Online hackers are imagined as lone wolves hiding somewhere in the recesses of the internet, but often they are part of well-organized and sophisticated operations sometimes financed by foreign entities to do far more harm than gain access to a family’s checking account.
For instance, Microsoft and cybersecurity experts have recently warned that hackers sponsored by foreign governments are attempting to gain remote access to computer networks by exploiting a flaw, called Log4j2, in a utility widely used in Java applications.
Similarly, nearly one year ago, SolarWinds — a major technology firm that specializes in security software widely used by government agencies — was hit by a massive, months-long, cyberattack perpetrated by what experts believe were Russian government operatives.
The hackers uploaded malware into SolarWinds’ software products, compromising security at dozens of government agencies and private firms.
The SolarWinds cyberattack included phishing emails that targeted the company’s employees and customers, a reminder that hackers often use emails as an easy access point into computer networks.
To protect the USPS network, employees and contractors should do the following:
• Never use unapproved applications or software on any USPS device.
• Keep computer, mobile device software up to date.
• Change passwords regularly.
• Never share passwords with others.
• Store passwords written on paper in a secure location.
• Watch out for suspicious emails.
The CyberSafe at USPS Blue and LiteBlue pages have additional guidance