Cyber-attack… it follows a process
As we are currently very aware, “attack” on our world can come from many angles. But there is still one that businesses, perhaps more than ever, need to protect against constantly; cyber-attack. Some businesses don’t think they’ll be a target, but the problem is that if it does strike it can have a considerable impact on operations, cash flow and reputation; and in reality all businesses are potential targets. So with that said, what happens? And what can you do to help prevent it?
Watch out for the four key stages
Reconnaissance: This is when the attacker is checking you out. They’ll be looking at your email addresses, passwords etc. checking stuff out on the dark web. They’ll be listing your IP addresses. Testing your email system. And seeing if you’re actually worth their time.
Attack phase: When they decide to pounce, they’ll attempt to gain access – having sussed your passwords etc. – and then amend system privileges to give themselves free rein. At this point, you won’t even know they’re there. They’ll often simply watch your behaviour and install new backdoors whilst they observe.
Expansion: This next phase is where the trouble really begins. They may steal your accounting info, address books, databases etc. And they may well install malware and start phishing others via your system because you’re a trusted system elsewhere. Nasty stuff!
Obfuscation: And once they’ve done their dirty work, they’ll take steps to conceal their tracks. They’ll delete logs and do whatever they can to frustrate forensic experts from tracing who they are. And it’s very likely
they’ll also set things up for another attack in the future. Yeuch!
So what can you do to protect yourself? Well, we’d recommend many things, including:
• Ensuring patches and updates are always installed regularly
• Having a procedure to change usernames and passwords on a regular basis… and doing it!
• Installing a strong firewall and antivirus etc. software
• Frequent training and updating of staff on cyber security
• Regular system audits
• Getting a Cyber Essentials security certificate
And one final point, if you’re in any doubt about any aspect… get professional advice.
Read more from this issue...
We’re all in this together
Life regularly throws curved balls, and by Jove the UK is tackling a few this year. What with Brexit, floods, and Covid-19, it’s certainly been turbulent, to say the least.Continue reading…
Andrew Franklin on the Red Sofa
Andrew Franklin takes a seat on
the Red Sofa and talks about his
‘Business Help Series’
Dodging the scammers
The government is wisely advising us to stay at home. The medical experts are wisely advising us to wash our hands frequently. And now, the cybersecurity gurus are wisely advising us to be even more vigilant regarding coronavirus scams. Insidious as it is… there are people out there still trying to do digital harm. But we won’t let them beat us!Continue reading…