Hacking can occur to any business at any time and can be seriously damaging.
For example, in March 2020, Marriott were hit by hackers, with the data of 5.2 million guests being accessed. Hackers obtained login details of two employees and had access to the data for more than two months before being discovered.
The list goes on with Nintendo, EasyJet, Twitter, MGM and Zoom all being targeted by hackers.
Top Tip: Read our blog post on the top 20 cyber threats of 2020.
Hackers don’t just go for big business. Small businesses are easier targets as their security is not so robust.
But all is not lost. Ensuring your IT security is up to date you can stop hackers in their tracks.
What is hacking?
In a nutshell, hacking is when an unauthorised party gains access to data in a computer or network.
Gaining access, however, is not the problem. The problem is what the hackers can do with the data once they have access to it. The simple answer is ‘anything they want’.
How to know if your computer is hacked
It isn’t always easy to spot you have been hacked but there are some indicators. These are:
- Slow PC performance and frequent crashes.
- Pop-ups sending you to unusual websites.
- Unknown programmes loading at start-up.
- Fake anti-virus warnings.
- Multiple emails sent from your email address.
- Changes to your web homepage.
- Unauthorised password changes.
If you notice any of these signs run some virus-checking software which may pick up and isolate the virus or contact the team at CIS and we can discuss the options and the scale of the breach.
How to prevent hacking
Prevention is better than reaction. Here are ten top tips for hacker protection.
A firewall is your first line of defence against hackers as it filters traffic through the network, and acts as a barrier between the business network and the outside world. A firewall can prevent unauthorised access to your business network and client data.
There are various anti-virus, anti-malware, anti-ransomware, anti-spyware and anti-hacking software on the market. All are required to protect your IT network.
Purchase the best you can afford and ensure they are kept up to date to be truly effective.
It isn’t necessary to change passwords every few weeks, although this can add another layer of security. Instead, passwords should be difficult to crack; either really complex, for example, HG8(7^654@p*09v% or as several dictionary words, a number and special character such as bananabandanapennyfarthing-hat_2020.
It is thought that 90% of all emails sent are spam. It can’t be prevented but it can be managed. First of all, avoid giving out your email if you can help it but this is difficult in a business environment.
It is key never to reply to spam or click on a link within the email – and that includes the unsubscribe button. All email packages have a spam filter which enables you to mark a message as being spam meaning it won’t end up in your inbox. However, always remember to check the junk folder as the spam filter can be over-zealous.
Keep OS/apps up to date
Having expensive hardware and software does nothing against hackers if it is not kept up to date. Updates can be automated to prevent users from ‘postponing’ or cancelling the update as it is inconvenient. These updates have fixed bugs and strengthened weaknesses in the system which could be infiltrated by a cyber criminal.
It is vital that you back up your computer on a regular basis. Although this won’t necessarily prevent your systems from being hacked, if there is a breach, and your data is encrypted it is not irretrievably lost.
Need assistance with your business? Check out CIS’ back up services and talk to a member of our team today.
Enabling end to end encryption (E2EE) is another means of ensuring that data which is shared over a network is secure and that only authorised people can access it.
Encryption security scrambles the data when it is sent and therefore should it be intercepted on its cyber journey it cannot be read by anyone unauthorised. Only when it reaches the intended destination can it be decrypted by way of a decryption key.
Use a secure network
Avoid using unsecured networks, no matter how tempting it is. If a network is unsecured you really have no idea who is able to access your data whilst you are connected.
Use two-factor authentication
When logging into business networked machines, instead of relying on a single password introducing two-factor authentication doubles your IT security.
The user will be asked for two forms of security which include a password and one other form of identification such as a PIN, a messaged code, a fingerprint or security question.
To prevent human error causing unnecessary loss and exposure to cyber threats, in your organisation, ensure your staff are trained to recognise phishing emails and how to check the authenticity of the email sender as well as the link they are using for the data grab. This will go a long way towards hacker prevention.
Ensuring your IT systems are hack-proof may seem like a daunting task but the team at CIS are here to help you. To see what we can do to improve your security contact us today.