How to protect your business from hackers

September 11, 2018

You are among the rare few who are proactively looking to protect your business and your data, well done! Let’s get you a few tips on how to protect your business from hackers and help prevent them getting access. 

 

Who are they? 

Hackers are people who want to break into systems for one reason or another. They can be young kids who use ready-made hacking tools out of curiosity or just someone who works as part of an organised crime group. Individuals, hacking group members and even government controlled hacking squads are out there finding ways to break in. 

 

What do hackers want? 

Hackers generally fall into the following categories: 

  1. Hack for the fun of it and to see if they can get access. 
  2. Want to scramble (Encrypt) your files so that you have to pay a ransom to get them back. 
  3. Steal your intellectual properly (Product designs, formula’s, recipe’s). 
  4. Steal your or your clients banking details. 

 

Hacking is big business and most of the hacking activity is driven by money or political forces and is often performed as part of organised crime groups. 

 

How do they get access? 

Often hackers will used automated tools to scan the internet looking for people’s silly mistakes. Those people who purchased a broadband router from a shop and left the password as the defaults or those people who open up their servers and computers to be accessed from the internet. These tools scan until they find one of these easy targets.  

Once found another piece of software will then try every possible username and password until they get in or it takes too long and they move onto the next target on the list. 

Every time a successful login is made it gets added to a list ready for when the hacker wants to log in and either steal something or scramble your data so you can’t read it. (No, your backups won’t help you, they often scramble those too while they are logged in!) 

Over the last few years hacking using social engineering has become more popular. This is when a hacker will call your business and pretend to be from IT support trying to fix a problem on the PC. They will get the employee to connect them to the computer and once done the hacker then runs a program which gives them unlimited remote access without anyone knowing and at any time they want it… scary! 

 

How can we stop them? 

First use a really big key, no not one to carry around in your pocket! a long and not so obvious password is your first defense!  

Which passwords are easier to guess or will be found first by a hacker’s automatic tools do you think? 

-Apple123 

-November2017 

-#ThisIsMySecurePassword9812# 

 

It’s really not difficult thinking up and remembering a secure password, they are just the poor excuses people make up because they don’t care about security or think it doesn’t apply to them. Use a sentence and capitalise the start or end of each word. Throw some numbers and special characters like full stops or hashes in there for good measure. 

Once you have a nice big set of keys you need an alarm system and a security guard. For this use Anti-virus, Anti-malware and web filtering software to help block unwanted files from being downloaded and run, plus to detect unwanted spyware programs. 

The government have come up with a set of controls which prevent 99% of all internet-based attacks which include the above but go into much more detail. The controls are part of a scheme called Cyber Essentials and if you pass this you are well protected against the most common internet threats. To read more on how to secure your business long term from internet attacks read our in depth Cyber Essentials guide HERE. 

 

Summary 

We hope you found this useful, but remember it’s only the start of becoming more secure. If you are serious about protecting your business from cyber threats then the best thing to do is become Cyber Essentials Certified (we can certify you) and then at least you know you have all of the basics covered.