Cyber breaches are becoming a daily occurrence. Whether you are part of a large company, small company, governmental unit, or using your home computer or mobile device, you are at risk if you don’t take proper precautions to secure your systems. What are the risks and what should be done?
Getting a virus by clicking on an infected email attachment or visiting a compromised website can let a hacker access your account, take over your computer, even encrypt your files, in effect holding them hostage. Hackers have targeted not only victims who can afford paying larger ransoms, such as hospitals and others in the medical industry, but also individuals and businesses of all sizes.
A compromised email account can lead to identity theft. The hacker can send out email from your account, request money be transferred, or reset passwords and take over any account connected to that email account. CEO spoofing has lead to millions in unauthorized money transfers as well as theft of employee and customer data.
Adware, spyware and other malicious software (malware) can also slow down your computer, change your home page or search settings, and redirect your web surfing, possibly resulting in a more serious problem. Compromised ads have been linked to ransomware infections in addition to hackers being able to remotely controlling computer systems.
Users need to be educated to be on the lookout for cyber threats. Beware of spoofed emails which will try to get them to open a virus-infected attachment or click on a link to a malicious website. Only install programs and updates from trusted sources. Even the best security precautions cannot prevent a careless user from causing serious damage.
Backups need to be done on a regular basis. A copy should be kept locally as well as remotely. Off site backups are important because ransomware can infect USB and network attached drives. If a machine becomes compromised, it should be immediately disconnected from the network to prevent other machines or your network storage drives from being infected.
Security measures including anti-virus, anti-malware, firewall, intrusion detection and prevention software needs to be installed, updated and monitored on a regular basis. E-mail filtering needs to be done to block spam and virus infected emails from reaching end-users. Mobile devices also need security software installed.
Operating system and other software updates also need to be done on a regular basis. Unpatched systems might contain a security vulnerability or “hole” that can provide hackers and virus writers with access to your computer.
Passwords need to be changed on a regular basis. Password cracking programs can guess any word, including slang and obscene words. Use a mixture of small and capital letters, numbers and special characters. Longer passwords are much harder to compromise. Three letters, three numbers and the shift key can result in an easy to remember 12 character password.
Being vigilant and taking the proper precautions can significantly reduce the chance of being a victim of cyber related problem.
Curt Esser is the owner of Esser Consulting LLC, a BBB Accredited Business specializing in Computer Consulting, Internet Security and Privacy. He is also a contributor for PatchMyPC, a free, easy-to-use program that keeps over 100 programs up-to-date on your computer. He can be reached at (920) 735-1806 or cesser@esserconsulting.com.
(This article was originally published in the October 2016 WI Better Business Bureau newsletter for Cyber Security Month.)