In this post we suggest some ways in which you can protect yourself and your assets against cyber attacks.
It’s not an exaggeration to state that we are in the midst of an epidemic of cyber crime. Even if you take the reported cases at face value it’s bad enough but there are reasons to suspect that the actual situation is much worse because so much is not reported. The police are under resourced, investigations are complex, and consequently the criminals feel empowered to continue and to step up their attacks.
So the onus is on us as individuals and business to strengthen our defences and to mitigate the risks by taking the essential precautions. Some of these tips may seem obvious and yet it’s amazing how many people fail to act on this type of advice.
1: Use strong and unique passwords.
Yes, I know, logging in (and clicking away the cookie notice) is a pain but it can be semi automated with a good password manager.
I’ve used Roboform for years. It includes a tool that will generate cryptic passwords containing a mix of numbers, symbols, and letters in upper and lower case. These are stored in an encrypted file which is synchronised across all my devices; PC, laptops, mobile phones.
You should use long, unique, and cryptic passwords of 12 characters or more for everything that requires you to log in – not just your pension account or favourite shopping site, but also the broadband router on your home network – everything.
If the log-in process includes the option to send a passcode to your mobile phone then enable it and use it.
2: Be aware of data breaches and react to them.
Even with a strong password your details may be compromised if a company fails to protect their network and thieves hack in and steal data. If you see any such reports in the press check to see if you have an account with the company and if you do, change your passwords immediately.
This won’t stop you details being sold on the Dark Web but it will prevent anyone from using your now compromised password. Meanwhile, remain vigilant for any calls, mails, or other signs that your identity is being used by a criminal.
3: Keep your software up to date.
Always keep your antivirus and other software up to date and complete the updates as soon as they are announced, including your mobile phone and tablet software. Developers release these updates for a variety of reasons; bug fixes, new features and so on, but often they are in response to freshly identified security weaknesses.
Also, clear the clutter from your computers by removing any unused software from your devices and you’ll not only lessen the risk but also free up space and perhaps make your other programs run more smoothly.
4: Nail down your social media settings.
Social media, by definition, involves sharing information about yourself so be careful what you do share and to whom you share it. Familiarise yourself with all your Facebook profile settings and ensure that you confine your sharing to those you intend. Be aware that even if your accounts are not breached, those of your friends may be compromised, and this gives the criminal access to more information about you.
For example, it might be wise to share your holiday snaps when you get home, rather than advertise the fact that your house is empty while you’re away.
5: Read your statements and sign up for alerts.
Banks and credit card companies are aware of the threat so pay attention to their warnings. If they provide the facility to notify you of changes to your account then accept the notifications and read them.
Check your bank statements and credit rating for unusual activity. If you see something suspicious then contact the relevant company or bank and ask to speak to their fraud department.
6: Secure your network.
Change your broadband router’s admin password to something cryptic and store it in your password manager. Follow the instructions and ensure your WiFi network’s security settings are the strongest they can be.
For small businesses, it’s a good idea to change your WiFi password regularly in case the current one has become compromised.
7: Audit your devices and backup important data.
Take the time to audit your router and home or business network each month or so. Once you’ve done this a couple of times it’s quick and easy. Check which devices have attached to your network and remove or block anything you don’t recognise.
Backup essential data into an external hard drive or some other form of storage that you can access if the worst happens. Disaster recovery plans are not just for businesses. So much of our personal data at home is now stored in electronic files that it could prove very problematic if they were suddenly lost or stolen.
Follow these guidelines and you’ll lower the risk greatly, but the most useful thing you can do is to educate yourself, your family, and your staff. Vigilance and awareness of the changing nature of the threat will mitigate most risks.
If you are the victim of cyber crime of any kind then report it and seek help. There’s no shame attached and no need to suffer in silence. Contact the Police and other agencies for more details of the support that is available.