Cyber-attacks have been making headlines around the world these last 12 months with hackers targeting governments and big business with increasing frequency. A new report suggests, however, that there has been a 325% increase in malvertising attacks. This is the unsavoury practise of infecting a legitimate page ad with malware which allows cyber criminals to attack a consumer directly.
Needless to say this is hurting businesses as well as the individual as it’ll make them far less likely to click on an advert for fear of infecting their devices. The responsibility ultimately falls to the advertisers to make sure the appropriate protections and quality assurances are in place but for now users are being advised to exercise caution.
However, to help keep you and your data safe, Cyber Security Talent Delivery Consultant, Nick Haaker has put together a list of things to be aware of to make you safer online.
- Losing your Device
How many times has a friend or colleague’s story about their weekend ended with them losing their phone? Some of the most damaging (and public) data breaches has occurred after a device such as a phone or a laptop was forgotten or left unattended and stolen.
Whilst you can’t protect yourself fully from theft or misfortune, you can protect your data with passwords and encryption. Most devices have some form of advanced security settings so make sure to set them up correctly to protect yourself, your contacts and your information. If you can't find it visit your operating system's (iOS, Android, Windows etc) website for more information.
- Open Wi-Fi
Being without 4G is a terrifying thought in the modern world but resist the urge to connect to any open Wi-Fi network your phone can detect. If the Wi-Fi is unsecured then you’re making it easy for hackers to spy on you.
If you join an open network, in a pub for example, make sure there is some form of login process. This usually means you’re using a third party service which provides a degree of security but still be mindful about sending sensitive information, such as payment/card details, over open networks.
- Unencrypted Email
In 2014 Sony Entertainment suffered a very public and very embarrassing security breach. Investigators believe the hack, which lasted a year and involved terabytes of data, occurred because top level Sony execs were sending and receiving unencrypted emails. How secure are your emails? On average over 100 emails move through an individual’s work account per day making unencrypted emails a significant threat.
Huge amounts of sensitive or confidential information can sit on email servers for months at a time making any hack a potentially devastating one if that data is not managed correctly. Your IT department or outsourced IT services provider should have policies and procedures in place to make sure the company and individuals are safeguarded. However, if you currently are without some form of IT support, there are plenty of affordable user friendly solutions that will encrypt your emails available.
- Faulty Firewalls
In 2011 the Sony Playstation Network (sorry Sony) failed to properly deploy and maintain its firewalls leading to a hack that saw 77 million gamer profiles raided for information including dates of birth and payment details. That’s roughly 1 per cent of the population of the world had their details stolen.
Do you know when your firewall was last updated or even what its limits are? You’re not alone if the answer is no, very few companies do. Penetration testing and upgrades should be a regularly scheduled activity for your IT support and a documented part of your IT policy to give your business the best possible protection.
If you lack the means to do this yourself there are third parties available who can conduct penetration tests and supply a report on vulnerabilities and how best to address them.
- Apple is Not Immune
Even though Apple devices are broadly considered to be safer than PCs they are not immune to cyber-attacks simply because nothing is. Apple do, however, go to great lengths to make their devices as secure as possible, using things like Gatekeeper. This prevents software that hasn’t been approved by Apple being downloaded without the user’s permission.
Apple devices should be treated just like any other and secured in accordance with your company’s IT/Cyber Security policy.
We are actively recruiting for Cyber Security developers at all levels with a background in Aerospace and Defence. Register your details now.