Raising Awareness About Cybersecurity Breaches. How NOT to be the next victim.

cybersecurityThe topic of cybersecurity breaches is trending right now because the volume of attacks affected nearly half of all businesses in the United Kingdom in years past, and by extension, the rest of the world. I can attest that every single website that I manage for clients has experienced numerous brute force or phishing attempts. The UK statistics are according to their government’s cyber security breaches survey.

What is the most common type of breach?

Of those UK companies that identified some type of attack or breach, nearly three fourths were identified as fraudulent emails. I don’t know about you, but my inbox is filled with numerous “fraudulent emails” every single day.

One way to combat these types of emails is via a spam filter, but there are pro’s and con’s to filters. Make the filter too strict and you’ll filter out good emails (false positives). Make the rules too lax and you’ll allow in excessive spam.

Utilizing systems that detect certain keywords like Viagra help somewhat, but spammers have developed counter measures to ensure their fraudulent messages get through.

cyber spamHere’s a couple of things you can do to minimize fraudulent emails:

  • Don’t publish your email online. This only increases the odds that it will be harvested by cybercriminals. Instead, add spaces or otherwise breakup your email address so that’s it’s recognizable but not easily harvested. An example could be something like, “someone at yourcompany.com. “
  • Don’t respond to spam, as they don’t care who you are, only that your email address is valid. I know it’s tempting to click on that unsubscribe link, but don’t do it. First, you don’t know where that link heads, and at the very least, that cybercriminal will then sell your email to other spammers and so on down the line. At the very worst, the link could install malware on your computer that could destroy all of your files or hold them for ransom.

cyber hackViruses and malware account for nearly one-third of cybersecurity breach attempts.

I can’t imagine any computer, laptop or office network not having some type of virus or malware protection, much less a website or server. Let’s say your server is securely locked down, but an FTP account is compromised – maybe you were using a weak password?

I’ve seen sites that had to be completely rebuilt from scratch because of this as the site was accessed fraudulently and phishing files uploaded. When Google catches this, they immediately label those sites as malicious. Trust me, dealing with malware after the fact is a whole lot harder than being proactive and incorporating measures to minimize it from occurring in the first place.

I can’t even begin to convey how many threads I’ve read started on web hosting forums where users lost everything because their sites were hacked, and they had no remote backups, or disaster recovery plans. If your online mission critical data is important to you, secure it ten ways from Sunday. And as an add-on note, RAID is NOT a disaster recovery solution.

Over a fourth of cybersecurity breaches were reported as online impersonations

Brattleboro Reformer published an excellent article about online impersonations, I think the most popular being someone pretending to be an IRS agent. The article stated that, “Growing in sophistication, these “phishing expeditions” often use visual deception to extract personal data used to commit financial and identity theft. The intended victim receives an email containing an alert, a request for verification, or even a threat of legal action.” Don’t fall for these schemes.

Every month or two, I’ll receive a request for web design asking if I’m the owner and will I accept credit cards? Sometimes they’ll include a budget, somewhere around $5000. The rouse is that their developer, who is supplying the graphics for the site can’t accept credit cards, and would I pay them from that credit card charge? Of course, that credit card would bounce and then I’d be out the money I sent to their developer. That scam has been going on for years, which makes me wonder if anyone actually takes them up on their offer? They must, or why would they keep attempting the same scheme?

cyber-securityNearly a fifth of UK firms reported ransomware attacks

Anyone who perpetuates a ransomware attack is a special type of low life cybercriminal. What’s really disturbing is that these guys have zero morals or ethics as its strictly about greed and money. They frequently target hospitals because they’re easy targets, not in terms of network security, but in terms of willingness to pay because their patients’ lives are at stake.

The Saint Louis Public Library system experienced a ransomware attack years ago, but they didn’t pay and instead brought everything back online via remote backups.

Cybersecurity TrainingWhat is the best solution to combat cybercriminals in the office place?

First, set up formal guidelines and initiate cybersecurity training. I find it absolutely astonishing that only one third of businesses reported having any type of cybersecurity policy. This is in spite of the fact that two-thirds of medium and large businesses suffered breaches whereas only 45 percent of small businesses did. Why is that? It’s apathy – it’s the ‘not me’ syndrome. When attacks such as these can potentially stop businesses from conducting day-to-day operations, a line has to be drawn in the sand. Without it, you’re putting relationships with your clients at risk.

Ponder this – nearly one fourth of businesses that experienced some sort of breach temporarily lost their files. One fifth of them suffered either software or system corruption, and one-tenth completely lost all of their files.

ProlimeHost

Brought to you by ProlimeHost

We’ve been in the web hosting industry for over a decade, helping hundreds of clients succeed in what they do best and that’s running their business. We specialize in Virtual Private Servers (VPS) and dedicated servers, with data centers in Los Angeles, Denver & Singapore.

VPS Services: Lightning Fast SSD Virtual Servers

Our Virtual Private Servers all feature high performance Xeon processors and SSD storage in a RAID10 configuration to optimize your server’s performance, which dramatically enhances visitor experiences on your site.

That speed is backed by unparalleled 24/7 support, featuring both outstanding response AND resolution times to maximize your uptime.

Now is the time to join the ProlimeHost virtual private server revolution.

Dedicated Servers: Backed by a 99.9% SLA network uptime guarantee

We only use enterprise-class hardware in our dedicated servers and offer a four (4) hour hardware replacement. Throw in IPMI for remote management, support for public and private networks, free operating system (OS) re-installs, and SATA, SAS & SSD (including NVMe) storage. Call +1 877 477 9454 or email us at Sales@ProlimeHost.com. We’re here to help.

Steve

Leave a Reply

14 − thirteen =