BusinessUVL @ AHM Brands

Fight Back Against Cyber Attacks

BusinessUVL @ AHM Brands
Fight Back Against Cyber Attacks

As incidents of ransomware attacks explode globally, a local network security expert provides 10 tips for protecting yourself or your business.

Story by Nancy Laney Photo by Thomas Boyd


Douglas County is home to hundreds of small businesses, which together comprise the economic backbone of the region. Unfortunately, they also represent a rich target for cyber attackers. In 2020, ransomware attacks around the world skyrocketed a whopping 700 percent, and more than 70 percent of those were aimed at small business, according to StaySafeOnline.org.

Worse yet, an estimated 60 percent of small businesses go bankrupt within six months of a cyber attack. Of course, this is not just a small-business problem; there’s that other 30 percent. Cyber attacks also pose a risk to home Internet users, large corporations, critical infrastructure...virtually every business, organization and individual connected to the Internet. Here are the top 10 ways hackers infiltrate computers and tips for how to avoid becoming a victim:

 
hacker_graphics@300x.png
 

1. Hackers take advantage of poorly trained employees.
Employees are the No. 1 vulnerability for business networks. If they don’t know how to spot a scam, they could compromise your entire network. It can happen by simply opening and clicking a phishing e-mail that’s designed to look like a legitimate e-mail from a trusted source.

2. They take advantage of company computers being used for personal business. We strongly recommend imposing policies that limit the websites employees can access with work devices and enforcing them with content-filtering software and firewalls. 

3. They thrive on weak passwords. We recommend a pass phrase that is 14 characters long and composed of a few words. Requiring a cell phone passcode will go a long way toward preventing a stolen device from being compromised. 

4. They love networks that are not protected with the latest security upgrades. It’s critical to patch and update systems frequently. If you’re under a managed IT plan, this can all be automated for you so you don’t have to worry about missing an important update.

5. They attack networks with no, or single, backups. A good backup will also protect you against an employee accidentally (or intentionally) deleting or overwriting files, natural disasters, fire, water damage, hardware failures and a host of other data-
erasing disasters. 

6. They exploit networks with employee-installed software. One of the fastest ways cyber criminals access networks is by duping unsuspecting users to download malicious software by embedding it within other downloadable files, games, or other “innocent”-
looking apps. 

7. They attack inadequate firewalls. A firewall acts as the frontline defense against hackers, blocking everything you haven’t specifically allowed to enter (or leave) your computer network. But all firewalls need monitoring and maintenance. This too should be done by your IT person or company as part of regular, routine maintenance.

8. They attack your devices when you’re on public Wi-Fi. It’s not uncommon for hackers to set up clones of public Wi-Fi access points in an attempt to get you to connect to their network. Never access financial, medical or other sensitive data while on public Wi-Fi. Also, don’t shop online and enter your credit card information unless you’re absolutely certain the connection point you’re on is safe and secure. 

9. They use phishing emails to fool you into thinking you’re visiting a legitimate website. A phishing e-mail is a bogus e-mail designed to look like a legitimate request (or attached file) from a site you trust. Their goal is to get you to give up your login information to a particular website or to click and download
a virus.  

10. They use social engineering and pretend to be you in order to reset your passwords.  


Nancy Laney is president of Roseburg-based Peak IT Security & Solutions, which offers a range of technology consulting and network security services. For more information, visit peakitss.com.