Information Technology

Whether it’s because a move Twitter itself made that you’re not fond of, a decision to move to another platform instead, or you’ve just had enough of social media as a whole, there are plenty of reasons why you’d want to leave Twitter. Unlike most sites that we frequent on the web, leaving Twitter isn’t as simple as signing off for the final time and never going back. That’s because of the massive amounts of data sites like this collect about us while we’re using them. To ensure that Twitter won’t continue exploiting your data after you’ve gone, you need to take the proper steps to fully delete your account and all of the data tied to it on your way out. In this guide, we’ll explain how to do just that, as well as how to take all of your valuable data with you. Follow along with the steps here and you’ll be done with Twitter. Or, if you change your mind and decide you just can’t quit the microblogging service, we’ll tell you how to undo the process as well. Step 1: Deactivating third-party services
Michael Gariffo–Twitter
Unlike some other sites that let you immediately delete your information and close down your account, Twitter requires either a 30-day or 12-month deactivation timeframe when you decide to delete your account. If a third-party app that you’ve linked to your Twitter account signs into your Twitter account during that time, your account can be reactivated and will continue to remain active even after the 30 days or 12 months have passed. More: Twitter accepts Elon Musk’s $44 billion buyoutBecause of this, the first step you should take when deciding to delete your account is to unlink all third-party services tied to your account. The steps to doing that follow: Log into your Twitter account,If you’re on a desktop browser, click More on the left side, then Settings and privacy. If you’re on the Twitter mobile app, click on your profile pic on the top left, then Settings and privacy.Once inside, click or tap Security and account access, then Apps and sessions, and finally Connected apps.Twitter will provide a list of all of the third-party apps and services that are connected to your account. You’ll need to select each one, then click Revoke app permissions.Once you’ve done this, you’re ready to actually delete your account without any worry that some forgotten app you attached to your Twitter profile years ago will accidentally foil your attempt to leave. More: Twitter founder Jack Dorsey regrets playing a role in centralizing the internetStep 2: Archiving your data (optional)
Michael Gariffo–Twitter
When your deactivated Twitter account reaches the 30-day or 12-month mark (whichever you choose), all of your data will be deleted from the social network’s servers, permanently. However, if you’d like to retain your data, Twitter provides a way to download an archive of everything tied to your account that remains on its servers. It may not seem like your Twitter data will be too valuable in the long run. But, if you ever need to access a link that you shared (or was shared with you), you need proof of some previous exchange, or you just want a way to take a trip down memory lane, you might as well go through this easy step to ensure that your data is available to you in the future. More: How to delete your Facebook account for goodFor this bit, you’ll need to use the Twitter website. None of its mobile apps offer this option. The process is almost identical whether you access the website via desktop browser or mobile browser. The steps of the process follow:Open your desktop or mobile browser. Navigate to Twitter.com and click on More on the left side. Then click on Settings and privacy.Once inside, click on Your account, then click on Download an archive of your data.You may need to enter your password at this point, then you’ll be able to click Request archive.Once you’ve done this, you’ll receive a notification that the process can take up to 24 hours for processing. Once the archive is ready, you’ll receive a mobile push notification via your Twitter mobile app, and an email. Both notifications will provide a link that will automatically take you to your Settings page on the Twitter website. There you can download the prepared archive of your data. More: How to back up your Gmail: The ultimate guideWhat you’ll actually download is a Zip file that you can unzip/uncompress into a folder with two important items inside: an HTML file titled Your Archive and a Data folder that contains all of the media you posted to Twitter, such as uploaded videos, images, and animated .gifs. The HTML file will open in your browser, where you’ll be able to navigate through it much like you would the Twitter website. The Data folder can be navigated like any folder on your desktop or smartphone. Within it, you can play/view your media locally, assuming the media type is supported by your current device. Once this is done, you’ve got your data and you can proceed to the final step. If anything within that data is precious to you, we’d highly recommend that you back it up, either locally, or to a cloud storage service of your choice. Next, let’s finally get rid of that account. More: How to delete yourself from internet search results and hide your identity onlineStep 3: Deleting your account
Michael Gariffo–Twitter
Because this process differs somewhat between doing it on your PC or doing it on your phone, we’ll describe each scenario individually. Deleting your account on your PC:Sign into Twitter.com in your desktop browser. Click More on the left side. Click Settings and privacy and look for the Your account section. Within there, click Deactivate your account. At this point, you’ll be presented with two “reactivation” periods: 30 days or 12 months. It’s important you choose carefully because, once this period expires, your account and all of its data will be gone forever. If you think it’s possible you might change your mind down the road, choosing the 12-month option might be best for you. Or, if you’re certain you’d like to make your exit as soon as possible choose 30-days. Once you’ve chosen, click Deactivate.You’ll have to enter your password at this point, and confirm your decision one final time by clicking Deactivate account one last time. Deleting your account on mobile: Sign into your Twitter mobile app. Tap on your profile icon in the top left corner. Tap Settings and Privacy in the pop-out menu. Within there, tap Your account and then Deactivate your account.At this point, you’ll be presented with two “reactivation” periods: 30 days or 12 months. It’s important you choose carefully because, once this period expires, your account and all of its data will be gone forever. If you think it’s possible you might change your mind down the road, choosing the 12-month option might be best for you. Or, if you’re certain you’d like to make your exit as soon as possible choose 30-days. Once you’ve chosen, click Deactivate.You’ll have to enter your password at this point, and confirm your decision one final time by clicking Deactivate account one last time.Once you’ve run through this process on desktop or mobile, just wait out your chosen reactivation period. At the end of 30 days or 12 months, your account, and all of its accompanying data, will be deleted forever. However, if you change your mind within the aforementioned timeframes, read on to find out how to reactivate your Twitter account. More: Cybersecurity 101: Protect your privacy from hackers, spies, and the governmentReactivating your Twitter accountUnsurprisingly, Twitter makes the process of reactivating your Twitter account much easier than archiving it or deleting it. All you’ll need to do is log into your account within 30 days or 12 months (whichever you chose when deactivating it). Once you’re logged in, you’ll receive a notice asking if you want to reactivate your account. If you choose Yes, you’ll be immediately directed to your restored Home page. It might take some time for Twitter to fully restore all of your account’s contents, including followers, media, and past tweets and DMs, so don’t panic if something is missing when you land back on your homepage. Coming back to Twitter after deleting your accountOne final note. If you choose, somewhere down the road, to return to Twitter after your 30-day or 12-month period has expired, you’ll need to sign up for a completely new account. If you’d like to reuse the same handle you had previously, you’ll have to hope that no one chose it as their username in the meantime. Once an account is deleted, anyone signing up can claim that account’s username as their own. If someone selected your username while you were away, you’re out of luck and will need to choose something new. Please note, this doesn’t apply if you’re within your reactivation period. Twitter keeps your username reserved for you until that reactivation period expires. 

ZDNet Recommends More

Victims of ransomware attacks are being urged to come forward and report incidents in order to help prevent other companies being hit with what’s described as the biggest cybersecurity threat around.Ransomware attacks have long been a significant cybersecurity issue, causing disruption to critical infrastructure, healthcare, businesses and services around the world. And the potential for disruption is so great, a UK government minister has described it as a national security threat. “The greatest cyber threat to the UK – one now deemed severe enough to pose a national security threat – is from ransomware attacks,” Steve Barclay, Lead Minister for Cyber Security told the National Cyber Security Centre’s (NCSC) CyberUK conference in Newport, Wales  Barclay said the National Crime Agency (NCA) receives, on average, one report about a victim of a Russia-based group responsible for ransomware attacks every week. No details were given about which ransomware gangs attacks have been reported by, but many of the most notorious cyber criminal groups are suspected to operate out of Russia. Ransomware attacks remain a cybersecurity problem because they’re effective, because – despite warnings not to – a significant percentage of victims opting to pay a ransom in order to retrieve their encrypted files. SEE: A winning strategy for cybersecurity (ZDNet special report)It’s estimated that in 2020 alone, ransomware attacks cost the UK £615 million – and it’s warned that the cost of ransoms have risen significantly since then – Barclay quoted figures suggesting the average ransom demand is $2.2 million.  But even those eye-watering sums might only be scratching the surface of the true cost of ransomware attacks – because victims aren’t disclosing them, something he said needs to change. “The number of incidents – and indeed their economic cost to the UK – is likely to be much higher. Law enforcement teams believe that most attacks go unreported: perhaps through embarrassment or a reluctance to admit that money has indeed changed hands,” said Barclay. “So, I would encourage any organisation that suffers an attack to come forward,” he continued, adding “By doing so, you will help us to strengthen our individual and collective resilience as we learn from each other”. The idea is that by reporting incidents, cybersecurity agencies can learn more about them, then can use that information to help other organisations from falling victim to attacks, as well as advising businesses on best practices about what to do should they fall victim to an incident. Some of the advice from the NCSC on protecting against ransomware attacks and other malicious cyber incidents includes providing users with multi-factor authentication, applying security patches and regularly testing the cybersecurity of the network. Barclay said that the government follows this advice too. “The government is stress-testing its own defences, too. The more complete our security picture, the better we would handle any attack,” he said.  MORE ON CYBERSECURITY More

Written by

Angelica Mari, Contributing Editor

Angelica Mari
Contributing Editor

Angelica Mari is a Brazil-based technology journalist. She started working at age 15 as a computer instructor and started writing professionally about technology two years later.

Full Bio

According to new research, Brazilian businesses have seen a significant rise in ransomware attacks in 2021, but most firms are not paying to recover their data. According to the study, The State of Ransomware 2022 by cybersecurity company Sophos, 55% of the 200 surveyed companies in Brazil were targeted by ransomware attacks last year. In comparison, the percentage reported in 2020 was 38%.

On the other hand, the percentage of companies that ransomware attacks in Brazil have targeted is still lower than the global average. According to the study, which polled 5,600 executives across 31 countries, 66% of firms reported they had been victims of ransomware attacks. In 2020, the global percentage was 37%. The study noted that only 40% of the Brazilian firms surveyed chose to pay malicious actors for ransom after being attacked. However, the companies that opted to do so only managed to get about 55% of data that had been stolen and encrypted back. According to the research, in Brazil, the average ransom payment was $211.790. This compares with the global average of $812.360, a five-fold increase on last year’s figures. When it comes to the methods most commonly used to restore data after a ransomware attack, some 73% of Brazilian companies cited backups as the main strategy. According to a separate report published by IBM on security threats in Latin America published in February, manufacturing companies were the most attacked sector in Brazil, representing 20% of the ransomware attacks in 2021. The study noted that this reflects a global trend, as cybercriminals found a vantage point in the critical role manufacturing organizations plays in global supply chains to pressure victims to pay ransoms.Accounting for 17% of the ransomware attacks in 2021, the mining sector is the second most targeted by ransomware gangs. The professional services, energy and retail segments account for 15% of attacks, following manufacturing and mining as Brazil’s most targeted sectors.With over 33 million intrusion attempts in 2021, Brazil is only behind the US, Germany and the UK in terms of ransomware attacks, according to a cyber threats report released by SonicWall earlier this year. In 2020, Brazil ranked ninth in the same ranking, with 3,8 million ransomware attacks. Despite the worrying scenario of 2021, other research suggests Brazil has seen an an improvement in its data breach situation in the first few months of this year, with an 80% decrease in the number of cases seen in the first quarter of 2022, according to new research by cybersecurity company Surfshark. The study noted that over 285,000 Brazilians were breached between January and March, placing Brazil in the 12th position in the ranking of most breached countries globally. That compares with the situation in the last quarter of 2021, when Brazil occupied the fifth spot on the list. More

Go incognito.
Getty Images/iStockphoto
There is now a very thin line, easily broken, which separates our physical and digital identities.Social networks have evolved from the days of MySpace to valuable, data-slurping machines that have information on everything from our friends and family to our voting habits.When you apply for a new job, many employers will try to find and evaluate your social media presence to ascertain if you are a suitable candidate. Advertisers will scrape publicly-available information on you, your social profiles, and your search history for targeted marketing.

A misjudged tweet from years ago or an inappropriate Facebook photo can destroy future job prospects or ruin a career. A Google search that reveals an old conviction can make it more difficult to get hired, and — whether true or not — allegations of criminal conduct spread online can cause misery and impact your mental wellbeing and job prospects in the long term.There’s the idea that once something is online, it is immortal, immutable, and almost impossible to contain. In other words, you should not put anything online you wouldn’t want your grandmother to see in case the consequences damage you or your prospects.However, keeping your digital information in check is not just about your online information. Monitoring the passive data collection conducted by companies from you is also important.Abuse, stalking, and bullying may also factor as reasons to erase our digital footprints and seize control of our devices. (If you suspect your mobile device has been compromised by spyware or stalkerware, you can check out our guide for removing it here.)Also: How tech is a weapon in modern domestic abuse — and how to protect yourselfIf you want to take control of your privacy and online data, here are some tips to get you started.Google and other search enginesThe Google search engine, among others such as Bing and Yandex, can be used to uncover exactly what information about you is public and what the average person can quickly find out without the need for advanced tools, social engineering, or Open-source intelligence (OSINT).Once you know what is online, you can start tackling the problem. Run a quick search and note any website domains that flag you, social media account links, YouTube videos, and anything else of interest.Quick tip: To stop your search queries from being tracked, switch to DuckDuckGo. You may have the right to be forgottenIn the EU, citizens can request the removal of information from Google search results. After filling in this form, requests are reviewed by Google employees on a case-by-case basis. You must provide the specific URLs you want de-listed, the search queries related to these URLs and you must explain why the tech giant should agree to your request.”Our professional reviewers will manually review your request. Broadly, the reviewer will consider whether and how the information may be in the public interest and weigh this against your rights under the applicable data protection law,” Google says. “There are several reasons why information may be in the public interest. As part of the balancing exercise, Google looks to a number of different sources, such as the guidelines developed by European data protection regulators.”Google may not accept every request to remove links relating to you. Reasons given for refusal include technical reasons, duplicate URLs, information deemed “strongly in the public interest,” and whether or not the content on a web page relates to professional lives, past convictions, work positions, or self-authored content. At the time of writing, Google has received a total of 1.26 million de-listing requests and almost five million URL de-listing requests.  Also: French privacy regulator finds using Google Analytics can breach GDPRHave I been pwned?You cannot take control of your digital footprint without knowing where and what information is stored — and potentially leaked.The Have I Been Pwned service is run by cybersecurity expert Troy Hunt and can be a useful tool to discover if any account information belonging to you has been compromised or included in a data breach. If you find an email address connected to you has been pwned, check to see what data breaches you have become embroiled in — and make sure you change your passwords as quickly as possible. You won’t be able to do much about the data leak itself, but this also could serve as a reminder of where you have opened online accounts.
Have I Been Pwned
Google accountsMake sure you visit the Google Account page, where there are numerous settings that can boost your privacy, reduce data collection, or remove you altogether from the ecosystem.
Screenshot via ZDNet
Privacy checkup: The Google Privacy checkup allows users to prevent Google from saving your searches and other Google activity to your Google Account and turn off your location history.You can also choose to disallow Google from saving web and app activities, Chrome history, YouTube history, voice and audio, and other data. Google has also introduced an auto-delete function for data stored.In this section, you can also choose whether or not to allow Google to use your information for tailored advertising.

ZDNet Recommends

Security checkup: The Google Security checkup can be used to show you which devices have access to your account, including laptops, PCs, and handsets. You can also find a list of any third-party applications which have been granted permission to access your account. Revoke permissions as necessary. In addition, if Google finds an online account with your email and password, you will see an alert here.  Delete me: Found under Account Preferences, Google’s deletion service can be used to delete select products or remove your account entirely. You can also download a copy of all your data. Google has also revealed plans to tighten up consumer security in the future, with a particular focus on giving Android users greater control over their information, following in the footsteps of Apple and the iOS ecosystem.Read on: How to replace each Google service with a more privacy-friendly alternativeFor a quick fix, use a serviceThere are several services available out there in which you can pay to keep your information away from data brokers.One such example is DeleteMe, a paid subscription service that maintains tabs on data collectors and removes data including names, current and past addresses, dates of birth, and aliases on your behalf.In turn, this can keep your private information off search results and away from platforms such as open people search databases.Also: The 5 best browsers for privacy: Secure web browsingWhen it comes to mailing lists, services such as unroll.me can list everything you are subscribed to, making the job of unsubscribing from newsletters, company updates, and more far easier.However, this service is not currently available to those in the EU due to GDPR regulations.Lockdown your social media accounts or delete primary accounts entirely Facebook: In the Settings tab, you can download all of Facebook’s information on you.You should also take the opportunity to lock down your account. In the Privacy tab, you should restrict your posts to ‘friends only,’ limit your past posts, and you can also decide to disallow lookups through your provided email address or phone number.An important element that shouldn’t be overlooked here is the option to remove your Facebook profile from search engine results outside of the social networking platform.

Under the Location tab, consider turning off location data collection by Facebook, too.If you look at Apps and Websites, you can also see what is connected to your Facebook account. If you choose to delete these, Facebook can also automatically remove posts, videos, and events the connected service posted on your behalf.  Twitter: Twitter also allows users to request their archive, which is all the information collected from you. This option can be found under the Settings and privacy tab.In the settings area, you can also choose to lock down your account entirely and make tweets private and only viewable by those with your approval; you can turn off tweets containing location data; you can decide whether or not to allow email and phone number searches to connect others to your profile, and you can choose whether or not to allow others to tag you in photos.Under the Safety portion of the tab, you can prevent your tweets from appearing in the search results of those you have blocked on the micro-blogging platform. You can also deactivate your account entirely.
Screenshot via ZDNet
Instagram: Facebook-owned Instagram has a number of privacy settings you can also change to maintain an acceptable level of privacy.By default, anyone can view your photos and videos on your Instagram account unless you are a minor. However, by going to your profile, clicking Settings, Account Privacy, and switching ‘Private account’ on, you can make sure your content is only viewed by those you approve.Remove everything: A more extreme option is to delete all of your primary social media accounts completely.In order to do so on Facebook, you can go to Settings & Privacy >Settings >Your Facebook Information >Deactivation & Deletion to deactivate it. This gives you the option to return at a later time and does not delete your data. Your settings, photos, and other content are saved, but you will not appear beyond unclickable text.Deactivating your account gives you the option to take a break and return later and will take you off searchable results.However, you can also permanently delete your account. If you have trouble finding this setting, you can also type “delete Facebook” in the Help Center tab.
Screenshot via ZDNet
You are given a grace period to change your mind and log back in. It can take up to 90 days before the deletion of content on your wall and in your account will begin.In order to deactivate Twitter, you need to click on Settings and privacy from the drop-down menu under your profile icon. From the Account tab, you can then click deactivate.To delete your Instagram account, log in and go to the request deletion page. Once you have submitted an answer as to why you are deleting your account, you will be prompted to re-enter your password, and then a delete account option will appear.Delete and deactivate old accounts

ZDNet Recommends

The best security key

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Do you have a MySpace account? Do you have old, unused customer accounts with e-commerce platforms that you only remember you opened when they send emails that detail recent discounts and deals?When information such as your name, physical address, telephone number, and credit card details are spread across multiple businesses, should these companies experience a data breach, your data is up for grabs.Also: ‘We’re losing control of our data’ as breaches reach an all-time highUnless the account is one you use frequently, consider deleting it permanently. It is a pain to find, remember credentials, and recover passwords associated with old accounts, but this is an important step in locking down your data.Remove old social media and blog postsIs it really necessary to preserve what you had for breakfast one morning in 2017 or your review on a now-defunct retail shop near you? Probably not.We are all responsible for the information we post online, but it does not have to stay there once it is posted. Effort and time are required to comb through old posts, but the result is worth it, and this may also train you to be more selective about the information you share in the future. … and if I can’t delete embarrassing content?Oversharing is never a good idea. However, suppose you have come across embarrassing forum posts or messages that you do not have the privileges required to delete, and the only other option is to contact organizations and webmasters directly?When you contact them, make sure you include a link to the content you are concerned about, give your reasons, and hope they agree to delete it. However, do not expect an immediate response.Find your old accounts and deletion optionsTo find your old accounts, visit Have I Been Pwned, check the lists of connected apps in your Facebook and Google accounts, and if you have a password manager, they will store the credentials of accounts you have used since signing up. Also: The 6 best password managersYou may have to manually login to each account you want to remove and, depending on the service, delete them from there — or you may have to contact the service provider with the request, such as via email or by submitting a ticket. If you aren’t able to delete your account, remove any sensitive information and if you can change the linked email address, name, and any other identifying factors. Justdeleteme.com is a helpful directory containing guides to removing accounts from countless online services and a rating on how hard it is to remove: ranging from “easy” to “impossible.”Another alternative is Account Killer.Hide yourselfIf you cannot delete online accounts outright and can only deactivate them, before you do, wipe as much content from them as possible. If the account is no longer relevant to you, consider changing the name and personal details connected to it, as well as removing or changing photos to generic alternatives.When it comes to active accounts such as on Facebook or Twitter, anonymity or aliases can help keep your digital and physical presence separate.It is against terms of service to not use your full, correct name, but it is still common practice for many to change their surname at the least to prevent work and personal accounts — and lives — from colliding.On Twitter, users will often choose aliases, and there is no reason why you can’t, too. Using profile pictures which do not show your face and names which do not directly correlate to you may help.Set up a second email account for junk

Another way to keep your digital footprint clean of debris is to separate online services between email accounts. If you need to provide an email address for a one-off purchase, for example, consider using a junk email address — which will quickly become full to the brim with promotional material but will keep marketing databases separate from your primary email address. For example, you could set up two Gmail accounts, one as a primary and one as a delegate for spam and potential junk.Use a Virtual Private Network (VPN)A VPN can mask your IP address and create a private tunnel between yourself and online services. This tunnel ensures that data and communication packets sent between a browser and server are encrypted, which in turn can prevent eavesdroppers from harvesting your information or tracking your online activity. There are services out there that are both subscription-based and free. It is generally better to sign up for a paid service if you can — no VPN service is truly ‘free’ given the cost to create and maintain the infrastructure required to route traffic. Therefore your data may be used or sold to third parties in return for VPN services. Also: The 4 best VPNs for travel: Gain serenity and security | What is a VPN and why do you need one? Everything you need to know | When your VPN is a matter of life or death, don’t rely on reviewsWhat about Tor?If you are inclined to further anonymize your footprint, consider using the Tor onion router network. The privacy-conscious activists use Tor, and those seeking a means to circumvent censorship barriers such as the Great Firewall of China. If you use the network to browse the Internet, anyone attempting to monitor you would be met with a series of nodes used to divert your encrypted traffic, making it very difficult to trace you back to an original IP address. Also: Tor Project battles Russian censorship through the courtsThe most permanent measureStarting from scratch may seem extreme, but it could be worth considering in some cases. The outright deletion of email accounts, social media, and e-commerce services won’t immediately destroy all data or search results connected to them, but it will, over time, make them less likely to appear. Just make sure that before you take this irrevocable step, you have backed up any data that you want to keep, such as irreplaceable photos you have uploaded to social media or document scans stashed away in your email inbox.

ZDNet Recommends More

Written by

Owen Hughes, Senior Editor

Owen Hughes
Senior Editor

Owen is a senior editor at ZDNet. Based in London, UK, Owen covers software development, IT workforce trends and the evolution of tech and work.

Full Bio

Image: Chris Pagan/Discover Manistique
The Upper Peninsula of Michigan is home to 30% of the county’s landmass, but just 3% of its population. Boasting dense technicolour forests dotted with waterfalls and surrounded by dazzling turquoise lakes, the Upper Peninsula (UP) lures explorers and lovers of the outdoors and is a world away from the noisy, kinetic streets of the Michigan capital of Detroit some 350 miles away.

When J.R. Cunningham arrived in the tiny rural town of Manistique in UP 13 years ago, it soon became apparent that he was something of a novelty in a town in which most of the workforce is employed in retail, manufacturing and the service industry. “When I got to Manistique, what I quickly realised was there were no IT people there – like, none,” Cunningham tells ZDNet.  “If you think about it, really the profession hadn’t existed. We didn’t even start using the term ‘cybersecurity’ until about 10 years ago. Before then we called it information security.”Cunningham has been working in cybersecurity for 25 years. Now the chief security officer (CSO) of managed security service provider Nuspire, Cunningham has spent much of his career trying to spread awareness of the cybersecurity profession and the opportunities it presents to young people.Downtown Manistique, MI.
Image: Discover Manistique
“When I started in the profession you could kind of hold the whole thing in the palm of your hand,” he says.”Today, if you say I want to be a cybersecurity practitioner, it’s really such a multifaceted career that you kind of have to match the part of the profession with what tickles your fancy and where your interests lie.”Cunningham moved to Manistique, MI with his family in 2009. His wife, an occupational therapist, specialises in small communities and children, meaning the town was “a natural fit”As the new curiosity in a town of fewer than 3,000 residents, Cunningham soon found himself being approached by people who were interested in what he did. “I can’t tell you how many people have sat at my dinner table and asked questions about the profession and then went on to, if not be a cybersecurity professional, at least go to school and get into IT,” he says.SEE: There’s a critical shortage of women in cybersecurity, and we need to do something about itOne of those kids was Josh Hentschell. Now senior security solutions engineer for Little Caesars Pizza in the Metro Detroit area, Hentschell discovered his passion for cybersecurity after being invited to shadow Cunningham when he was 16.”Growing up in Manistique in a very small town, there was really only one cybersecurity professional there, and that was J.R.,” Hentschell tells ZDNet. “He would set up client meetings and I would participate in the meetings. I wouldn’t say anything, I was just sitting there as a bystander, but it was really cool to watch him and get a feeling of how those things are done at that age.” Josh Hentschell, senior security solutions engineer at Little Caesars Pizza.
Image: Josh Hentschell
×josh-hentschell-headshot.jpgHentschell’s interest in cybersecurity blossomed from there. By the time he reached college age, Eastern Michigan University had launched an accredited information assurance degree – one of the first schools in the state to launch a dedicated cybersecurity programme – which Hentschell was referred to by one of his professors.”I started my freshman year in just a basic computer programming class,” he explains. “I did that for a year, but I still really wanted to do cybersecurity.”  “And so I basically packed up my bags and I moved downstate and I transferred to Eastern Michigan University, and then I went on and got my bachelor’s degree.” Without the mentoring he received from Cunningham, Hentschell is convinced he would never have discovered a path into cybersecurity. It’s a reflection of both the challenges and opportunities faced by communities that want to attract high-paying jobs but don’t always have access to the networks – or a resident CSO – to help make it happen. “In the State of Michigan alone, there are 7,000 to 8,0000 unfilled cybersecurity jobs,” says Doug Miller, who runs the Upper Peninsula Cybersecurity Institute (UPCI) at MNU. SEE: Remote-working jobs: These are the highest paying tech and management rolesThe university provides certification training to students through academic partnerships via Cisco, CompTIA and the EC-Council, and engages with high school and middle school students to help provide pathways into cybersecurity careers.   In January 2022, the UPCI was designated a Center of Academic Excellence in Cybersecurity (CAE-C) by the US National Security Agency (NSA). “I’m convinced that there are people out in those rural populations that can help us solve that problem, and fill those jobs, if we can provide the opportunities for education and training to them,” he says. Doug Miller runs the UPCI at Northern Michigan University.
Image: UPCI
Employers face a severe shortage of qualified IT and tech staff as companies increase their investments in digital innovation and shift on-premises infrastructure to the cloud. Yet organizations have traditionally focused their hiring efforts on the area in which their offices are located – typically major towns and cities – which limits their own recruitment efforts while also severely limiting employment opportunities for anyone who lives outside of metro areas. “Part of the challenge with the rural population is that we are a resource extraction-focused economy up here,” says Miller. “One of the only zinc mines in the United States is right down the road [and] we’re heavily invested in logging.” Miller stresses that there is nothing wrong with these jobs: on the contrary, they’re critical to the economy and are very much needed, “especially given the price of lumber nowadays.” “But there are other opportunities – not everyone wants to be a logger; not everyone wants to work in the mine,” he adds. “There are other jobs that are out there that are available.” Country life, city wageRemote working has encouraged tech companies to look beyond the walls of major cities for talent, meaning it’s also made it possible for people to get jobs in the tech industry without having to relocate. That’s a huge selling point for people who want to be part of the tech world without giving up their rural lifestyle, says Miller: “It’s a lifestyle out here of being outdoors – being able to ski and fish and mountain bike five minutes from your house.” Doug Miller is convinced people can enjoy a rural lifestyle while earning a big city wage, thanks to improved connectivity and remote hiring.
Image: Discover Manistique
Two of the biggest challenges for the region have been internet connectivity and the geographical dispersion of the population. Miller points out that rural economies don’t benefit from the same economies of scale as more populated regions. So, if there are only two students who want to take a cybersecurity class, it doesn’t make financial sense to hire a teacher to teach the subject. Remote learning, therefore, enables more students to participate in courses when they might not otherwise be able to, Miller adds. Back in 2017, MNU started an initiative called the Education Access Network, an internet service provided by Northern Michigan University that enables broadband access to educational resources across the Upper Peninsula. To date, the network has served more than 16,000 households spanning some 87 rural communities.In some of UPCI’s most recent cybersecurity courses, none of the students have been physically present, says Miller, and have instead been connecting in from “90, 100 miles away on the other side of the Peninsula.” “That ability to reach out and hold those classes virtually has been key in being able to reach those populations,” he adds. SEE: Cybersecurity training isn’t working. And hacking attacks are only getting worseReaching those populations could also enable tech companies to connect with talent they would have otherwise missed. With more companies looking at upskilling as a means to fill talent gaps, organizations are more accepting of candidates with less traditional tech backgrounds who can demonstrate transferrable core skills. Another major challenge facing cybersecurity is an apparent lack of interest – or at least, awareness – around the nature of the industry, and what a career in the cybersecurity professional can offer. This problem isn’t just limited to tech: research suggests that in the UK, fewer students are opting to take IT subjects at school and appear pessimistic or otherwise unsure of their capability to match the needs of employers in tech careers. A key part of this challenge comes down to messaging: educators and employers simply have to do a better job of demystifying the cybersecurity landscape and enabling students to engage with technology at a younger age. “One of the things we try to reinforce every time we’re with students in classes is that you do not have to be a technical expert,” says Miller who, as part of a UPCI initiative, is working with five school districts in Houghton, Michigan on a year-long planning effort for computer science and cybersecurity initiatives. Encouraging young people to take up cybersecurity careers is critical to solving skills shortages and getting more adults into skilled, well-paying jobs.
Image: UPCI
“Cybersecurity is a team sport,” he adds. “You need people that can programme; you need people that can solve problems; you need people that can communicate; you need people that have a lot of other skills besides the very technical ones and zeroes of trying to capture packets, or write some malicious code, or defend against malicious code.” Of course, a lack of teacher training is also an issue, particularly in more rural populations – again, looping back to the issue of economies of scale. Miller says that, while the schools UPCI is working with are committed to figuring out a way to bring cybersecurity courses into their schools, many simply don’t have the staffing resources to do so. “The struggle is that the teachers themselves have not been trained in a lot of these concepts,” he adds. Miller says the eventual goal is to ensure staff who are teaching cybersecurity courses are either certified or trained to more capacity: “We’re putting them through some of our certification courses, [and] we’re working with them on activities they can do with their students to help bridge that gap.”A life’s work In any case, it’s clear that educators and employers need to radically rethink how they engage with young people, and particularly those living in rural areas, if they hope to make any sort of meaningful progress in bridging the skills gap in cybersecurity, and tech more widely. Cunningham is convinced that the appetite is there – but the messaging needs to evolve first. “What I’ve come to learn is that there is so much talent that’s sitting out in rural North America,” he tells ZDNet.J.R. Cunningham, CSO at Nuspire.
Image: Nuspire
×businessattire-jrcunningham-square.jpg”The tech companies have not done justice to either the IT or security fields because they’ve gotten the reputation of, ‘they grind you into the dirt until you quit’. I don’t view it that way, I view it as a vocation. It’s a life’s work. It’s something that you actually wake up in the morning and put the badge on and go do your thing, and when you go to bed at night you feel pretty good that you made a difference in the world.”Hentschell agrees: “I would say that the cybersecurity field is a very challenging field, but also very rewarding. It’s also constantly changing, something that we need to keep up on, so you’re constantly learning new things every day,” he says. “There are so many cybersecurity jobs out there now that are unfulfilled. To me, if you’re really interested in the work, it doesn’t matter where you come from – you can do whatever you want to do, in whatever you set your mind to.”

More about remote work More

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a critical bug in F5’s Big-IP software that is being actively exploited. The network and application delivery firm on May 4 disclosed a critical authentication bypass affecting the iControl REST component in multiple versions of its Big-IP software. The bug, tagged as CVE-2022-1388, had a CVSSv3 severity score of 9.8 out of 10 in part because of its ease of exploitation. 

ZDNet Recommends

Within days of F5’s advisory, security researchers saw potential attackers scanning for vulnerable F5 system admin interfaces exposed on the internet.      SEE: Cloud computing security: New guidance aims to keep your data safe from cyberattacks and breachesRon Bowes at security company Rapid 7 expects exploitation attempts to increase because the bug is easy to exploit. Also, exploit code that provides root access to affected devices is publicly available.However, Bowes reckons there are only about 2,500 F5 BIG-IP devices exposed on the internet based on a shodan.io search.Affected organizations should patch the critical F5 Big-IP bug swiftly. Palo Alto Networks says that on Wednesday it observed over 2,500 scanning and active exploitation attempts within just 10 hours. “We observed this signature triggered 2,552 times between 4:47 and 14:00 UTC on May 10. We were able to analyze 2,151 packets that triggered the signature and observed both vulnerability scanning activity and active exploitation attempts,” the security firm’s Unit 42 group said.  CISA notes that F5 BIG-IP contains a missing authentication in critical function vulnerability that can allow for remote code execution, creation or deletion of files, or disabling services.The F5 bug is the only new addition this month to CISA’s Known Exploited Vulnerabilities Catalog. Federal civilian agencies are expected to apply the F5 patch by 31 May under CISA’s binding operational directive. However, it recommends organizations beyond the scope of the directive apply the patch too. In March, CISA ordered agencies to fix 95 and 66 bugs, many of them older bugs in what appeared to be a massive clean up effort. It added seven bugs in April and five more last week. More

A warning from international cybersecurity agencies has urged IT service providers and their customers to take action to protect themselves from the threat of supply chain attacks.  The cybersecurity agencies warn that Russia’s invasion of Ukraine has increased the risk of cyberattacks against organisations around the world. But they also suggest a number of actions that IT and cloud service providers, along with their customers, can take to protect networks from supply chain attacks, where attackers gain access to a company that provides software or services to many other companies.”As this advisory makes clear, malicious cyber actors continue to target managed service providers, which is why it’s critical that MSPs and their customers take recommended actions to protect their networks,” said Jen Easterly, director of US’s Cybersecurity and Infrastructure Security Agency (CISA). 

“We know that MSPs that are vulnerable to exploitation significantly increases downstream risks to the businesses and organisations they support. Securing MSPs are critical to our collective cyber defense, and CISA and our interagency and international partners are committed to hardening their security and improving the resilience of our global supply chain,” she added. SEE: A winning strategy for cybersecurity (ZDNet special report)The warning comes from the UK’s National Cyber Security Centre (NCSC), CISA, Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NZ NCSC), along with the National Security Agency (NSA), and Federal Bureau of Investigation (FBI). Steps that can be taken to prevent initial compromise include hardening remote access VPN solutions and defending against brute force password-spraying attacks by ensuring users use strong passwords and ensuring that accounts are defended with multi-factor authentication.  Organisations should also make sure they’re able to defend against phishing attacks by having appropriate tools in place to filter out spam emails, as well as educating staff on how to detect potentially malicious messages. It’s also vital for organisations to monitor their networks and ensure that that logging processes are recorded, as this can help to detect and disrupt suspicious activity and prevent an incident in the first place – as well as being able to build a story of what happened if attackers do breach the network. It’s recommended that logs are stored for at least six months, because some cyberattacks can take months to detect. Among other things, it’s also recommended that IT suppliers and their customers should apply security updates as soon as possible, in order to prevent potential intruders from being able to exploit known vulnerabilities to gain access to the network.  It’s also vital for suppliers and customers to be transparent about cyber risks and they should clearly define who is responsible for managing systems securely. For example, a customer should fully understand that applying security updates from a supplier is their responsibility and they could be at risk of cyberattacks if they don’t follow best-patching procedures. SEE: Cloud computing security: New guidance aims to keep your data safe from cyberattacks and breachesNot only are supply chain attacks a vital tool in cyber campaigns by hostile nation states, it’s also possible for cyber criminals to breach supply chains for the purposes of ransomware and other malware attacks because they know supply chains are such a vital part of the business ecosystem. “Managed service providers are vital to many businesses and, as a result, a major target for malicious cyber actors,” said Abigail Bradshaw, head of the Australian Cyber Security Centre. “These actors use them as launch pads to breach their customers’ networks, which we see are often compromised through ransomware attacks, business email compromises and other methods. Effective steps can be taken to harden their own networks and to protect their client information,” she added. The advice was issued on the second day of the NCSC’s Cyber UK conference, where several senior figures from the cybersecurity agencies have met to discuss the threat of global cyber threats. “We are committed to further strengthening the UK’s resilience, and our work with international partners is a vital part of that,” said Lindy Cameron, CEO of the NCSC. “Our joint advisory with international partners is aimed at raising organisations’ awareness of the growing threat of supply chain attacks and the steps they can take to reduce their risk.” MORE ON CYBERSECURITY More

Elon Musk has said that Russian attempts to jam or otherwise hack the Starlink satellite communications network have been thwarted so far, but these efforts continue – and are ramping up. The Starlink and Tesla chief was responding to a news story about how the European Union and the US with its Five Eyes partners were blaming the Russian military for a cyberattack on Viasat’s KA-SAT network earlier this year. 

Networking

The attack occurred on February 24, one hour before Russian military invaded Ukraine. It caused communication outages across public authorities, businesses and users in Ukraine, and also affected users in several EU member states, the EU said in its statement.SEE: What is ransomware? Everything you need to know about one of the biggest menaces on the webViasat last month confirmed modem-wiping malware knocked out very small-aperture terminals (VSAT) on Viasat’s fixed broadband service in Ukraine and parts of Europe connected to its KA-SAT satellite network. Posting a link to a story about the Viasat attack, Musk noted on Twitter: “Starlink has resisted Russian cyberwar jamming & hacking attempts so far, but they’re ramping up their efforts.”After Russia’s invasion of Ukraine damaged the country’s internet infrastructure, Ukraine’s vice prime minister and minister of digital transformation Mykhailo Fedorov requested help from Musk, who responded by sending Starlink terminals to the country, and has faced attempts to jam or hack the network since.Earlier this month, Fedorov said there were around 150,000 active users of Starlink per day in the country. “This is crucial support for Ukraine’s infrastructure and restoring the destroyed territories,” he said.Satellite communication has become a key tool, but also a key target for hacking attacks. The National Security Agency (NSA) has updated its advice for satellite operators and their customers to protect networks from cyberattacks for espionage and disruption.”The recent U.S. and European Union public statements noted the Russian military launched cyberattacks against commercial satellite communications to disrupt Ukrainian command and control in February 2022,” the NSA said on Tuesday. “This cyber activity against Ukraine further underscores the risk to VSAT communications for both espionage and disruption.”A month before Viasat’s multi-day outage in Europe, the NSA released recommendations, aimed at US government agencies, to protect VSAT communications because they often aren’t encrypted in transit. The NSA warned that VSAT’s virtual network separation “cannot be trusted to provide access control, separation, or confidentiality of sensitive information” and recommended the use of VPNs for confidential VSAT communications.The updated advisory from the NSA remains largely the same but includes a new passage acknowledging EU and US attribution to Russian military attacks on VSATs. “According to a recent U.S. and European Union statements, the Russian military launched cyber attacks in late February against commercial satellite communications networks to disrupt Ukrainian command and control during the invasion, and those actions had spillover impacts into other European countries.”  The activity disabled VSATs in Ukraine and across Europe, including tens of thousands of terminals outside of Ukraine that, among other things, support wind turbines and provide internet services to private citizens, it adds.  It is extremely rare for the EU to attribute a cyberattack to a third nation. However, it has applied EU-wide sanctions to individuals in North Korea, Russia and China for their roles in past cyberattacks on European countries, albeit several years after attacks like WannaCry and NotPetya took place.SEE: These are the problems that cause headaches for bug bounty huntersAs foreign policy think tank German Institute for International and Security Affairs (SWP) highlighted in a study of recent cyberattacks, that attribution at the EU level is difficult, partly because only some EU member nations – such as Sweden, the Netherlands, Estonia, Austria, France and Ger­many – have the technical capability or political will to do so. Also, under the guidelines of the EU’s 2017 cyber diplomacy toolbox, the EU has refrained from attributing cyberattacks to third states because it is a sovereign political decision for each member state. SWP looked at several recent cyberattacks, including WannaCry and NotPetya from 2017, Operation Cloud Hopper in 2016, the 2015 Bundestag hack, and the 2018 attack on the Organization for the Prohibition of Chemical Weapons. “While the Five Eyes intelligence alliance (con­sisting of the US, the UK, Canada, Australia and New Zealand) coordinates its attribution and public naming and shaming in a manner which has a high media impact, the coordination processes in the EU 27 are naturally slower: months, if not years, pass between a cyber incident and the implementation of sanctions,” SWP argued.The EU said the Russian military attack on Viasat’s network was “contrary to the expectations set by all UN Member States, including the Russian Federation, of responsible State behaviour and the intentions of States in cyberspace.” More