplained peak of traffic
distinguishing it lies in the amount of time the as a test.
service is down.
OPENDATASECURITY.IO 29
What we must do once we confirm we are Second, notify the place where we have
facing a DDoS is to contact specialists in hosted our website. In most cases the threats
mitigating these attacks to help us. It will be end up being false. However, it does not hurt
key to stop the attack. to give the alarm and have as many resources
as possible on our side.
Having a virus or malware causes them to external devices. The simple fact of making a
spread from one device to another, acting double click on our pendrive or external hard
just like any other infection. drive will infect the operating system.
OPENDATASECURITY.IO 30
We will know that we are infected if: avoid many setbacks. We must scan the
external memory and the devices to which
we have connected with the antivirus, as
By double clicking to open the external well as avoid using it on others if we have not
devices connected to our computer, made sure before we have completely
nothing happens. eliminated any threat.
When viewing hidden files and folders, we
realize it contains some unknown files. We In any case it will always be recommended to
must never click on them, since we will be reset the USB. However, we must bear in
activating the virus if it has not been mind that by doing this, we have eliminated
activated yet. the risk this USB will continue to infect other
devices, but our computer may still be
infected, so we will have to make sure that we
also eliminate the infection on all our devices.
To eliminate any threat, the antivirus plays a
If not, our USB would get infected again when
very important role, so we want to remind
connecting it to a computer.
everyone that having it always updated can
When our computer contains a virus we know tasks that consume resources, which is why
it because all kinds of pop-ups and messages the computer can slow down. Another
on the desktop usually appear, either symptom is the fact that applications do not
announcing things, saying that the PC is start, or another one we did not want to start
infected and must be protected, etc. is executed.
It may be the case the virus is performing When we connect to the Internet, many
OPENDATASECURITY.IO 31
windows may open or the browser displays
unsolicited pages. This often happens since Disconnecting from the network: We must
many of the threats are designed to redirect unplug the network cable, telephone or
traffic to certain sites that the user has not data from the equipment to try to prevent
chosen, and even to falsify directions making the data from reaching the attacker. The
us think that we are entering a legal site when bots can also use our equipment as a
it is actually a copy of the original. zombie in a coordinated attack on a larger
scale.
If we realize that some documents like Analyze our computer with an antivirus: A
photographs, certain folders, text files, etc. program with antivirus and antispyware
have disappeared from our computer, we functions can detect and often eliminate
should worry. It can be an infection. software threats from illegal activities that
would otherwise remain hidden in the
Another feature of many computer threats is computer.
the disabling of the security system installed, Make backup copies of important
such as antivirus or firewall. If just one gets information: A backup of our most
closed, it can be coincidence; but if they are valuable files, such as photos, videos and
all disabled, it is almost an unequivocal other work or personal files on a hard drive
symptom that we have become infected. or removable media, such as a CD or DVD.
Reinstall the operating system: Sometimes
In the same way, if the languages of the the only solution is to start over from
applications are changed, the screen turns scratch and reinstall the operating system
inside out, etc. we will have to apply the of the computer.
following recommendations:
OPENDATASECURITY.IO 32
you are at all times, or certain applications
have permission to the microphone or the
camera of our electronic devices.
Mobiles have changed and the
We must ask ourselves this question, is it interest of the cybercriminal does
really necessary? And the obvious answer is not reside in personal recognition,
no.
but in economic profit.
If we do this, we will be able to know more Source: PandaLabs
easily which is the problematic application
and which has the most probabilities of being
the culprit of the infection of our smartphone. delete those files, at least that way we will
stop the infection and eliminate the virus or
Even if you think that by eliminating the malware.
application you have solved the problem, you
should scan it with an antivirus to make It never hurts to perform a second analysis to
sure. Once the analysis is finished, we can see make sure that we have completely rid
not only the applications that are causing the ourselves of the problem. And in case our
problem, but also the files that have been passwords have been affected, we will have
affected. to change them.
Taking into account all the recommendations Now that we know it is all about time, having
mentioned, we could summarize them in 5 the help of a cybersecurity company will make
stages or steps that we must follow to face the process easier and faster. Therefore, do
any cybersecurity issue: not hesitate to contact Open Data Security
and we will advise you on how to avoid and
deal with the main cyberthreats, as well as
Preparation: Have a safety plan to know how to protect your privacy.
how to act.
Identification: Detect the attack, determine Whether you are a company or a private user,
the scope of the attack and keep the parts you can call our 24/7 line in case of an
involved up to date. emergency.
Containment: Try to minimize the risks
and the impact of the attack.
Remediation: Stop the attack once the
situation is controlled. SPAIN: +34 910 601 739
Recovery: Return to normality.
UK: +44 203 034 0056
USA: +1 347 669 9174
OPENDATASECURITY.IO 33
A LITTLE MESSAGE FROM THE OPEN DATA SECURITY TEAM:
Thank you for reading this Cybersecurity Guide for Dummies. Share it
and you will be helping other people to make a more responsible use
of technology and to face the main threats that unfortunately appear
every day in the world.
@ODSops info@opendatasecurity.io