There is no doubt that the explosion of online services, e-commerce, smartphones and super fast connections have opened up a world of opportunities for people and companies. With great power though, comes great responsibility. The threat of cyber-crime is rising at an alarming rate creating chaos for unprepared companies and major inconvenience for customers. We explore a recent high profile example and some practical solutions for cyber safety and reducing the possibility of a cyber-attack on your business.
Talk Talk hack impact
On 22nd of October, telecommunications company Talk Talk released a statement saying that their website had been hacked. It appears that hackers launched a DDoS (Denial of service attack) aimed at breaking the website. It’s been reported that this attack was a smokescreen for a second attack, aimed at stealing customer data details from the website.
A BBC expert stated that this latest breach came through an “SQL injection attack” that could have easily have been prevented with the correct security in place. It is still unclear exactly what happened or what customer data has been stolen by hackers, but this incident is just one high profile example of a growing number of cyber-attacks on companies large and small. This incident has led to business leaders calling for urgent action and education to tackle this increasing threat for companies. It remains to be seen what long term damage this will do to the brand of a company. Will they get a second chance to improve their cyber security or is the damage done?
What can individuals do to improve their online security?
It’s not just large companies that are affected by online security. Individuals and smaller companies can do a lot to reduce the chance of a security breach. Here are some initial ideas:
- Use strong passwords – use a variety of lowercase, uppercase, numbers, symbols and unfamiliar words
- Understand your privacy settings – read the small print and take note of any changes
- Cash cards – Protect your pin codes and credit cards
- Be wary of spam emails and phishing attacks – these could arrive by email or phone. Think before you click and Google anything that looks suspicious
- Practise “clear desk working” – do not leave important documents, passwords and other secure materials where they can be found
- Use up to date virus software and anti-spyware software
- Keep up to date with latest developments and undertake training. There is a free Introduction to Cyber security MOOC from Futurelearn for example.
Small companies and online security
All of the above apply to all employees and company accounts. In addition, keep your website software and plugins up to date. If you are using website software such as WordPress, make sure you or your web developer keeps it up to date. Choose software and hosting companies based on their reputation for security.
Sarah Green from Xyone Cyber Security work regularly with small companies. She says that “small companies often think that they may not be a target for cyber-attack, when usually the opposite is true. Cyber criminals are getting smarter, and they know where the weak links are. Unfortunately this tends to lie with the smaller organisations who are usually part of a wider supply chain and may be used as the point of entry for a large scale breach. Smaller organisations may have less resource to invest in training and cyber security solutions which presents a real risk, however there is lots of guidance and help to be found online and I would really urge any small business owner to put the basics in place now.”
Will you need a second chance to get online security right or will you take action today? What steps are you taking to protect your company and yourself?