Yes, it's true, this is my 60th blog post! Truth be told, it's not as easy as people think. Every week I have to inform readers of the latest technology trends and, more importantly, how to stay safe from the ever-increasing dangers of the cyber world ...
Many a time I have spoken about the different ways that hackers try and infiltrate your business systems so here is a recap:
- Internet of Things (IoT) devices are still a hot topic. Deploying unauthorised hardware (aka adding your own gadgets) to your network without notifying the IT departments can lead a hacker to the most venerable spot in your network, allowing a short hop, skip and jump to all your data, including servers where your valuable customer data is stored.
Akin to Ocean's Eleven, but in the cyber sense, rather than in the physical sense, one of the most unusual IoT hacks was a Casino in North America. Back in 2017, someone had installed a Thermometer in the fish tank that could be monitored on the computer network. The device was 'connected' and always on, hence visible over the internet and allowed the tank to be remotely monitored, automatically adjust temperature and salinity, and automate feedings.
The only problem is that it became a gateway to the entire casino network, allowing hackers to cleverly stream data from the servers, via the Thermometer and steal vast amounts of data and access gamblers' accounts.
The moral of the story is that you must always make sure that IoT devices are secure and password protected before deploying. At home, this is the same for all the 'connected' devices like Amazon Alexa, Ring Door Bells, Google Nest and any other flavour of Internet-facing, time-saving smart devices.
- Email phishing attacks are still rife. Virtually every day, someone somewhere will receive an email which looks very legitimate. It may look like it from a senior person, asking you to pay a supplier or send a refund to a client or pay a VAT invoice. Before you do that, ask yourself if this is a standard or unusual request from the person authorising the payment?
The email very often contains a link to takes you to a page where you have to create a username and password. These types of attacks can be reduced and almost eliminated by using very affordable Artificial Intelligence (AI) email scanning software. The likes of Trend Micro offer an all-in-one solution of email scanning, anti-virus and web protection for about the same price as other security software which only covers one out of the three features.
Personally, I use Trend Micro as one licence that also covers my smartphone and tablet, as well as my laptop. This is most useful as email and internet access is on all devices and I don't have to buy multiple licences.
- Keeping your Wi-Fi, CCTV, and Fire Alarm systems managed and monitored and having a greater understanding of the key vulnerabilities of all the devices that are 'connected' (internet and internal facing) helps to fill in the gaps and reduces the risk of potential hacking.
- Bring your own Device (BYOD) is where you allow employees ... well, to bring their personal laptops, tablets and smartphones into the workspace for use at work. This is all very well, but policies need to be put in place and devices need to be 'locked down' to only access necessary parts of the network.
- And finally, whilst I was writing this blog post, Anydesk flashed up on my screen and 'someone' was requesting a remote session. Obviously, I did not press 'accept' as I was not expecting it and did not ask my IT support team to log in remotely. This is most unusual and the first time that this has ever to me.
I just called in as I am working from home and reported the anomaly to the office. I have the right professionals on hand!
As you can see from the points above, it is vital to keep your networks secure and be aware of any anomalies that occur from time to time. Unsure about something? Call your BTS UK, but don't, whatever you do, accept connections or click links in communication from people you are in the slightest bit suspicious of.
So happy 60th BTS UK blog, but there's a lot of scary stuff out there to worry about.
If you feel inspired to find out more then do call me on 07555 807700 or leave a comment below and I'll be in touch as soon as I can.