Table of Contents
Isn’t Cybersecurity Fun?
If you are a regular reader of the RCI blog, you may notice that today’s blog is a little late. Why? Our site was down earlier in the week. Why? The host of our site, one of the leading hosting sites in the world was having “connectivity issues.”
Why? Unknown.
But that does bring up the looming question of cyber security.
If it were hacked (which no one is saying) Inmotion would hardly be the only major corporation to be in the news lately for a high profile cyber attack. Solar winds is trending again as still more revelations are revealed. Colonial Pipeline is getting flack for paying the demanded ransom when their company was shut down by Russian hackers, temporarily (and artificially) causing a gas shortage all along the east coast.
If they weren’t hacked but had a major technical issue causing an outage, they are in similarly good company as a service called Fastly which handles services for Amazon and Reddit among others was also brought down this week – in their case because of one customer!
Crazy stories! But they’re becoming more common. Our ever more connected world brings us a lot of advantages like seeing our loved ones in real time via video during a pandemic or cat memes on any subject at the click of a button. But with great power, comes great responsibility. And when corporations don’t meet those responsibilities, we can all suffer.
When companies of that level are being hacked and suffering from technical oversight, you’d be right to wonder if your smaller company is also in danger. And you would be wrong to believe that that small size means you won’t suffer big problems.
Mo Tech, Mo Hacking & Cybersecurity Problems
When you break it down, there are basically two types of major security glitches, malicious and error-based. There’s not always a clear defining line between the two as an error can create vulnerability for a malicious actor but with the right precautions you can do a lot to prevent both.
In the aforementioned Fastly outage that affected so many consumers this past week., there was no malicious intent. There was a vulnerability in some code and when a single customer did a specific configuration, it triggered it creating the news-making outage.
That’s a pretty outrageous circumstance that probably won’t apply to your company.
If it had been your company, when the vulnerability was discovered, it could have been fixed and you wouldn’t have to share that fix and get compliance with millions of users across the internet.
With a smaller business, diligence can be easier. Networks should be checked on and updated on a regular basis. Someone with knowledge should be monitoring it.
When it comes to hackers, such as those involved in the Colonial Pipeline hack, there will always be malicious actors out there. You can’t always stop them but you can do a lot to make yourself a more difficult target.
Types of Hacking
There are several types of hacking attacks. Two of the most common are phishing and brute force.
Brute force attacks involve getting into an account, network or system by guessing a password. This is done by randomly generating passwords and often also checking common ones.
You can greatly decrease or even outright stop your chances of being infiltrated with a brute force attack by following a few simple internet hygiene rules.
Brute Force Hacking
Don’t pick easy passwords!
This may seem like a given but if you’ve used a password with your name, the current year, your birthday, the name of the site or the word “password,” well, you’re an easy target. But that’s only the most basic rule. You also need to follow the guidelines of most password generators and include letters (capital and lowercase), numbers and symbols.
Don’t reuse the same passwords!
Again, simple password 101 here but remember if one password is breached and you use at multiple accounts, multiple accounts have been breached.
Change your passwords periodically.
Finally, with brute force attacks, time can equal success. So change your passwords. I know it’s no fun having to learn a new one but this is a simple way to make your accounts less hackable.
Phishing Hacks
Phishing attacks are another common hack. Phishing attacks need a little cooperation from a user. A phishing attack begins when a hacker tricks a user into giving information that will allow them access to an account. One common way of doing this is by mimicking a site such as a bank account. It’s important that all your employees are also up on the correct procedures to avoid a phishing attack.
Always verify the sender of an email before opening documents or clicking on links.
The easiest way to get into a house is if someone gives you the key or leaves the door unlocked. So don’t give away the keys!
In internet speak this is commonly done by pretending to be a trusted site. Often a hacker will use an emotional appeal to trick someone into giving up information. Sending an email that appears to be from a bank that says your account is about to be closed can scare a user enough that they don’t look at the url to make sure it’s really the banks. A good rule of them is to always go to a site directly rather than through an email. If you do click on a link, make sure the url is valid.
Don’t share unnecessary information.
Limit the number of employees and computers that access particular accounts and you have fewer points of entrance.
If you suspect phishing, report it.
A Few General Cybersecurity Tips
Finally when it comes to general cybersecurity there are a few important ways to keep your network, information and business safe.
Have security software installed on all of your interent connected devices. That includes computers, tablets and even mobile phones.
Keep all software up to date. Hackers often use vulnerabilities in outdated software to infiltrate a network. Have your software autoupate.
Have up to date equipment. Make sure your utilizing that latest in IT equipment. This is especially true of firewalls.
Have a professional take care of your network. If you don’t have an in office IT department, a company like RCI can be your IT consultant. With monthly contracts an IT company can keep an eye on your network and stop problems before they start. Typically IT contracts are very reasonable and far less expensive than losing important data or having your business shut down for a day or even a few hours.
Give us a call and we’ll make sure your business stays secure.
