网络安全习惯_健康习惯，确保良好的网络安全

网络安全习惯

In a similar fashion to everyone getting the flu now and again, the risk of catching a cyberattack is a common one. Both a sophisticated social engineering attack or grammatically-lacking email phishing scam can cause real damage. No one who communicates over the Internet is immune.

就像每个人都一次又一次地感冒一样，遭受网络攻击的风险是很常见的。复杂的社交工程攻击或缺乏语法的电子邮件网络钓鱼诈骗都可能造成真正的损失。没有人可以通过互联网进行交流。

Like proper hand washing and getting a flu shot, good habits can lower your risk of inadvertently allowing cybergerms to spread. Since the new year is an inspiring time for beginning new habits, I offer a few suggestions for ways to help protect yourself and those around you.

像正确洗手和注射流感疫苗一样，良好的生活习惯可以降低您无意间传播网络细菌的风险。由于新的一年是开始养成新习惯的鼓舞人心的时刻，因此我为保护自己和周围人的方式提供了一些建议。

1.进行跟进 (1. Get a follow-up)

Recognizing a delivery method for cyberattack is getting more difficult. Messages with malicious links do not always come from strangers. They may appear to be routine communications, or seem to originate from someone you know or work with. Attacks use subtle but deeply-ingrained cognitive biases to override your common sense. Your natural response ensures you click.

识别网络攻击的交付方法变得越来越困难。带有恶意链接的消息并不总是来自陌生人。它们似乎是例行交流，或者似乎是由您认识或与之合作的人发起的。攻击使用微妙但根深蒂固的认知偏见来超越您的常识。您的自然React可确保您单击。

Thankfully, there’s a simple low-tech habit you can use to deter these attacks: before you act, follow-up.

值得庆幸的是，您可以使用一种简单的低技术习惯来阻止这些攻击：在采取行动之前，请采取后续行动。

You may get an email from a friend that needs help, or from your boss who’s about to get on a plane. It could be as enticing and mysterious as a direct message from an acquaintance who sends a link asking, “Lol. Is this you?” It takes presence of mind to override the panic these attacks prey on, but the deterrent itself is quick and straightforward. Send a text message, pick up the phone and call, or walk down the hall and ask, “Did you send me this?”

您可能会收到需要帮助的朋友的电子邮件，也可能会收到即将上飞机的老板的电子邮件。就像一个熟人发送一个链接询问“大声笑。这是你吗？” 要想尽办法消除这些攻击所引起的恐慌，就需要思想，但是威慑本身是快速而直接的。发送短信，接电话和打电话，或者走到大厅问：“您发给我这个吗？”

If the message is genuine, there’s no harm in a few extra minutes to double check. If it’s not, you’ll immediately alert the originating party that they may be compromised, and you may have deterred a cyberattack!

如果消息是真实的，则再过几分钟再仔细检查也不会有任何危害。如果不是这样，您将立即向发起方发出警报，告知他们可能遭到入侵，并且您可能阻止了网络攻击！

2.使用并鼓励其他人使用端到端加密消息 (2. Use, and encourage others to use, end-to-end encrypted messaging)

When individuals in a neighborhood get the flu shot, others in that neighborhood are safer for it. Encryption is similarly beneficial. Encourage your friends, coworkers, and Aunt Matilda to switch to an app like Signal. By doing so, you’ll reduce everyone’s exposure to more exploitable messaging systems.

当附近的人感染了流感疫苗后，附近的其他人就更安全了。加密同样有好处。鼓励您的朋友，同事和Matilda姨妈切换到Signal等应用程序。这样，您将减少每个人对更多可利用的消息传递系统的了解。

This doesn’t mean that you must stop using other methods of communication entirely. Instead, think of it as a hierarchy. Use Signal for important messages that should be trusted, like requests for money or making travel arrangements. Use all other methods of messaging, like SMS or social sites, only for “unimportant” communications. Now, if requests or links that seem important come to you through your unimportant methods, you’ll be all the more likely to second-guess them.

这并不意味着您必须完全停止使用其他通信方法。而是将其视为层次结构。使用Signal表示应受信任的重要消息，例如要求付款或安排旅行。仅对“无关紧要”的通信使用所有其他消息传递方法，例如SMS或社交网站。现在，如果通过不重要的方法向您提出了看起来很重要的请求或链接，您将更有可能进行第二次猜测。

3.请勿将脏的USB插头插入* (3. Don’t put that dirty USB plug into your *)

You wouldn’t brush your teeth with a toothbrush you found on the sidewalk. Why would you plug in a USB device if you don’t know where it’s been?! While we might ascribe putting a random found USB drive in your computer to a clever exploitation of natural human curiosity, we’re no sooner likely to suspect using a public phone-charging station or a USB cable we bought ourselves. Even seemingly-innocuous USB peripherals or rechargeable devices can be a risk.

您不会用在人行道上发现的牙刷刷牙。如果不知道它去哪里了，为什么还要插入USB设备？虽然我们可能会将随机找到的USB驱动器归因于对人类自然好奇的巧妙利用，但我们再也不会怀疑会使用公用电话充电站或我们自己购买的USB电缆。甚至看似无害的USB 外设或可充电设备也可能有风险。

Unlike email and some file-sharing services that scan and filter files before they reach your computer, plugging in via USB is as direct and unprotected as connection gets. Once this connection is made, the user doesn’t need to do anything else for a whole host of bad things to happen. Through USB connections, problems like malware and ransomware can easily infect your computer or phone.

与电子邮件和一些文件共享服务在文件到达计算机之前对其进行扫描和过滤的电子邮件和其他文件共享服务不同，通过USB插入与连接一样直接且不受保护。建立此连接后，用户无需执行任何其他操作即可发生大量不良事件。通过USB连接，恶意软件和勒索软件等问题很容易感染您的计算机或电话。

There’s no need to swear off the convenience of USB connectivity, or to avoid these devices altogether. Instead of engaging in questionable USB behavior, don’t cheap out on USB devices and cables. If it’s going to get plugged into your computer, ensure you’re being extra cautious. Buy it from the manufacturer (like the Apple Store) or from a reputable company or reseller with supply chain control. When juicing up USB-rechargeables, don’t plug them into your computer. Use a wall charger with a USB port instead.

无需宣誓USB连接的便利性，也不必完全避免使用这些设备。不要搞乱USB行为，不要便宜USB设备和电缆。如果要插入计算机，请确保格外小心。从制造商(如Apple Store)或有信誉的公司或具有供应链控制权的经销商处购买。充入USB充电电池时，请勿将其插入计算机。请使用带有USB端口的壁式充电器。

养成健康的网络安全习惯 (Practice healthy cybersecurity habits)

Keeping your devices healthy and happy is a matter of practicing good habits. Like battling the flu, good habits can help protect yourself and those around you. Incorporate some conscientious cybersecurity practices in your new year resolutions - or start them right away.

保持设备健康快乐是练习良好习惯的问题。就像与流感作斗争一样，良好的习惯可以帮助保护自己和周围的人。将一些认真的网络安全实践纳入您的新年决议中-或立即开始实施。

Have a safe and happy holiday!

祝您假期愉快！