Cyber

Let’s face it, there’s no escaping the computers. They’re everywhere and becoming more and more integrated. While we don’t quite need them to make toast yet, I’m pretty sure that day’s coming. All that aside, a few basic steps can help manage the impacts of severe weather on computers.

Having communications during during and after a disaster saves a great deal of challenges. Much more so than just being able to summon assistance. Having access to information reduces uncertainty–like being able to see how long the storm is likely to last, see alerts, etc. It also gives you a method of communicating with friends and family that may be checking up on you. It may be how you get alerts about changing situations.

What We are Looking At

This is where things get a bit more interesting. Severe weather can wipe out infrastructure in the area, making it more difficult to use your system. The other thing that could happen is that a may cyber-related incident could disrupt things. We’re not really looking at the source of the problem here–just that things stopped.

Keeping it Simple

Your computer needs four things to work. It requires a stable source of power. I say a stable source because computers are sensitive pieces of electronics and they can be affected by too much voltage (surges), not enough voltage (brown outs), power frequency, and some other issues. Second, it needs a signal carrying data from the wider network to the computer (unless you run it just as a box on the desk). This represents how information gets to your computer to process. It can be wave-based (like wireless home services, etc.), through physical connections (phone or cable), etc. Third, software or the tools that you will use to handle data. Finally, you need the data itself. For those working in the industry, I know this is a gross oversimplification.

A general block diagram of a computer hooked up to power and internet services in a home.

What we Control

Recognizing what you control and what you can influence represents the first key step. You control your data, your software, and your power. You don’t control the signal.

Power

Consider having something called an Uninterruptible Power Supply (UPS) for your computer, monitor, modem/router, and (if you have one), switch. This provides a limited (minutes to hours depending on what you buy) backup so that your computer can shut down properly or even run for a short period of time. Behind this, consider a backup power supply but if you’re using generators, make sure that there’s some form of surge protection between the generator and sensitive equipment.

The reason that no surge protection appears next to the computer is because many UPS’ have surge protection built into them. If you are not using a UPS, however, you should give serious consideration to having a good surge protector (over 15000J).

Signal

This is only partly in your control. What you do control is being able to have an alternate source of signal. Within the resources, there is a guide on how to use your smart phone as a “hotspot” that will connect you. Be careful to (1) secure the connection and (2) talk to the provider and be aware of how much data you can actually use as it can get expensive if you make a mistake.

Software

Two things are important here. First, backup your computer from time to time (full backup) onto a removable drive. Always deep a couple of versions of the backup. You will lose some of the things you were doing–basically between the time you backed up the computer to when it failed. Also, if you have purchased software, keep a copy of the software key in case you need to reinstall it.

As an aside, watch out for “unsupported” software. Eventually software gets old enough that suppliers no longer provide patches or maintenance for it. Watch out for software that falls into this category.

Data

This is basically the things you were working on. It could be anything from game files to your personal tax record information. Two things need to be said here. We are looking at a disruption of services. There are advantages to storing things “in the cloud” if you need to access them and if you have decent security protecting them. We are dealing with a disruption of services and if the internet connection is lost, so is your ability to get to your data. Backing up data to a removable drive or storing a copy to a removable drive can be useful.

About Identification and Authentication

Getting access to certain services often uses what is called multi-factor authentication (MFA).By using more than the simple username and password combination, there are less changes that someone can impersonate you. Some things to consider:

  • Use strong passphrases. Strong passwords use a relatively long combination of (often random) letters, cases, numbers, and symbols. They are great if you remember them of if you have a reliable and secure password manager. A passphrase is a sentence that can incorporate cases, numbers, and symbols. Because it means something to you, the chances are you’ll remember it better.
  • Alternate methods: When you set up your MFA (multi-factor authentication), set it up so that there are three options (usually telephone, SMS, and email). If one of the services associated with these goes down, you have two other ways to complete the login. Don’t just rely on one method because if it’s disrupted, you could face challenges getting in.

Patches and Updates

This is about security and keeping things up and running. These can be set up so that they are downloaded and installed automatically. While there are always some risks to changing a system, these updates are often important. If you are using a Windows-based system, you can usually find this through the “Update and Security” section when you open the settings.

Protecting Data

This has two parts: “at rest” and “in transit.”

When looking at data “in transit” you are protecting your data not only against disclosure but may also be protecting the connection. For websites, look for a little lock next to the address bar and “https” instead of “http.” Most computers will even warn if you’re going to a questionable site.

The second aspect of data in transit involves using something called a Virtual Private Network (VPN). These can be set up for both computers and phones but you should be careful to look at subscriptions costs and the like.

For your “data at rest”, consider a two step approach. The first involves using a firewall that blocks malicious people from sending harmful things or getting access to the system. There are several good subscriptions that can be used that will protect several devices. The firewall may act as a good dam or wall against the rush of stuff trying to get access, but it’s really just one part of the picture.

In the off chance that your firewall gets breached, then the next step is encryption. Set up secure folders that have good encryption for any personal information and the like.

Then ultimately having a copy of your data backed up and off-line (i.e., not connected to your computer in any way like being on a USB drive) might help.

Routine

Threats will vary depending on the event. For severe storms (wind), the issue is likely to involve power surges and the like. If there’s significant rainfall, then you need to consider not just surges but also flooding (meaning move the computer to higher ground). In a widespread cyber attack, it’s likely to be a loss of the services you usually use and potential the infection of your own devices (meaning firewalls, keeping up to date, and backing up data).

Smart Phones

Treat your smart phone like a computer. It pretty much is. Consider most of the guidance here with two important additions:

  • Careful about your connections: Open (unprotected) and free Wifi looks great but it tends to attract some of the wrong crowd. Personally, unless you’re using your own VPN and your device is well protected, I would avoid them.
  • Suspicious Communications: This can range from connection requests in social media right through to suspect emails. It also applies to applications ranging from those more social / community-based social media applications to things that are more professionally-focussed. It doesn’t matter. If you don’t know the person who’s trying to connect with you or reach you, be very cautious about accepting anything, including making a connection in your profile.

Scams, Trolls, and the Like

For some reason, some people tend to find these kinds of events to be a good time to prey upon the unsuspecting or the vulnerable. During severe weather events, the response phase, or the recovery phase, only use trusted and official sources for anything important. A third party service offering to help you fill out your claim and just needs your credit card authorization should be looked on as most likely a scam.

Last Points

I have left the comments section open for this page for those that have more guidance and advice for folks. That being said, all comments are moderated before they are posted and the rules are simple: no advertising and be constructive. Remember, the focus of this whole site is helping out people so keep it in line with that.

Everything here is just a suggestion and while you may want to consider it, the information here should not be considered a checklist or an absolute guarantee that everything will be perfect. Every event has its nuances and there are likely additional things you can do or things you can do differently that may improve your situation. Consider it a source of information to give you a starting point but not necessarily the whole answer.

Leave a Reply

Your email address will not be published. Required fields are marked *