Browser Compatibility Notification
It appears you are trying to access this site using an outdated browser. As a result, parts of the site may not function properly for you. We recommend updating your browser to its most recent version at your earliest convenience.

Emergency? Call 9-1-1

Non-Emergency? Call 1 (866) 876-5423

Cybercrime Prevention

Decrease Text Size Default Text Size Increase Text Size |
Print Link
|

More and more, people's everyday lives revolve around wireless networks, whether it's through mobile devices or home and work computers. Criminals are always coming up with new ways to access your information and accounts for profit.

Types of Cybercrime

  • Malware: Any software designed to damage a computer, system or network, like spyware or viruses
  • Phishing: Sending fraudulent messages to a user to gather private or sensitive information, like credit cards, social insurance numbers or login credentials
  • On-Path Attack: A threat actor inserts themselves between two people communicating online and either alters or gathers information from the conversation
  • Denial of Service Attack: A website or server is targeted and flooded with web traffic to slow or shut down the service
  • Zero Day Exploit: Threat actors exploit a security vulnerability in software or hardware to perform a cyberattack
  • Password Reuse Attack: Threat actors gain access to a victim’s password, either through a previous data breach of a commercial service or through other means, and attempt to use the same username and password on other services.
  • Internet of Things Attack: Refers to attacks on all the various internet-connected devices that are not traditional computers, such as home security systems, smart fridges and vehicles

At-home Cyber Safety

Use these quick tips to help safeguard yourself and your family:

  • Have secure settings on your computer. Whether it's for Wi-Fi access, social media sites or email, using strong passwords and using website and software protection features will help protect you
  • Learn about what online platforms your kids use and familiarize yourself with them
  • Don't let children have computers in their rooms. Keeping the computer in a public space will allow you to monitor their online activity
  • Stress the importance to your kids of never sending or sharing inappropriate pictures or messages. This can negatively affect their future when applying to college or university or when looking for employment, and could potentially be a criminal offence
  • Talk to your children about inappropriate content and how to deal with it
  • Never give out personal information such as name, address, date of birth, computer passwords or banking information

The key to safeguarding your child's online safety is to encourage an open dialogue and be involved in their online activity. Visit the federal government website GetCyberSafe for more online safety tips.

Business Cyber Safety

You can safeguard your business by following strategies to secure, prepare and respond:

Secure:

  • Replace outdated computer hardware, unsupported versions of operating systems and patch hardware/software to latest versions
  • Upgrade or decommission unsupported operating systems/hardware. Ensure software/firmware is up to date with the latest version and any patches are current
  • Close and secure unnecessary ports on your firewall  
  • Ensure Remote Desktop Protocol (RDP) is inaccessible directly from the internet. Close any unnecessary ports on your firewall to reduce the attack surface of the network
  • Enable multifactor authentication wherever possible
  • Consider implementing a mail filtering service to lower the risk of phishing emails being delivered to email inboxes.
  • Train and educate staff on detecting phishing emails (scrutinize emails before clicking links or attachments)
  • Be aware that some ransomware attacks can originate from compromised emails of legitimate business partners
  • Consider implementing data loss prevention measures to mitigate against the risk of data exfiltration

Prepare:

  • Have a disaster recovery plan, which is a step-by-step process to get back up and running, and ensure there is a hard copy of the plan available. Test the plan periodically
  • Have offline backups, which includes all business-critical data at a minimum

Respond:

  • Isolate unaffected devices and servers from the network if possible
  • Try and preserve evidence if safe to do so (i.e. network/firewall logs, ransom notes, suspicious files should be zipped and password protected)
  • Enact your disaster recovery plan, recover/restore from backups

For more tips to keep you and your business cyber safe, visit GetCyberSafe.

 

Cyber Attack Awareness Training for Organizations

York Regional Police offers Cyber Attack Awareness Training (CAAT). To obtain further information please email CAAT@yrp.ca