Cyber-Attacks: becoming the norm?
“Millions milked from UK bank accounts in 'Dridex' malware cyber attacks’”
“Talk Talk cyber-attack: Website hit by 'significant' breach”
Uproar in the cyber world seems to be amplifying and inhabiting the news headlines. Cyber-attacks are evidently increasing and gaining a prominent reputation with businesses today.
Amazon Prime is currently showing the acclaimed hacker drama Mr Robot in the UK with its realistic depiction of a world of digital vulnerability. Being vulnerable is the new cyber-fear in the real world too. And Mr Robot has grabbed attention for its compelling and accurate portrayal of cyber-crime.
But what can we exactly consider as a ‘cyber-attack’? – Anything that has to do with stealing of information that is not rightfully yours and/or intentionally exploiting computer networks and systems of any enterprise.
Think ‘Edward Snowden’. This individual, you could undoubtedly say, managed to successfully achieve one of the most notorious cyber-attacks in history leaking secrets the US government and exposing them to the world.
The 2011 Sony attack, another example of how a major enterprise managed to allow itself to be assailed by cyber hackers, causing 77 million PlayStation accounts, credit and debit cards information to be accessed and embezzled. Even while Sony tried to fix the problem, the hackers continued to log on and rob gamers. Let’s get more recent and perhaps more closely to home – a few weeks ago, the headline read ‘Millions milked from UK bank accounts in 'Dridex' malware cyber attacks’, where £20 million was recorded to have been stolen from UK bank accounts.
We, as everyday Internet users are being given warnings that we are all targets to this ‘Dridex’ malware pandemonium. This virus is essentially keeping an open door for the hackers to access all your bank details simply through a click of an email that may seem legitimate and from your ‘trusted’ bank or other establishments. This form of attacking is known in the cyber world as ‘phishing’ – moral of the story, never open any email that you are not sure of or that looks a bit ‘phishy’!
Then, more recently, Talk Talk was heavily hacked. One of the reasons customers were prone to being hacked, as per Talk Talk themselves – some of the data was not encrypted.
The fact of the matter is, whether your business is big, medium or small we are all susceptible to being attacked by these cyber assailants.
Let’s face it, we live in a digital world, wherein soon enough anything and everything around us is expected to become ‘smart’ and ‘connected’, essentially the phase ‘ The Internet of Things’.
Online theft is increasing. As per The Office for National Statistics (ONS), a survey for England and Wales estimated incidents of online crime to be GBP 6.8 million, this year alone (IT Governance, 2015).
The main concern here is how to solve this issue.
Firstly we have to admit, we allow this to happen to us – Human error enables hackers.
Granted that most things are really out of our control, especially over the Internet, it’s a wonder why most organisations have not implemented at least the basic of security measures to prevent such happenings.
Some guidance as to how we can prevent cyber-attacks:
- Use a secure and unique password AND try to use different passwords for the tens of thousands of accounts we tend to have Usually the tricky part is deciding what to put as your password – something personal would be ideal. Include numbers, special characters, make it long. If you still find it distressing, try using a password manager or for Apple users, keychain. These software make it easier to keep all your passwords intact and secure. Password managers can also generate passwords for you if needed. A word of advice: using the same password for your personal accounts and work accounts is not the smartest of ideas. If one is at risk – all are at risk.
- Business wise – Apply strict administration access and password policies
- Software updates – They pop up on our screens, not to annoy us but to protect us – security bug fixing, security vulnerability fixing and so on
- Software programs designed for protecting your information – definitely worth investing in – malware, spyware, anti-virus and firewall
- Encrypt your data – Talk Talk … need I say more?
- Execute audits regularly
- Train your employees on how to best secure their documents and company information – it is very important to train your employees and to make them aware of what could be hazardous to the company
- When accessing a website, look out for that little padlock icon. This confirms that the page uses SSL protocol which means that the all information you input is secure
- Use pop-up blockers
- Don’t open suspicious emails
- And lastly, backup!
Back up on an offline storage device is imperative for every company and individual – let’s say a hacker is successful in taking all your valuable information from the Internet, having a backup enables you to at least retrieve what you lost.
It all seems so quick and simple – yet we still find ourselves saying ‘I’ll do it later’.
Surely we cannot stop cyber-attacks but we can deter them. Hackers will go for the easier target. While governments attempt to solve their issues let’s, in the least, try to prevent ours.