Following all the recent cyber attacks of late we have been inundated with requests from concerned clients around system security and best practice policies to protect your critical IT systems. At Nimbus have been working extremely hard over the past 18 months to understand how these criminals work, how they target their victims and what steps should be taken to help protect your business against such attacks. We are in the process of working towards an accreditation on the cyber essentials framework set out by the UK government on best practices to support and protect businesses of all sizes against cyber crime and this email is to provide you and your company with some basic awareness of how these attacks occur but also what steps should be taken to help protect your business against cyber criminals.
What is Cyber crime?
An estimated two thirds of UK businesses have fallen victim to cyber criminals in the past two years with the majority of attacks similar to the recent Ransomware attack on the NHS still coming from malicious software delivered to your machines through malware which can arrive in the form of unsecure websites, ZIP files, PDF or web links on emails an when opened this may download a virus to your computer.
However as cybersecurity software such as Antivirus, Anti-malware and others have become more sophisticated, employees have become easier targets. A common method among hackers, for example, is to pose as a company boss or another employee within the organisation in an email and persuade an employee to urgently wire company money to an account. These type of emails are known as phishing emails, where cybercriminals target individuals , rather than computer systems in the hope they will get a reply and in the example above, money transferred to designated account.
Ways to help prevent?
Such attacks are destructive to your company finances and reputation. So below are some point on how business owners / managers and staff can help protect, learn to spot – and stop – them.
- Implement and enforce strong password policies for your computer systems
- Keep your operating systems up to date and fully patched. Microsoft has withdrawn support from Windows XP & Vista which means these operating systems no longer receive important updates and therefore is extremely vulnerable to attack.
- Make sure all Wireless Networks are encrypted and protected with secure passwords
- Keep all third party software fully up to date and renewed
- Have a firewall plus software that opposes virus, malware etc
- Disable administrator access to local computers, restrict USB access so malicious software cannot be easily downloaded
- Educate employees on what to look out for on emails, software alerts, keep antivirus software up to date, not to bring personal computers / laptops into your business
While the above points are important there is only ONE sure way that your company can survive a ransomware attack and that is with a good backup strategy with should include both onsite and offsite and with GDPR just around the corner in May 2018 the focus will be on you to implement measures to ensure your company data and that of your clients is backed up and secure or you could be looking at hefty fines.
As the threat of cyber crime is rising at an alarming rate we are planning on providing as much education and assistance as possible through email communications, health-checks on your systems and policies, social media and events . Please contact our team if you have any questions or require assistance on 028 900 800 30 or firstname.lastname@example.org and we will be very happy to assist or answer any concerns.