“You are a target.”

“你是目标。”

If the numbers are startling, at least one renown cybersecurity expert calls them overly optimistic:

如果数字令人震惊，至少有一位著名的网络安全专家称他们过于乐观：

• There is a hacker attack every 39 seconds.每39秒就会有一次黑客攻击。
• On average, 30,000 new websites are hacked daily.平均每天有30,000个新网站被黑客入侵。
• Cybercrime is more profitable than the global illegal drug trade.网络犯罪比全球非法毒品交易更有利可图。
• Sixty-six percent of businesses attacked weren’t confident they could recover.受攻击的企业中有66％的人不确定他们能否康复。

Joseph Steinberg is convinced the threat is even greater. A thought leader in cybersecurity, he is an emerging technologies advisor to cybersecurity, privacy and artificial intelligence companies. The columnist and author has written for Forbes and Inc.

约瑟夫·斯坦伯格相信威胁会更大。 他是网络安全方面的思想领袖，是网络安全，隐私和人工智能公司的新兴技术顾问。 专栏作家兼作者为《福布斯》(Forbes and Inc.)

“Cybersecurity is such an important topic,” Steinberg said. “We all need to brush up on and take it seriously for our personal and professional selves.”

“网络安全是如此重要的话题，”斯坦伯格说。 “我们所有人都需要认真对待并认真对待我们的个人和专业自我。”

He talked with millennial expert, consultant and LinkedIn instructor Chelsea Krost during her #MillennialTalk Twitter chat about the pervasive technology problem that only seems to get worse.

在#MillennialTalk Twitter聊天中，他与千禧一代专家，顾问和LinkedIn讲师Chelsea Krost进行了交谈，探讨了普遍存在的技术问题，这种问题似乎只会变得更糟。

There are measures everyone should take to stay cyber secure.

每个人都应采取一些措施来确保网络安全。

“Understand and internalize that you are a target,” Steinberg said. “You have data and accounts that hackers really want to steal and misuse for their own benefit — and at your expense.

斯坦伯格说：“了解并内化你是一个目标 。” “您拥有黑客真正想要窃取和滥用的数据和帐户，这是他们自己的利益，而这需要您自己承担。

“People who believe that criminals want to breach their computers, phones and accounts act differently — in many ways — than people who don’t understand this reality,” he said. “Those differences in behavior — many of which may not even be conscious — lead to much better cyber safety.”

他说：“相信罪犯想要破坏他们的计算机，电话和帐户的人在许多方面与不了解这种现实的人的行为有所不同。” “这些行为上的差异-其中许多甚至可能没有意识到-导致更好的网络安全。”

Steinberg offered the best ways to protect social media accounts from being taken over by hackers.

斯坦伯格提供了保护社交媒体帐户免遭黑客接管的最佳方法。

“First of all, turn on multi-factor authentication,” he said. “All major social media platforms support it. If you use multi-factor — even if they obtain your password — hackers are unlikely to gain access to your account.

他说：“首先，打开多因素身份验证。” “所有主要的社交媒体平台都支持它。 如果您使用多种因素(即使他们获得了密码)，则黑客不太可能获得对您帐户的访问权限。

“Second: Practice proper cyber-hygiene,” Steinberg said. “If you access social media from a device that is infected with malware, your account may be taken over.”

“第二：实践适当的网络卫生，”斯坦伯格说。 “如果您从感染了恶意软件的设备访问社交媒体，则您的帐户可能会被接管。”

便宜的保护 (Inexpensive protection)

He added 13 simple tips on how to achieve great cybersecurity without spending a fortune.

他添加了13条关于如何在不花大钱的情况下实现出色网络安全的简单提示 。

“The third way to protect yourself is to beware of social media scams,” Steinberg said. “Some of them are run by criminals trying to install malware to hack into your devices.”

斯坦伯格说：“保护自己的第三种方法是提防社交媒体骗局。” “其中一些是由犯罪分子经营的，他们试图安装恶意软件来入侵您的设备。”

He has compiled eight ways to protect against scams on social media.

他编写了八种方法来防止社交媒体上的欺诈。

“On the topic of social media and security, if you are on vacation and your house is empty, consider sharing your photos publicly only after you return home,” Steinberg said.

“在社交媒体和安全方面，如果您正在休假并且房屋空置，请考虑仅在回家后才公开共享照片，” Steinberg说。

In fact, he advised waiting a few days after events such as dinner with friends or attending a wedding before posting pictures.

实际上，他建议在与朋友共进晚餐或参加婚礼等活动后等待几天，然后再发布图片。

“This is especially true if the photos are shared with the whole world, rather than just with friends,” Steinberg said. “If you wouldn’t post, ‘Hi, everyone. Nobody is home in my house right now,’ you shouldn’t share pictures that effectively say the same thing.

斯坦伯格说：“如果照片是与全世界共享的，而不仅仅是与朋友共享的，那就尤其如此。” “如果您不发帖，'大家好。 目前没有人在家中我，'你不应该分享能有效表达同一观点的照片。

“And don’t share high-resolution images of your fingertips,” he said. “Hackers can sometimes lift fingerprints from pictures and misuse the fingerprints.”

他说：“不要共享指尖的高分辨率图像。” “黑客有时可以从图片上抬起指纹并滥用指纹。”

Facial recognition also makes him uneasy.

面部识别也使他不安。

“I have multiple concerns about using biometrics — facial recognition, fingerprints and so on — for unlocking phones,” Steinberg said. “I prefer strong passwords.”

斯坦伯格说：“我对使用生物识别技术(面部识别，指纹等)来解锁手机有多种担忧，” “我更喜欢强密码。”

Despite sounding alarms, warnings from experts about using public Wi-Fi fall on deaf ears.

尽管发出警报，专家关于使用公共Wi-Fi的警告仍充耳不闻。

“Ideally, if you have an unlimited data plan on your smartphone, use your cellular connection and don’t bother with public Wi-Fi,” Steinberg said. “You can use your phone as a mobile hotspot to go online with your laptop.

斯坦伯格说：“理想情况下，如果您的智能手机上有无限的数据计划，请使用蜂窝网络连接，而不必打扰公共Wi-Fi。” “您可以将手机用作移动热点，以便通过笔记本电脑上网。

“When that is not possible, consider what type of ‘public Wi-Fi’ is present, and what tasks you plan to do,” he said. “It is probably OK to look up a Wikipedia article on the password-protected guest network at a client site.”

他说：“如果不可能，请考虑使用哪种类型的'公共Wi-Fi'，以及您计划执行的任务。” “在客户站点上受密码保护的访客网络上查找Wikipedia文章可能是可以的。”

敏感数据的高风险 (High risk for sensitive data)

That is vastly different from intricate financial transactions.

这与复杂的金融交易有很大的不同。

“It’s not a good idea to login and use online banking while connected to an unprotected airport public network,” Steinberg said. “There are, of course, many levels of grey in between.

斯坦伯格说：“在连接到未受保护的机场公共网络时登录和使用在线银行不是一个好主意。” “当然，介于两者之间的灰度等级很多。

“Advice not to ever use public Wi-Fi is not practical, but use it wisely,” he said, pointing to his article, “How to Safely Use Public Wi-Fi.”

他说：“建议永远不要使用公共Wi-Fi是不切实际的，但是要明智地使用它。”他的文章指出： “如何安全地使用公共Wi-Fi。”

Surprisingly, Steinberg is not a fan of burdensome passwords.

令人惊讶的是，斯坦伯格并不喜欢繁琐的密码。

“I hate long, complex passwords,” he said. “In many cases, requirements to create such passwords can actually worsen security — people write such passwords down, reuse them and so on.”

他说：“我讨厌冗长而复杂的密码。” “在许多情况下，创建这样的密码的要求实际上会恶化安全性-人们写下这样的密码，再使用它们等等。”

He recommended his article, “How to Create Strong Passwords That You Can Easily Remember.”

他推荐了他的文章“如何创建容易记住的强密码”。

“Keep in mind that not every site requires a strong password,” Steinberg said. “If you have to login to a site for only the site owner’s benefit, but you supply no personal data to the site, and don’t care about the site tracking you, you can get away with a simple password.

“请记住，并非每个站点都需要一个强密码，” Steinberg说。 “如果您仅为了站点所有者的利益而登录到站点，却不向该站点提供任何个人数据，并且不关心站点对您的跟踪，则只需一个简单的密码即可。

“Because it doesn’t matter if your account is hacked, you can just create a new password,” he said.

他说：“因为您的帐户是否被黑客入侵无关紧要，所以您只需创建一个新密码即可。”

His strong-password article is designed for sites that matter.

他的强密码文章专为重要网站设计。

“You can also consider using three unrelated words — at least one of which does not appear in the dictionary — and connecting them with numbers,” Steinberg said. “Then capitalize the nth letter.”

“您还可以考虑使用三个不相关的单词-至少其中一个不会出现在字典中-并将它们与数字联系起来，” Steinberg说。 “然后将第n个字母大写。”

He gave these examples: cOnversation5kRrost4jOseph and cHocolate5gOats4cOmputer

他给出了以下示例：cOnversation5kRrost4jOseph和cHocolate5gOats4cOmputer

“Those are strong passwords that appear complex, but are actually easy to remember once you pick a set of numbers and capitalization scheme,” Steinberg said.

斯坦伯格说：“这些密码看起来很复杂，但是一旦选择了一组数字和大写方案，它们实际上很容易记住。”

“For many passwords, you can also use a password manager, but they aren’t perfect either,” he said. “So, keep your most important passwords — email password, online banking password — in your head.”

他说：“对于许多密码，您也可以使用密码管理器，但它们也不是完美的。” “因此，请记住您最重要的密码-电子邮件密码，网上银行密码。”

方便的密码位置 (Handy password locations)

Writing passwords down and keeping them in a safe place is one — if not perfect — solution.

写下密码并将其保存在安全的地方是一种(即使不是完美的)解决方案。

“Many people keep in safe deposit boxes written-down backups of their important passwords,” Steinberg said. “Writing passwords down and keeping them in one secure location, however, is only good as a backup. You cannot access them when you are on the road or at work.

斯坦伯格说：“许多人将重要密码记下来的备份保存在保险箱中。” “写下密码并将其保存在一个安全的位置，这仅是一种备份。 在旅途中或工作中，您无法访问它们。

“Also, it is generally much better not to change passwords often, than to change them to weak passwords so you can remember the frequently changing passwords,” he said.

他说：“此外，通常最好不要经常更改密码，而不是将它们更改为弱密码，这样您就可以记住经常更改的密码。”

The average person faces a daunting task if super-large companies and the government cannot stop hackers.

如果超大型公司和政府无法制止黑客，普通人将面临艰巨的任务。

“The government and large companies have to open up their systems and networks for outside access,” Steinberg said. “For example, they let you access their various systems via apps or a web browser. You don’t have to open up your devices as such. In some ways, you actually start with an advantage over the government and large corporations.

斯坦伯格说：“政府和大公司必须开放其系统和网络以供外部访问。” “例如，他们使您可以通过应用程序或Web浏览器访问其各种系统。 您不必像这样打开设备。 在某些方面，您实际上是从优于政府和大公司的优势开始的。

“It is important to understand that the greatest threat to most individuals are opportunistic attackers,” he said. “They aren’t targeting specifically you. They just want to steal money or data from someone — or from as many people as possible.”

他说：“重要的是要了解对大多数人的最大威胁是机会主义攻击者。” “他们并不是专门针对您的 。 他们只是想从某个人或尽可能多的人那里窃取金钱或数据。”

Big players confront their own special challenges.

大型企业面临自己的特殊挑战。

“The government and large corporations often face targeted attacks from nation-states and other sophisticated attackers,” Steinberg said. “Those attacks are much harder to fend off.”

斯坦伯格说：“政府和大公司经常面临来自民族国家和其他资深攻击者的有针对性的攻击。” “这些攻击很难抵御。”

He listed the top three things to protect laptops:

他列出了保护笔记本电脑的三件事：

• Backup often enough that if something went wrong, you won’t panic about lost data if you need to restore from a backup. General rule: If you are not sure if you are backing up often enough, you probably aren’t.

  经常备份，以防万一出了问题，如果您需要从备份中恢复，就不会担心数据丢失。 一般规则：如果不确定是否经常备份，则可能不会。

• Store all sensitive data in an encrypted format. Encryption is available in various versions of Windows, MacOS, Android and iOS. Be sure to use it.

  以加密格式存储所有敏感数据。 Windows，MacOS，Android和iOS的各种版本均提供加密功能。 确保使用它。

• Run security software that includes anti-virus, firewall, anti-spam and other beneficial technologies. Such tools are relatively inexpensive. When it comes to information security, an ounce of prevention is often better than many tons of cure.

  运行包括防病毒，防火墙，反垃圾邮件和其他有益技术的安全软件 。 这样的工具相对便宜。 在信息安全方面，一盎司的预防往往胜过许多吨的治愈。

勒索软件漏洞 (Ransomware vulnerability)

These measures apply for ransomware defense as well.

这些措施也适用于勒索软件防御。

“Ransomware is a great example of why — when it comes to information security — prevention such as frequent, secure backups can be worth many times their effort,” Steinberg said.

Steinberg说：“勒索软件是一个很好的例子，说明了为什么在信息安全方面，进行频繁，安全的备份等预防工作值得付出很多努力。”

Smartphones are not immune from hackers. Steinberg noted top ways to protect the devices:

智能手机无法幸免于黑客的攻击。 Steinberg指出了保护设备的主要方法：

• Protect access to your phone. I prefer strong passwords, but biometric unlocks can also be used. In any case, lock your devices — and don’t leave them where they might be stolen.保护对手机的访问。 我更喜欢强密码，但也可以使用生物特征解锁。 无论如何，请锁定您的设备-请勿将其放在可能被盗的地方。
• Enable remote find and remote wipe. If your device goes missing, you want to be able to locate it or wipe it, depending on the circumstances.启用远程查找和远程擦除。 如果设备丢失，则需要根据情况定位或擦拭设备。
• Run security software. Remember, smartphones are really full-blown computers on which one app out of many is a phone app. They are computers, which are hackable. They are “smart phones” in the same sense that Ferraris are “fast horseless carriages.”运行安全软件。 请记住，智能手机实际上是功能完善的计算机，其中有一个应用程序是电话应用程序。 它们是可入侵的计算机。 它们是“智能手机”，就好像法拉利是“快速无马车厢”一样。
• Do not install apps from anywhere other than reliable app stores. For most people that means install only from Apple, Google, Amazon, the manufacturer of your device and your mobile provider.请勿从可靠的应用商店以外的任何地方安装应用。 对于大多数人来说，这意味着只能从Apple，Google，Amazon，您的设备制造商和您的移动提供商安装。
• Do not let hackers steal your phone number. Make sure you have a strong password established with your mobile provider, without which the provider will not allow anyone to make changes to your account.不要让黑客窃取您的电话号码。 确保您与移动服务提供商建立了强密码，否则，提供商将不允许任何人更改您的帐户。

“Criminals stealing phone numbers is a big issue,” Steinberg said. “Many password reset systems — and authentication mechanisms — text to phones.”

“犯罪分子窃取电话号码是一个大问题，”斯坦伯格说。 “许多密码重置系统和身份验证机制均会发送短信到手机。”

This is explained in greater detail in Steinberg’s article, “Do Not Let Criminals Steal Your Cellphone Number with This Scam.”

Steinberg的文章“不要让犯罪分子利用此骗局窃取您的手机号码”对此进行了更详细的解释。

Krost added these smartphone security measures:

Krost添加了以下智能手机安全措施：

• Tweak iOS settings for maximum security.调整iOS设置以获得最大的安全性。
• Set a stronger and longer passcode.设置更强和更长的密码。
• Enable two-factor authentication.启用两因素身份验证。
• Disable location tracking.禁用位置跟踪。
• Disable photo sharing.禁用照片共享。
• Install ad-blocking and malware protection software.安装广告拦截和恶意软件防护软件。

苹果一天没有保证 (An Apple a day no guarantee)

One of the biggest cybersecurity myths is that Apple products are immune to tampering.

最大的网络安全神话之一是Apple产品不受篡改。

“No,” Steinberg said. “I wish there was a magic easy way to stay cybersecure, but there is not.”

“不 ，”斯坦伯格说。 “我希望有一种神奇的简便方法来保持网络安全，但没有。”

Despite their strength, he noted that Apple products face several challenges:

尽管有实力，他指出苹果产品仍面临以下挑战：

• Plenty of attacks target Apple devices and their users.许多攻击针对Apple设备及其用户。
• Many people fall prey to scams that ask them to submit information over the web.许多人成为骗局的骗局，这些骗局要求他们通过网络提交信息。

“No matter what devices you use, you need to think about staying secure,” Steinberg said. “You need to remember you are a target.”

“无论使用什么设备，都需要考虑确保安全性，” Steinberg说。 “您需要记住自己是一个目标 。”

Targeting extends to email and texts.

定位扩展到电子邮件和文本。

“Email is not secure,” Steinberg said. “Nor was it designed to be secure. You can use encryption and digital signature add-ons to make it more secure. But even with those improvements, it is still far from perfect.

“电子邮件不安全，”斯坦伯格说。 “它的设计也不是为了安全。 您可以使用加密和数字签名附加组件来提高安全性。 但是即使有了这些改进，它仍然远非完美。

“SMS texting might have some improvements over basic email, but it is not as secure as more modern methods of texting such as WhatsApp,” he said.

他说：“ SMS短信可能比基本电子邮件有了一些改进，但不如WhatsApp等更现代的短信方法安全。”

Yet, this is also not the solution.

但是，这也不是解决方案。

“WhatsApp offers end-to-end encryption,” Steinberg said. “Messages can be encrypted in a way that, in theory, ensures only the sender and recipient of any particular message can read it.

“ WhatsApp提供端到端加密，” Steinberg说。 从理论上讲，可以以某种方式对消息进行加密，以确保只有特定消息的发送者和接收者才能读取它。

“But there are still issues,” he said. “For example, metadata is created. WhatsApp and others may know who you spoke with and when, for how long you spoke and so on. There is no guarantee that there are no imperfections in WhatsApp’s security either.”

他说：“但是仍然存在问题。” “例如，创建了元数据。 WhatsApp和其他人可能知道您与谁交谈以及何时交谈，交谈了多长时间等等。 也不能保证WhatsApp的安全性也不存在任何缺陷。”

选举报道 (Election coverage)

On a broader national and international scale, there are worries that Russia can hack elections, a term Steinberg finds somewhat confusing.

斯坦伯格发现，在更广泛的国家和国际范围内，人们担心俄罗斯会破坏选举。

“Most election interference involves the spreading of misinformation, which anyone — including the candidates themselves — can do,” he said.

他说：“多数选举干扰都包括散布错误信息，任何人，包括候选人本人，都可以这样做。”

Steinberg allowed that sometimes foreign governments exploit technology to make it look like Americans — and not foreign governments — are spreading the information.

斯坦伯格允许有时外国政府利用技术使它看起来像美国人，而不是外国政府，在传播信息。

“There is a danger that someone could hack voter registration databases and, thereby, allow people to vote more than once, and prevent others from voting,” he said.

他说：“有人可能会侵入选民注册数据库，从而使人们可以多次投票，并阻止其他人投票，这是一种危险。”

“Yet, doing so is not easy, would only be impactful in states with close races, and would be at high risk of being caught,” Steinberg said. “Also, these systems generally have been fortified quite a bit since 2016.”

斯坦伯格说：“然而，这样做并不容易，只会在种族接近的州产生影响，而且极有可能被抓住。” “此外，自2016年以来，这些系统通常都得到了加强。”

In his view, misinformation can spread, but it’s highly unlikely enough fraudulent votes could be created to change election results.

他认为，错误信息可能会传播开来，但极不可能产生足够多的欺诈性选票来改变选举结果。

“Keep in mind that, by now, voters know that misinformation is spread online,” Steinberg said, adding a final note:

斯坦伯格说：“请记住，到目前为止，选民知道错误信息已经在线传播了。”

“While politicians like to talk about Russia, the reality is that China poses a much greater cyber threat to the United States than does Russia.”

“尽管政客们喜欢谈论俄罗斯，但事实是，与俄罗斯相比，中国对美国构成的网络威胁要大得多。”

About The Author

关于作者

Jim Katzaman is a manager at Largo Financial Services and worked in public affairs for the Air Force and federal government. You can connect with him on Twitter, Facebook and LinkedIn.

吉姆·卡扎曼(Jim Katzaman)是Largo Financial Services的经理，曾为空军和联邦政府从事公共事务。 您可以在Twitter ， Facebook和LinkedIn上与他联系。