Many of us enjoy Halloween and have a lot of fun dressing up and pretending to be someone or something we are not. Who doesn’t love a masquerade party? However, when it comes to your company’s network, a visitor in disguise is not welcome.
Most small and midsize business (SMB) owners focus on the day-to-day operations of their organization, driving growth, facilitating hiring and guiding marketing, without a single thought to the security of the computer networks these processes depend on. Unfortunately, according to Verizon’s annual Data Breach Investigations Report, a full 71% of cyberattacks are aimed squarely at SMBs that are known to have less secure networks than larger companies. How do hackers infiltrate hapless small businesses?
An employee receives an email directly from your company’s billing company, urging them to fill out some "required" information before their paycheck can be finalized. Included in the very professional looking email is a link your employee needs to click to complete the process. But when they click the link, a host of vicious malware floods their system, spreading to the entirety of your business network within seconds, and locks everyone out of their most precious data. In return, the hackers want thousands of dollars, or they’ll delete everything. Today it’s easier than ever for an attacker to gather information and make a phishing email look like every other run-of-the-mill email you receive each day. Train your employees to recognize these sneaky tactics and put safeguards in place in case someone clicks the malicious link.
According to Inc.com contributing editor John Brandon, “With a $300 graphics card, a hacker can run 420 billion simple, lowercase, eight-character password combinations a minute.” What’s more, he says, “80% of cyberattacks involve weak passwords,” yet despite this fact, “55% of people use one password for all logins.” There’s simply no excuse for using an easy-to-crack password. Instead, it’s good practice to make a password out of four random common words, splicing in a few special characters for good measure. HowSecureIsMyPassword.net will check the strength of your password.
While malware is often delivered through a shady phishing email, that’s not the only way it can wreak havoc on your system. An infected website (such as those you visit when you misspell sites, a technique called “typosquatting”), a USB drive loaded with viruses or even an application can invite vicious software into your world. These days, antivirus software is not enough—you need a combination of software systems to combat these threats.
As fallible as computers may be, they’ve got nothing on people. Sometimes hackers don’t need to touch a keyboard at all to break through your defenses—they can simply masquerade as you in order to get a team member to activate a password reset. It’s easier than you think and requires carefully watching what information you put on the Internet. Don’t put the answers to your security questions out there for all to see.
The best way to protect yourself from masked intruders is to partner with an IT expert that constantly keeps your system updated with cutting-edge security.
Click here and let IT Radix help you unmask any uninvited guests and protect your network.
First published in our October 2019 IT Radix Resource newsletter