This week's Cybersecurity All-Stars are Borough Council member, Bernie Flynn and Parking Director Ramsey Reiner.

Ramsey received a couple "spammy" messages while Bernie was concerned that an email was asking for unusual information.

I also want to acknowledge Keith Kurowski in Parks & Recreation & Kathy Brooks at Public Works for reporting suspicious messages this week!

All of these reports are very important because they demonstrate an engaged, informed and thinking staff.

Together we protect our organization and each other.

This week's Cybersecurity All-Stars are Bernie, Ramsey, Kathy & Keith!!

At the start of each year, I love learning what passwords people are using. A fact this year is that 84% of us reuse or passwords. Did you know that you can blame over 80% of data breaches on weak or repeated passwords?

Password Facts and Figures

Over 153 million passwords from leaked databases contained a curse word. Stay away from passwords with food items, too, especially “ice,” “tea,” “pie,” “cookie” and “cake.” 

Beyond that, some of the most commonly cracked passwords include:

• 111111, 12345, 123456, 12345678, 123456789, 1234567890, Qwerty123, 1q2w3e, Q2w3e4r5t 

Popular names, sports teams, seasons and vacation destinations are also major no-nos: 

• Eva, Alex, Anna, Max, Ava, Ella, Leo, Suns, Heat, Liverpool, Rome, Lima, Friday Summer and Winter. And don’t make your password the word “password.” 

How are Passwords Hacked?

The methods are not that complicated. Take the dictionary attack. Hackers use programs to automatically try every word in a “dictionary,” a small file with the most commonly used passwords, like the ones above. 

A “brute-force attack” is when hackers try every possible character combination in an attempt to guess your login. Spoiler: It works way too often. And don’t even get me started on how easily AI password crackers can get the job done.

Password Managers

I recommend that everyone use a password manager like “1Password” or “LastPass”. Passwords managers make the impossible - possible in respect to getting a handle on your passwords.

If your social media account hasn’t been hacked, you probably know of someone that has. It is very common for this to happen and often it is a bot that is responsible. If this does happen to you, you should take action right away. 

Here are some basic steps to take if you believe your social media account has been hacked. 

Step 1. Sign Out of Every Device

It’s disarming to think about someone else’s hands all over your social account, posting crap on your page. Fully sign out of your account on every device you’ve got.

Depending on the hacking attempt, this can often “kick out” more casual hackers who were piggybacking on automatic sign-ins. They’ll get asked for passwords they don’t have and won’t be able to log in again.

Step 2. Change Your Password

Log into your account on one device and change your password. The account or settings page will have this option.

Replace your old password with a strong new one. Make it at least 12 characters with a solid mixture of uppercase and lowercase letters, numbers and symbols.

Step 3. Report The Hack

Now, hackers should be mostly locked out of your socials. You can take a deep breath — but don’t stop just yet. Report the hack so the social app can help you roll back hacked messages and freeze your account until you’re sure everything is safe.

This problem is so bad that there’s a dedicated Facebook hacked page. No surprise, there’s also an Instagram hacked page and X’s questionnaire. 

Step 4. Check for Changes

No one likes cleaning the house, but it has to be done. Jump over to your account settings and check these sections for any funny business.

• Fake messages or posts: Get rid of them.
• Connected devices: Hackers add their own devices for easy access to accounts. Give them the boot.
• Third-party apps: New apps to track you or steal data might’ve been snuck in while your account was compromised. Remove them.
• Linked accounts: Hackers may have grabbed a bunch of bots or stalker-looking accounts as followers. Bye-bye.
• Your profile photos: Make sure it’s you and not someone else.

Step 5. Just one more thing…

Be sure that you enable two-factor authentication for your account. With 2FA, a secondary form of verification is required to prove your identity, rather than just providing your username and password to log into an account. You get a text with a 6-digit number to enter to access your account.

Bucks County 911 Ransomware Attack Update

Last week's Bucks County 911 cybersecurity incident that took down portions of the emergency dispatch system and left call takers and dispatchers using pen and paper is still being investigated.

Bucks County has identified a ransomware called "Akira" as the cause of a cyber security incident that has affected the county's Emergency Communications Department for more than a week. 

While the ransomware threat is emerging and the long-term cost to Bucks County is unknown there is lingering challenges such as fire department personnel needing to use old-school pagers for dispatching services.

Freehold Township, NJ Schools Closed After Cybersecurity Event

Earlier this week the Freehold Township School District (NJ) announced in a social post that the district’s schools would be closed Monday “due to technical difficulties related to a cybersecurity event.”

The school district’s website confirmed schools were closed Monday. Around 3,500 students and eight schools were impacted by the closure.

The Freehold School District reported that they have retained outside IT expert consultants who are working around the clock to assess, contain, remediate, and fully restore operation.

Freehold has not released any details about exactly how their network was compromised and as of this writing it was not announced when schools would reopen. 

There is a new Facebook hack going around and I wanted to make sure everyone was on the watch out for it. 

It goes like this…

“I can’t believe he’s gone. I’m gonna miss him so much.”

If you see a post on Facebook with these words (or anything close) be aware that your friend’s account is being used to spread a phishing scam.

Here’s how it works: An attacker steals an account. Then they post this vague but worrisome message, along with a website link that looks legitimate. (It’s usually an URL that starts with the Facebook domain or looks like an embedded video from BBC News.) The link redirects to a phony site that asks for your Facebook login info to proceed. If you enter it, the page captures your credentials. 

If your Facebook account gets taken over, your account gets used to spread this scheme to your network.

I spotted this phishing attempt last week when a friend’s account posted the Facebook redirect variant of the message.

To protect yourself from this campaign (and any others that rely on a compromised password), you can take a few steps. First, if you think you’ve fallen for one of these bad links, change your password as soon as possible and setup multi-factor authentication.