Cyberattacks: Tips to Avoid Becoming the Next Victim
Subscriber Benefit
As a subscriber you can listen to articles at work, in the car, or while you work out. Subscribe NowData breaches at Eskenazi Health and the Indiana Department of Public Health in August made headlines and impacted thousands of Hoosiers. These incidents reveal the venerability of organization’s data. As hackers work to stay a step ahead of security systems, what can you do to prevent cyberattacks?
Company size does not matter. Hackers are always lurking and trying to figure out the next scheme to access data and information stored in business systems and personal computers. Around the world, teams of cyber specialists fight virtual attackers daily. Fortune 500 companies continuously tighten user protocols to keep data and information safe. Small- and mid-size business owners along with non-profit leaders are not immune. They too have professionals and partners who help them stay a step ahead of data thieves.
The first line of defense for an organization is understanding how hackers work, what they’re after and how to prevent them from getting access. Why? Because businesses have a responsibility to protect data stored within their systems. Think employee records, customer information, propriety ideas and more.
If you think it can’t happen to you consider these stats. In 2020, the number of data breaches in the United States totaled 1,001 cases. Over 155.8 million individuals were affected with the accidental revelation of sensitive information due to less-than-adequate information security. Nearly 44% of attacks in 2019 were business related followed by medical (nearly 36%), banking (7.3%), government (6%) and education (8%).
This has been happening for decades. In 2016, Yahoo announced hackers stole user information in 2013 that was associated with at least one billion accounts. Sony was attacked in 2014 and a trove of hypersensitive internal information was released, including internal emails where executives and movie stars openly talked about and disparaged others.
Hackers look for the venerable
According to statistics from a CompTIA study cited by shrm.org, “Human error accounts for 52 percent of the root causes of security breaches.” There are typically two factors at play: insecure infrastructure and weak passwords.
In larger businesses desktop protocol systems are now the norm. Unfortunately, when system “doors” are left open hackers can easily access an organization’s data and information. It’s the most common way a hacker gets into a business’ computer system. Imagine leaving your house unlocked while you’re on vacation. Thieves walk in and go through all of your stuff. Maybe a safe is locked but the keypad password is easy; it’s your house number. That’s what happens in a cyberattack.
Once a thief is in an IT system, they look for easy passwords to unlock. In some cases, they just want legitimate emails to spoof and send out spam or phish (read on for more on phishing). In other cases, they can access customer’s credit cards, personal information, addresses and more. And worse case, they take an organization’s system ransom and demand money to release the information. It’s big business. Believe it or not there are call centers where people accept payment to free locked IT systems.
Think before that mouse click
The most common cyberattacks relate to phishing schemes. We’ve all gotten the emails that look somewhat legit, but maybe not really. These scammers rely on social networking data to try to get users to click through. Chances are you’ve gotten one or many of these emails. We get them in our office every day.
- An email from an alleged bank asking you to reset a password.
- A message from a financial institution with a statement attached.
- An email password update request.
Advice: if it looks fishy, chances are it’s someone phishing. Don’t click or open it. If you think it could be legitimate, use your login through a web browser to see if there’s an issue with an account or call the organization that allegedly sent the email request to validate it.
In today’s high-tech world, the most secure computer is one that’s turned off and unplugged. But that’s not a reality. Staying a step ahead of the people who continue to engineer all of the ways to get into a computer is more important than ever.
- Button up passwords. Add characters to the beginning end and middle. Don’t make your password, password. Simply adding an ! isn’t enough anymore.
- Run virus protection scans. Legitimate systems catch malware and viruses quickly and remove them before ransom ware or data theft.
- Trash junk. Delete junk mail weekly, for good. Using the shift-delete key completely removes junk from your system.
- Have a trusted advisor. A good managed services team delivers professionals that you can call to ask questions before becoming the next cyberattack victim.
Aaron Toops is co-founder and CEO of AERIFY.oi, managed services IT business that makes technology simple, safe, and fast. The team leverages the Cloud to allow small to mid-business teams affordable access to their information from whatever device at whatever time they need.