Cybersecurity

In fulfilment ofour tasks under the National Cyber Security System Act, we provide you withinformation to understand the threats that exist in cyberspace and advice onhow to effectively apply ways to protect yourself against these threats.

Cyber-security -according to current legislation - is "the resilience of informationsystems to actions that compromise the confidentiality, integrity, availabilityand authenticity of processed data or related services offered by these systems"(Article 2(4) of the Act of 5 July 2018 on the national cyber-security system(Journal of Laws 2018, item 1560).

The most common threats in cyberspace:

• malware attacks (malware, viruses, worms, etc.),
• identity theft,
• theft (phishing), modification or destruction of data
• blocking access to services,
• spam (unwanted or unnecessary emails),
• social engineering attacks (e.g. phishing, which is the phishing of confidential information by impersonating a trustworthy person or institution

‍

Ways to protect yourself from threats:

• install and use anti-virus and spyware software.Preferably use real-time protection,
• keep your anti-virus software and virus databases up to date (find out if your virus protection software has this function and does it automatically),
• keep your operating system and applications up to date without undue delay,
• secure your mobile devices. Laptops, smartphones and tablets should be secured using a PIN, fingerprint or other methods offered by device manufacturers.
  ‍
  ‍
  

It is advisable to use devices from known manufacturers that provide continuous patches and updates to official software. Do not install applications from unknown manufacturers without app shop authorisation. Apps from unknown manufacturers may lead to data leakage. Do not share your mobile devices with unknown persons and leave them without personal supervision. Do not connect unknown storage media, which may contain malware threats.

• do not open files of unknown origin,
• do not use bank, email or social networking sites that do not have a valid certificate unless you are 100% sure from another source that such a site is secure,
• do not use untested security software or publish your own files on the Internet (they may, for example, connect unwanted lines of code to the source of the page),
• scan your computer and check network processes from time to time - if you are not familiar with this, ask someone whoSometimes malware that establishes its own connections to the Internet, sending your passwords and other private data to the network can install itself on your computer despite good protection - be sure to detect and eliminate it
• check files downloaded from the Internet with a scanner,
• try not to visit too often sites that offer amazing attractions (free videos,music, or easy money to be made by sending spam) - such sites often contain hidden viruses, trojans and other threats,
• do not leave personal data on untrusted services and websites unless you are absolutely sure that it is not visible to third parties
• do not send any confidential data in an e-mail in the form of open text - for example, letpassword protected and encrypted - transferthesafe way
• remember to run the firewall
• make backups of important data
• remember that no bank or government office sends e-mails to its customers/stakeholders asking them for a password or login for verification purposes,
• do not log into systems with sensitive data using public Wi-Fi networks,
• use complex passwords with a capital letter, a number and a special character, change them regularly and do not use memorised passwords on websites,
• never send unencrypted sensitive data over a public network, which can be used for identity theft (PESEL, ID card number, etc.), - do not connect to a public network with sensitive data),
• do not connect an unknown device to your computer, e.g. a found memory stick.

‍

Understanding cyber-security risks and applying ways to safeguard against threats is essential knowledge for any user of a computer, smartphone or online service.

‍

All security advice for computer users is available on:

• The website of CSIRT NASK - Computer Security Incident Response Team operating at national level at: https://www.cert.pl/ouch;
• Ministry of Digitalisation at: https://www.gov.pl/web/baza-wiedzy/cyberbezpieczenstwo;
• Cyber security publications available at: https://www.cert.pl;
• Campaign website STOP. THINK. connect at: https://stojpomyslpolacz.pl/stp/.

The campaign aims to raise public awareness and promote cybersecurity.