With a world growing increasingly more digital, cyber crimes are more prevalent than ever. Lately, hacking and phishing attempts have been especially aggressive and dangerous, which is why it is more important than ever to protect your personnel and business from cyber crimes.
Cyber-attacks, also known as hacking, reveal and exploit weaknesses in software. These weaknesses can lead to anything from a malfunctioning computer to a loss of user identity and confidential business accounts.
The most recent threat has been WannaCry, a ransomware virus that locks files on a computer until the user pays a ransom. It self-spreads on a local PC and can even move itself into other unpatched PCs in the same network. In this instance, hackers are taking advantage of a SMBv1 vulnerability in Windows (based on an attack developed by the NSA, code-named ETERNALBLUE, that was leaked by a group called TheShadowBrokers) and are using it to gain ransoms. It’s even spread to hospital and airport systems around the world.
Phishing is a method of hacking that uses false links and documents in emails. Usually, these types of emails are filtered to spam or obviously “not right,” but the most recent phishing can be difficult to detect.
In the latest attack, hackers compromise a user’s Gmail account. Then, they are able to sift through a user’s emails and send Google Docs containing malicious links to various contacts. To the receiver, the email looks like a normal Google Doc from a colleague, but get pulled into the malicious cycle when they sign in to view the document. In the process, hackers receive access to all files and accounts connected to the Gmail account and continue to spread the attack.
While these attacks can be unnerving, there are a few things you can do to protect yourself and your business from these cyber-attacks.
Educate your employees and coworkers about the danger of phishing and what a phishing email would typically look like.
Educate employees and coworkers on what a typical ransomware attack looks like and how to avoid or stop them.
This is an example from the WannaCry ransomware:
Do not reuse passwords across multiple websites. If hackers gain access to one of your accounts and all other accounts have the same password, then they’ve gained access to everything. Try using secure password services like LastPass or Dashline to organize and protect your passwords.
Update and patch your operating system frequently. Make sure auto-updates are turned on and don’t ignore the alert telling you it’s time to update.
Restrict/safeguard key computers that are used for confidential data entry, like accounting, to prevent CEO Fraud type attacks and losses.
Enable 2-Factor Authentication on any of your accounts that offer it (All social media accounts, bank accounts, work email, etc.) By having two-factor authentication, hackers will be unable to access your account without a second form of authentication.
The only way to protect yourself against cyber crimes is to actively fight against them. Share this blog with your friends, family, coworkers and employees to get started.