By New York State Senator Joseph A. Griffo, R-Rome, 47th District
In late September, Facebook announced that its engineering team had discovered a security issue that affected as many as 50 million accounts may have been hacked.
While the investigation is still ongoing, the social media company said on its website that the attackers had exploited a vulnerability in Facebook’s code that affected a feature that allows people to view what their own profile looks like to someone else. This allowed the perpetrators to steal Facebook access tokens that they could then use to take over people’s accounts, the company stated. These tokens are the equivalent of digital keys that keep people logged in to Facebook so they do not need to re-enter their password every time they use the app.
Facebook said that they took action to fix this vulnerability, informed law enforcement and reset the access tokens of the accounts that were known to be affected by the issue. The company also said that, as a precautionary step, they reset the access tokens for another 40 million accounts.
What happened to Facebook should be a warning sign that we should make our security while online a priority.
October is National Cyber Security Awareness Month, which is designed to make the internet a safer, more secure place for people. The initiative, under leadership from the U.S. Department of Homeland Security and the National Cyber Security Alliance, was created as a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online, according to the National Cyber Security Alliance.
To best protect yourself and your family when online, the alliance recommends:
· Having the latest security software, web browser and operating system because this is the best defense against viruses, malware and other online threats. Remember that mobile phones and tablets need updating, too.
· Improving account security by enabling strong authentication tools such as biometrics or unique one-time codes. Usernames and passwords are not enough to protect key accounts like email, online bank accounts and social media.
· Thinking before posting about yourself and others online. Consider what a post reveals, who might see it and how it could be perceived now and in the future.
· Protecting your valuable work, music, photos and other digital information by making an electronic copy and storing it safely.
· Being thoughtful about who gets that information and how it is collected through apps and websites. Information about you, such as your purchase history or location, has value – just like money.
· Setting a strong passphrase (at least 12 characters long) for your Wi-Fi network. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). Name your network in a way that doesn’t let people know it’s your house.
While the internet is a useful tool, it also can be dangerous if you aren’t careful. For more information about how you can protect yourself online, visit staysafeonline.org.