Educating users on how to identify and protect against security threats is essential for businesses. Kyle Carter, Systems Architect and Senior Systems Engineer at IT Partners, offers top tips on how to lower your risk against security threats.
In the beginning
Years ago, people would ask us ‘why do viruses and malware exist?’. Our answer was simple. ‘Some people have too much time on their hands.’
Ask the same question today and the answer is ‘money’. Why?
Viruses used to be a mere nuisance. Virus writers wanted notoriety and fame, they wanted acknowledgement for appearing smarter than those who developed the software. But over the years, the viruses being written have become more sinister.
Today, viruses have developed into ransomware. Writers are now using viruses to hold users to ransom in return for stolen data. The writers hope the data they steal is important enough that you will pay to get it back and that a threat of displaying it for the world to see is incentive enough for you to respond.
A day in the life of a hacker*
The rapid development of security threats has meant businesses need to get smarter and savvier. This begins by understanding the mind of a hacker.
While the following example is fictional, it gives you an insight into how a hacker operates and the implications such activity can have on your business.
7am: Get ready for work
Hacking is no longer performed in a bedroom or basement. Hackers are often organisations funded by organised crime syndicates with teams as big as those of the security companies attempting to keep people like you and me, free from attacks.
9am: Check in with the boss
While there are still solo/activist type hackers, a large percentage of hacking attempts are created and run like a business.
11am: Track KPIs
Hackers will have measurable targets such as infection rates, success rates or some other conversion to determine their success. These can influence how much they are paid.
12noon: Conduct research
These hackers are checking your websites, LinkedIn profiles, Facebook pages and pulling any piece of information they can to make their hack seem legitimate. For example, if they see you are on holiday, they’ll make the email appear as though it’s from a holiday destination.
3pm: Invest in development
The latest round of attacks is being developed as you read this, and the one after that, and the one after that. Does your business have a continuous improvement mindset? So do the hackers.
Yes, these people have structured companies with multi-tiered management and levels of expertise. They treat it like a business and as soon as their returns aren’t looking favourable they will be onto the next version of their attack.
4:30pm: Schedule emails to be sent
From information collected during the day, the attack emails will be created and scheduled. The timing of sending the emails is likely to be strategic, close to the business hours of your time zone, potentially at the beginning or end of the day when you are more likely to want to complete tasks quickly, or are fatigued and not thinking clearly.
5 top tips to lower your risk
As with any protection, the greater the deterrent the less likely the hacker will be to target your business. Instead they will go in search for easier prey. To help lower your risk, at IT Partners we recommend the following five actions to help reduce your risk of being attacked:
- Change your mindset – We need to stop thinking of viruses and attacks on companies as being simple to detect and the same all the time. This is big business, well-funded and forever developing.
- Accept their intelligence – These are highly intelligent people with highly sophisticated systems. We need to be smarter in our detection of their hacking attempts.
- Consider your online presence – This is a balancing act in business as there are many benefits to having an active online presence. However, consideration of who you are sharing specific information with, and in what platform, is something to think about.
- Have robust in-house processes – Review these regularly. This could be anything from how you authorise and prepare documentation around transferring funds, to what information you choose to put online.
Start by asking the following questions:
- What is your process for entering and approving invoices from an unknown supplier?
- What rules does your business have for paying of invoices?
- Are original invoices required and validated by suppliers or staff?
- Are large payments verified by multiple staff prior to payment?
- How does a new payment recipient get set up, who verifies account information and validates any account changes?
- What are your rules around creating and changing passwords?
- Do you use 2 factor-authentication if it is available?
- Educate your users – Make sure you and your team are aware of how an attack might present itself. If you are uncertain about any emails, err on the side of caution.
- Is the email address authentic? The name can look legitimate but when you look a little closer and investigate the full email address, you’ll notice some oddities. Often, they will use a number to replace one letter in an email address that would normally either be familiar to you, or change the extension i.e. .com, .org
- What is the intent of the email? Is there any pressure being applied to make a quick decision outside of normal process that seems unwarranted or sudden?
- USB drives can hold viruses that could infect your whole system. Make sure you know the source of any USB drive, and what is on it.
- Pick up the phone. If you have the slightest uncertainty, pick up the phone and talk to the sender, or call us.
- Run education around security for your users. These can be done in the form of dummy attacks arranged by us.
Security support from IT Partners
At IT Partners, we provide network security solutions to help protect our clients’ intelligence. We can tailor a bespoke security solution for you, encompassing elements including Firewalls, VPN support, web access monitoring and vulnerability assessments.
If you are concerned about security threats to your system we can set up random dummy attacks to help educate your users. If your users click on the dummy link, we are sent a report with the user’s information which we can talk through.
If you have any suspicious emails, we can help you work out whether they are legitimate or not. Our clients’ security is very important to us.
* The term ‘hacker’ in this blog is used in a broad term to cover all individuals who attempt to extort money, information or perform malicious attacks against a company or individual.