We left off last week’s blog post by asking what has happened to cause the modern problem of cybersecurity. Well, it was a marriage of course! Actually, the merger of technologies ...
Firstly, a cyber attack takes many, many forms. The most common type of attack is Ransomware. Normally this starts life as a phishing email, which may contain a link, leading to a piece of malicious software finding its way into your company systems.
One day, you may find all your data has been encrypted and held to ransom by software ... hence the term ransomware. Another form of cyberattack is outright hacking and trying to find any piece of equipment that is connected to your network with weak security.
If you remember from last week, life used to be simple. Phone systems were connected to copper lines and not much could go wrong, although voicemail systems could get hacked and you'd have all your personal dealings splattered all over the front pages of the tabloids, it didn't cause any serious data breaches resulting in fines from the ICO, just massive legal bills if you took the newspapers to court.
Routers used to be a lot less complicated and firewalls didn't need to work as hard or be programmed with as many restrictions/permissions as they do know, owing to all the various IP connected equipment.
Not only phone systems and standard network servers, PCs and laptops get connect by wire, but also the myriad of devices that rely on Wi-Fi networks, which in themselves are a security risk if not configured and maintained or their firmware is updated regularly.
According to some studies, due to the number of connected devices (commonly known as IoT devices) across the globe, hacking into networks will result in an estimated $200 billion financial loss which equates to approximately £172 billion this year.
The design and architecture of modern-day networks are complex and as we are heading for an internet-centric world, your Internet service providers may only be able to prevent large scale distributed denial-of-service (DDoS) attacks on their side of the network due to resources.
Of course, they will say that your network is your responsibility, they just provide the much-required Internet connection. True, the security of your network is your responsibility, so when you add a new piece of equipment, such as an IP CCTV system, don't just let the installers plug into a spare port, ensure your professional, internal or external (outsourced) IT team are on hand to correctly configure the ports and gateways on routers and firewalls to batten down your network.
These will identify the cracks in the system so your internal or external (outsourced) IT team can then fix the problem. Run frequent training sessions with your staff on how to spot fake emails and send out test emails to look like fakes to see how many people in your company click them without thinking.
A bit sneaky, but I bet it's far more than you think.
If you feel inspired to find out more then do call me on 07555 807700 or leave a comment below and I'll be in touch as soon as I can.