How to Protect Yourself & Your Companies From Hackers
Today’s business landscape is governed by all-things-internet. From the efficiency of cloud computing to the communications of remote teams – we rely heavily on the internet for our business models.
However, this reliance has also exposed us to ever-growing security risks. There were 7.2 billion malware attacks and 151.9 million ransomware attacks in 2019 alone.
Cybercrime and hacking incidents can rampage entire organizations, affecting the livelihood of thousands of people.
In May 2017, over 230,000 computers were attacked by the WannaCry malware worm. Its developers gained access to computers using Windows OS, encrypted user data, and demanded a payment of $300/computer in bitcoins to unlock systems and restore control to the rightful owners.
Hack attacks like these can happen at any time. They can be as simple as phishing – stealing information via email, or more complex and sophisticated using software infiltrators like Trojans, Viruses, and Worms.
Data breaches, distributed denial of service attacks, and other hacking methods can have a significant impact on the bottom line of your business.
What can you do to stave off hackers?
It’s up to individuals and businesses to protect their identities and employ best practices to stay safe. This article will shed light on proven countermeasures to avoid losing confidential information and valuable data to cybercriminals.
Here’s what you can do to avoid getting hacked.
Maintain strong passwords
Your passwords to software accounts, social media accounts, and other online services should be strong and unique. They should be a combination of letters, numbers, and symbols – common phrases make it easy for hackers to get into your accounts and steal your information.
Don’t use the same password for all your accounts, either. Many of us are guilty of doing this as pointed out by Security Boulevard – 91% of people know that using the same password poses a security threat, but 59% still use the same passwords everywhere.
Large organizations understand the importance of data security, which is why they invest in password management suites to manage company passwords.
On the other hand, small businesses can use cost-effective password management software to ensure that their passwords and data remain secure at a relatively lower cost per user.
Companies can get the added benefit of advanced protection features from customized privacy policies, minimum password standards, Lightweight Directory Access Protocol (LDAP) integration, and more.
Users can also turn to password “vaults” that generate, encrypt, and store passwords, even retrieving them when required.
Set up and use multi-factor authentication
Your online presence might still be vulnerable to threats, even after using password vaults and managers. Hackers can use password resets or social engineering to get into your social media or business accounts and access to personal information, photos, videos, and company data, etc.
Passwords alone are not enough. Multi-factor authentication (MFA) can give you the protection you need. The most common form of MFA is two-factor authentication (2FA or two-step verification), where you need to verify an authentication code to access the account.
If someone tries to log in to your business account and steal information through an unauthorized account, they won’t be able to do it even if they have your username and password. The authentication code is sent to your smartphone via SMS or email through an approved code-gen app, or a dedicated hardware token.
2FA is a great way to deal with pesky hackers who get a hold of your login credentials through malware or third party attacks/vulnerabilities and make their way into your business or social accounts.
Be wary of suspicious emails
Professionals check their emails an average of 15 times per day or every 37 minutes. Businesses and individuals rely on them to send reminders, updates, and relevant documents – and that makes your inbox the perfect place to launch an attack on your digital identity.
It’s no surprise that emails pose a security risk for businesses through cyberattacks via malicious email campaigns. Hackers may be phishing for personal information through seemingly harmless emails.
To prevent getting scammed, verify the sender’s address to be sure it’s the intended sender. Check their email address and match it with the domain they’re using to send the email. Also, be sure to check for spelling and grammatical errors – some hackers are bad at putting sentences together.
If it’s an internal email and you’re not sure if it’s legitimate, go to the desk of the individual sending it and ask whether they sent it to you.
If an email seems to be originating from a fake website and is asking you for personal information like bank details, home address, phone and social security numbers, etc., that’s a massive red flag. Block, delete, and ignore are your best options.
As an extra precautionary measure, you can also check the IP address of these emails. Check the IP address displayed in the received email, then Google this IP address to see where it came from.
Don’t open attachments in suspicious emails
Install a network firewall to monitor incoming and outgoing traffic and identify new threats to your business systems.
As a general rule, never open attachments unless you’re absolutely certain of where they came from. Hackers may send emails with attachments that might look alright but are actually hiding viruses and malware. These files even have the usual extensions such as .docx, .pdf, and .exe.
Even if one employee opens these attached files, the virus infiltrates and infects the whole network.
So you need to have well-thought-out security policies implemented across your company.
Install security updates for your system as soon as they launch
The regular software and firmware checks ensure that your system is up-to-date and secure from the latest threats (malware, botnets, viruses, ransomware, Trojans, and others) developed by hackers.
This is especially important if your computers are still running on Windows 7 or other obsolete software.
Since all support for Windows 7 ended on January 14, 2020, it’s not getting security updates or bug fixes. This means that systems still running Windows 7 are susceptible to malware, virus, and ransomware attacks.
Those still using Windows 7 can end up incurring extra costs for something they would otherwise have gotten for free earlier. It is better to upgrade to the newest version, i.e., Windows 10, to stay protected from the latest cyberattacks.
Be sure to check for the latest patches and fixes recommended by the OS vendor and regularly install them for ongoing protection.
Avoid using public Wi-Fi
If you’re at a coffee shop or restaurant, don’t share public information if you decide to use their Wi-Fi. Whatever you do, do not think about purchasing a plane ticket or checking your bank statement while you’re there – these public connections are not secure.
Hotels and conference centers aren’t safe either; these networks are often prime targets for hackers due to the amount of traffic they get. Hackers have found ingenious ways to slip through undetected, so there’s no way to tell whether your data is compromised while you use the Wi-Fi at the hotel.
If you give a presentation, it’s better to load it on USB to be safe. Don’t wait for last-minute downloads at the hotel.
If you must use the Wi-Fi at these places, get a virtual private network (VPN) service to encrypt your traffic, so others on the same Wi-Fi network cannot see your online activity.
Set up a hotspot for your laptop from your smartphone and use that to access the internet.
Practice due diligence and learn from mistakes
To be truly safe from hack attacks, be diligent when browsing the web, reading emails, or doing anything online or on the cloud.
A few parting tips:
- Keep your answers to secret questions to yourself
- Set up an alternate email to retrieve your accounts in case of a mishap
- Back up your computer files on an external encrypted hard drive
- Set up a backup phone number
- Keep your passwords encrypted and stored safely with password vaults
Posted in: Cybersecurity