This Is Security
This series, written by NJCCIC Director Mike Geraghty based on his extensive experience in information security, will provide organizations with no-hype, practical security tips to help them better secure their networks and prevent cyber incidents.
DDOS Attack Types and Mitigation Strategies
Over the past several months, the NJCCIC noted a significant uptick in the number of distributed denial-of-service (DDOS) attacks in which thousands of malware-infected systems are used to flood organizations’ networks, thereby preventing or impairing the authorized use of the targeted networks, systems, or applications. In some instances, these ...
User Beware: Your Smartphone Is Tracking Your Every Move
From services to apps, users of smartphones are unwittingly consenting to being tracked in real-time by a multitude of companies for the purposes of providing “requested features, integrations, user experience improvements,” and many other laudable-sounding reasons. What is not known by many users is that detailed information on their precise location and activity is being beaconed out by their phone and collected, shared, and sold to numerous organizations that aggregate these data sources with others to build a user profile that would make spy agencies and repressive governments green with envy.
Tips for Teleworkers, Remote Access Security
Telework Program Fundamentals: For many organizations, telework programs have been in practice for years – whether as part of the organization’s everyday work program or as a component of their business continuity plans. For those organizations, policies, educational programs, technologies, and support services for the remote workforce are well established. ...
The Importance of Multi-Factor Authentication
Knock, Knock – Who’s There? This month, another collection of user ID’s and passwords was released on the dark web. It includes more than 2 billion records that have been compiled from data breaches dating back as far as 2008. Identity and authentication mechanisms - i.e. usernames and passwords - ...
Applying Standards
Solving Cybersecurity Problems Through the Application of Standards In November 1999, Bruce Schneier famously wrote that “complexity is the worst enemy of security” in his essay titled, A Plea for Simplicity – you can’t secure what you don’t understand. As information technology has proliferated throughout society over the past 20 ...
Supply Chain Security
On June 27, 2017, the NotPetya malware was unleashed via a malicious, modified update to the accounting software package, M.E. Doc, which is used by many businesses in the Ukraine and elsewhere. Included in the malicious update package were exploits that helped the malware spread to computers throughout the world, ...
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.