There are so many lessons we have already learnt from 2016: if you’re a celebrity you should probably start taking very good care of your health; now is not the time to buy Euros; any business, big or small, is a potential victim of a cybersecurity attack. As we pass the half way mark of 2016, here are the top five security lessons that 2016 has taught us so far and five tips to make sure that you end 2016 on a high, rather than in the headlines.
No one is safe
‘It’ll never happen to me’ is the scourge of the security world. It’s so easy to think that your company is either too big and strong to be breached, or too small to be of interest. Newsflash – you’re not. Attackers try just about anything and anyone to get to your system and research has shown that the majority of companies don’t even realise they’ve been breached.
Learn from the mistakes of the high-profile embarrassing breaches from this year such as LinkedIn, Tumblr and – a little further back to the end of last year – TalkTalk; get your security up to scratch, fast.
Ransomware is the one to watch
While phishing scams are having a decent punt for the top spot, ransomware has been on a roll this year. Recent studies suggest that a quarter of all malware attacks are now from ransomware, which is a type of malware that encrypts all your data and then demands payment for the decryption key.
It often comes in the form of phishing attacks so be careful when clicking on links and educate your team about the dangers, because once it’s in your system there’s very little you can do about it. Paying the criminals will only encourage them and make ransomware more likely to increase in general, so make sure you’re regularly backing up your data so that even if they sneak into your system you’re able to outsmart them.
Attackers are getting smarter
As more businesses become security-savvy, attackers are becoming ever more creative about getting to the gold. For example, phishing scams are getting better at pretending to be from a legitimate source; the fake emails now often contain loads of personal info which makes them appear real in order to get you to click on a link that takes you to a dodgy site or triggers malware.
The information they use often comes from social attacks, like asking to become friends with lower-tier employees on LinkedIn, then using that to get to higher level execs.
Threats come from inside your house too
Breaches can come from inside businesses too, such as unsuspecting employees leaving the door open. This can either be because employees haven’t been educated on how to spot threats, such as adding people on LinkedIn that they don’t know as mentioned above, or from lower-level employees being attacked and having admin privileges that are too high, which then lets attackers get into sensitive info. It’s important that there are no weak links in a business.
The repercussions are real
As many of the businesses that have suffered this year would tell you, the repercussions of poor security practice are very real. From fines for not protecting yourself, to the losses from the breach itself – TalkTalk found that its profits were half what they had been the previous year – and reputational damage, there’s really very little excuse for not making security a top priority.
Five tips for protecting yourself:
Take a look at our security page or give us a call on 0208 045 4945 for more information on the security solutions that UKFast offers.