Experts continue to warn of the ever-present threat of cyber attacks, particularly malware and ransomware, in the wake of the unprecedented attack that saw 150 countries targeted. Many SMEs fail to see how such large-scale attacks can impact on them, but as Matt Webb, Group Head of Cyber at Hiscox commented, ‘Hackers are incredibly crafty at exploiting vulnerabilities.’
With this in mind, we look at ways to mitigate these potential vulnerabilities.
Update your computers
The current malware attack exploited a vulnerability in Microsoft’s older systems such as Windows XP. Microsoft has released a patch update for these systems which you can download here. You can check for updates in your computer settings tab.
Passwords should be a combination of capital letters, numbers and symbols and be changed every 2-3months. If you struggle to remember random combinations try taking a memorable word and making it up out of characters – e.g ‘Wimbledon’ could become ‘W1mB!3d0n’. Never write passwords down or share them with other users.
Data loss is not always malicious and can come from human error, such as if your laptop or smartphone is stolen. When you are out and about make sure you keep your devices on your person at all times and back up your files so they can be safely retrieved if they’re lost or stolen.
Keep your staff up-to-date and provide clear and thorough training on what to do if they receive a suspicious email, (not to click links, how they should handle data etc). You could test your staff’s knowledge by sending out a controlled email of your own and see who clicks on it.
Open or public WiFi connections give hackers the perfect opportunity to access your personal information. You should never login to your bank account or shop online on an open network or a computer that is not your own personal device. Remember to keep your own WiFi password protected using the tips above.
A method favoured by scammers, social engineering exploits the trust of business employees in order to gather information or gain access. Don’t be afraid to verify who you are in contact with or say no to requests for information from outside your organisation.
Protect your system
Did you know most banks will offer you free security software for your personal devices? Simply search their website for security software to see what they offer and where you can download it. Businesses can access a range of paid solutions from anti-virus, anti-spam and firewall software.
Make sure your files are backed up and any sensitive data is encrypted and password protected. Cloud services allow you to store all your files on the internet, saving space and potentially money. Make sure you check the provider’s credentials beforehand.
Emails are not the only way to spread a virus. USBs, flash drives and other external devices can all infect your computers. Make sure you know what you are putting into your machine and where it has come from.
Phishing, SMS phishing and Apps
Most people are aware of what phishing emails are but did you know that SMS messages carry the same threat? If you receive a suspicious text, asking for information or to click a link, call the company direct and ask if you are unsure. If it’s a scam they will be glad to know about it.
You should take the same precautions when downloading apps to your smart devices and only get them from verified outlets such as iTunes or Google Play.
If you have any questions about cyber threats or security, speak to one of the team at Hinks on 01482 323424 or email firstname.lastname@example.org.