There’s no doubt that cybercrime is big business, with a recent study by Dr. Michael McGuire revealing that cybercrime revenues total an estimated $1.5 trillion annually. Considering these numbers, it’s no surprise that incidents of cybercrime are on the rise across the globe, including in Australia. In 2016, Australia saw cybercrime incidents doubling, with another drastic increase of 25% in 2017. This is particularly worrying for small and medium business owners, who are acutely vulnerable to cybercrime because they often lack the financial or IT resources necessary to deal with it.
As this intangible threat grows, users and companies need to take steps to ensure they are safe from future cyber attacks.
Whether it’s a banner ad on a website, or a link to a “Windows” update in your email inbox, you need to be cautious about what you click on. Hackers will take advantage of you to run malicious code, malware or install trojans, so they can access your system and your data.
If you use passwords like “123456” or “password” to secure your data, you’re asking for trouble. Cybercriminals will begin with passwords like these due to how frequently they are used.
The Missing Link recommends that you make use of the following criteria when choosing a password:
If you’re lucky, software developers will find holes in their software and fix them before someone takes advantage. Unfortunately, sometimes software developers only become aware of vulnerabilities in their systems after someone has exploited them. In these scenarios, updating your software will protect you against future attacks.
People regularly share personal information such as birthdays, favourite hobbies or foods on their social media channels. This information is likely linked to their social media passwords. Knowing this, hackers will trawl your social media looking for clues that they can use to guess your passwords.
Cybercriminals are becoming increasingly skilled at spoofing (cloning) websites, making it difficult to tell the difference between a fake page and the real thing at first glance. These pages are used to trick users into sharing their private information.
You can avoid falling victim to a spoofed site in the following ways:
Social engineering is when cybercriminals manipulate users into performing actions or revealing sensitive information. They exploit the weaknesses inherent in each of us, like fear, hope, love and greed, and can often be simple yet devastatingly costly for businesses. The Missing Link provides 10 steps on how to avoid these nefarious attacks.
Windows operating systems come with basic firewall and antivirus tools, but additional security might be found in a security suite. However, it’s important to choose the right one, as an ex-Mozilla developer claimed certain antivirus tools can cause as many problems as they supposedly fix. To ensure you’re properly covered in the event of attack, it’s a good idea to install next-gen firewalls and anti-viruses.
Advanced users who make backups are usually great at doing either local or off-site backups, but whether it’s due to forgetfulness or lack of resources, they often don’t do both. Remember that to protect your company’s data and systems, you need the redundancy of both backups.
Where SSL/TLS was once only used by websites such as banks or online stores which regularly processed personal data, websites across the globe are increasingly taking advantage of encryption. However, the same basic idea applies as it did in the past: if a website is processing your personal data, make sure it is SSL certified.
The reality is that certain types of websites are more likely to infect a machine with malware than others. The first step is to configure your network so that all internet traffic runs through a centralised server. This will allow you to filter traffic and block people from accessing risky sites, such as pornographic, file-sharing and illegal streaming sites, thereby reducing the likelihood that an employee accidentally infects your systems with a virus or malware.
Companies that are exploring their disaster recovery options, or looking to reduce costs around their current disaster recovery solution, should take advantage of our Disaster Recovery as a Service (DRaaS). DRaaS leverages the power of the cloud to provide redundancy for your systems, either by running your systems off the cloud itself, by mirroring them, or a combination of both. Should a hacker strike, these options will help keep downtime to an absolute minimum. The Missing Link also offers specialist cyber security services which mitigates the chances of your business being compromised, you can talk to one of security specialists to assess your needs.
These tips will help you improve your company’s defences against cyber-criminals and ensure your business doesn’t become a victim to a cyber attack, but is your business prepared for other IT problems that could cripple it? To find out if your business is disaster-ready, be sure to check out our interactive tool here.