Prepare for attack – find out how to empower your business to outwit the latest cybercriminals
Last Friday’s ‘cyber apocalypse’ once again proved that large scale cyber-attacks are not simply the stuff of Hollywood movies but they are an increasing threat to businesses across the globe. Chris Girdlestone, managing director of HUT42 – a cutting edge software development company – advises companies to prioritise cyber protection now rather than later.
A harsh reality check arrived on Friday when cybercriminals disabled computer files across more than 150 countries, preventing users from accessing vital information - effectively holding their data to ransom.
Patients’ records and administrative systems temporarily seemed to disappear into thin air causing disruption and delaying operations in 47 health trusts across the UK.
As data breaches of major companies such as Microsoft, AOL and eBay continue to surface, cybersecurity incidents are growing in frequency, size and cost – it is no longer a question of if but when.
A recent Government survey revealed that two-thirds of large UK businesses were hit by a cyber-breach in 2016 and only half of those firms subsequently adopted recommendations to identify and address vulnerabilities.
“The UK is a world-leading digital economy and this Government has made cybersecurity a top priority. Too many firms are losing money, data and consumer confidence with the vast number of cyber-attacks. It’s absolutely crucial businesses are secure and can protect data.”
Ed Vaizey - Digital Economy Minister
But it is not only the large corporations which are under attack – but the 2016 survey also revealed that smaller businesses of less than 100 employees were particularly vulnerable.
It is, therefore, becoming increasingly vital to protect your company from cyber-attack and to follow these initial steps:
--> Knowledge is power - ensure you understand the evolving risks and the terms. It is important to understand how hackers gain entry and be aware of the different types of cyber fraud schemes and common threats; from phishing and spoofing, social engineering, malware, and systems hacking.
--> Develop a security policy which involves all employees - they are the gatekeepers to your company’s information and ensure that employees are aware of the warning signs to a suspected take over.
--> Prepare and drill an incident response plan - so that all employees know exactly what to do when they discover a direct threat.
--> Install an up-to-date anti-virus programme - specifically one which can help to prevent ransomware and other malware from infecting your computer.
--> Carry out a full scan - this will locate any malware which may have already found its way onto your computer system.
--> Regularly apply software updates - Apple, Google, and Microsoft typically include security bug fixes and patches.
--> Back up important data onto an external hard drive – your company cannot be held to ransom if it also stores data somewhere else.
--> Use strong passwords and don’t use them for multiple services - this could leave your entire digital footprint vulnerable to attack.
--> Enable two-factor authentication - many services, including Google, offer two-factor authentication for logging into an account. Instead of simply entering a username and password to log in, you enter a code sent to your smartphone to verify your identity.
--> Exercise caution when opening emails - don't click on any attachments or links from an unknown sender.
--> Carefully read the permissions/app publisher before installing apps - particularly the Google Play store unverified apps is one of the most prominent ways in which hackers can gain access to your personal information.
--> Make sure a website is secure before you enter personal information - Look for the little padlock symbol in front of the web address in the URL bar and also make sure the web address starts with the prefix https://.
--> Don't send personal data via email - Sending critical information such as credit card numbers or bank account numbers puts it at risk of being intercepted.
--> Keep an eye out for phishing scams - a phishing scam is an email or website that's designed to steal from you. Oftentimes, a hacker will use this email or website to install malicious software onto your computer.
For further advice on preventing a cyber-attack or to find out more about disaster recovery plans contact HUT42 on 01553 970034.