With the recent cyber attacks that have crippled NHS organisations and many other businesses around the globe, a big question looms, are we doing enough to protect ourselves and our businesses?
Cyber attacks come in many flavours making it near impossible to protect against them all. There are simple steps which can be taken to minimise the chances you will be affected. If the worst case scenario does occur, you can reduce the impact by having good business continuity processes in place.
How does it start?
A cyber attack can start in many ways with this recent incident being one of the most common, through email. We all know that we shouldn’t open attachments that we aren’t expecting or when not from someone you know. However, this doesn’t stop the majority of us opening them anyway. Maybe it’s that your too busy to think, it’s instinctive, or curiosity just gets the better of you. Whatever the reason, this recent example demonstrates just what can happen if you aren’t careful enough.
How bad is it?
Pretty serious really. This malware infects the machine that it is opened on by encrypting the data and preventing access to any of the data or applications rendering it useless. The malware then alerts the end user that they can recover their data by paying a sum of money. Even when some comply out of desperation that data is often not recovered. To make matters worse, it only takes one person to open the attachment on a network to cause a major issue. This is because the malware self-propagates to other devices it can find. This gives it the ability to destroy all machines on a network very quickly and with little or no warning.
What can you do to protect yourself?
No amount of security will stop the skilled and determined hacker who has one mission, to destroy your IT world. However, most attacks are not targetted and more opportunistic including this recent one. Good internet security is a great start to protecting your online world. For the average person at home, this will prevent the majority of online threats from getting through as long as it is always up to date. The number of machines that have good internet security set to only update in the dark hours of the morning when your computer is never turned on is staggering and puts you at risk.
For businesses, additional security should be in place such as a high-quality hardware firewall to protect your network and systems from the outside world. Even standard home routers come with a basic firewall but business with large networks need something more secure. Your email server or provider should have additional security on mailboxes to scan attachments before they are even delivered to you, further reducing the risk you may accidentally open them.
Ensuring you keep multiple copies of your mission critical data is a necessity; however, you should also make sure that your backups are regular and stored in an uncompromising environment so they too can’t be damaged by a malware infection on your network.
Cyber security is very complex and it is no surprise that some attacks will get through over time. Making sure that you invest in your security setup and processes can save you a lot of headache later.