Today’s blog is about Cyber Security in your business. I’ve condensed into an article and a checklist (skip to Download Atcom’s Checklist for Cyber Security and Breach Prevention) what I think is important for you to know right now. Cyber Security is about the security of data, information, systems and technology. It includes theft, damage, misdirection, interruption and globally costs business billions of dollars and hours and hours of time and stress. We will talk about how it affects you personally, in business and globally, why it is happening right now and what you can do.
- More than one Security Breach has already affected you.
- Global technology involved in cyber security
- Why is this happening?
- What can you do?
There is nothing I can tell you to give you 100% assurance that you will never have a cyber breach. Hackers are opportunistic folk. They think outside the box. They are an international think tank circumventing and busting every prevention and protection implemented. It is easy for them because they know that the majority of people don’t care appropriately about cyber security. We delay the upfront cost of prevention until something provokes a reaction. We throw money at a solution after the fact. Ransomware is not a surprise. In contrast, most hackers act proactively, plan disruption, exploitation. A hacker’s motivation may simply be ‘because we can’ or ‘because we want you to fix your vulnerabilities’ or ‘because we have something to prove’.
The other reality is that most security breaches do not require hacking or hackers of any kind. Many people leave security holes on their devices, reuse passwords, and do not have any proactive preventions in place. Important to know: the latest trend is showing that hackers do not care about the ransom anymore!
A security breach has targeted you
So, do you have a Linked In account? What about Adobe, mySpace, Playstation, Tumblr accounts? Congratulations, your email address and password have been bought and sold many times over and then collated with other personal data and bought and sold again for a couple more dollars. Text files, each with a million username and password combos are for sale for around $20, files with usernames, passwords, date of birth, IP address, physical address sell for a little more. Hackers have created algorithms that enter your username and passwords into websites to add more website credentials to these lists because they know that most people have poor password hygiene. Most people reuse the same password for every internet site, software and computer that they need to access. [Go to Atcom’s Checklist for Cyber Security and Breach Prevention to check your credentials.]
We hear over again what a cyber security breach means…
People* obtain your details and can legitimately log into your accounts. Maybe it’s your bank account – they can transfer whatever they want, maybe it’s your email or Dropbox or iCloud backups, or they can remotely log into your laptop, computer, phone, watch, Fitbit or smart fridge. Perhaps they can collect 100 points of ID and take over your identity. They could impersonate your business and make legitimate transactions. Maybe insurance companies or police can use it to find more about you. Anyone can search for your Medicare data now and make fraudulent claims. These possibilities are at a personal level; maybe it is more serious than this. Cyber security affects businesses in another way.
*(we can’t call them hackers because they haven’t hacked anything. People have paid a couple of dollars to buy your data. You can yourselves, search for user/pass combos in the right place – not saying where but you can find it if you want it – and get personal details for free or for a few dollars.)
Global Technology involved in Cyber Security
Internet of things
IoT is the current “big thing”. The Internet of Things, things that communicate via internet – smart watches, Fitbit’s, pacemakers, GPS, vending machines, cars, smart appliances, Roomba vacuum cleaners, smart homes and buildings, CCTV cameras … 80% of these things do not have encrypted security built into them. There is also no or minimal identity/authentication process.
Unpatched computers, laptops and devices have always been a vulnerability problem. Microsoft and third-party software often release security patches to prevent unsolicited access to your computer. Windows XP, Office 2003, 2007, 2010 and outdated versions of AVG antivirus still occupy too many computers and laptops. Hackers don’t even have to ‘hack’ to get your data.
I would also guess that around 70% of all websites are unpatched. Platforms such as WordPress, Joomla and Drupal have free security plugins readily available. Newly released Web updates notify users. Updates can be automated! The website and the old computers (above) will still function and appear perfectly fine, but, unpatched machines and code are a perfect breeding ground. Malicious software is easily installed and hibernates in the background.
What is Malware? Malware is the shortened word for Malicious Software and includes Viruses, Ransomware, Trojans, Worms, Adware, etc. Malware on everyone’s minds right now is (May 2017) WannaCry, a cryptolocker variant of ransomware. WannaCry swept through so many countries recently and rendered entire organisations useless within a few hours. The spread was prolific due to unpatched servers and machines and poorly configured network protocols. Also, a revamped version of Petya hit Cadbury and TNT in Australia (June 2017), same damage and threat, same prevention measures will block it. This Petya variant, though, was created specifically to cause damage and not to receive a monetary payout.
Botnets and Zombie Networks
Have you all heard about botnets or Zombie networks? Very simply, they are a group of devices that are connected and can be remotely controlled to act collectively and simultaneously to achieve a goal. The user, unaware of installed malware, is also unaware when it is activated. The collective power of these non-powerful devices turned into botnets can potentially be very frightening!
And then a Global cyber security breach
So, what has this got to do with leaked user/passwords, reusing passwords, IoT and unpatched machines and servers? It is easy to install Malware onto these devices all over the world and wait for that ‘payload’ moment to do something. An example? Last October malware installed on IoT devices (Mirai malware) brought down some major websites and Internet connectivity such as Amazon, PayPal, Spotify, Twitter, Facebook, AWS websites, etc. The botnet of IoT devices targeted a DDOS attack (when too many devices attempt to log in or access a node at the same time until it falls over) at the service that catalogues domain names – DYNDNS. Thousands of devices continue to host Mirai Malware.
Why are Cyber Breaches occurring now?
The MNC’s above as well as another 100 plus others have all had their end user data – your data – stolen. Some of the companies had poor internet security or poorly configured firewalls. Others did not encrypt or hash any of the data. They were either unprepared or did not think there would be a problem. Their response was, Oops, sorry! There’s been a breach, change your passwords! There is little to be done after the fact.
Internet of Things producers are starting to implement better security protocols as newer products come on the market. However, botnet malware continues to infect a few hundred thousand breached devices. Many of these devices do not update automatically and require manual restarting to eliminate the malware. I imagine the manufacturers did not even consider the botnet threat or cyber security at the time.
Consumers are reactive and cost conscious, hackers are taking advantage of this.
Consumers are reactive and cost conscious. Manufacturers are not going to pay to fix the security on the existing devices. Multinational Corporation websites are not going to retrieve your stolen credentials. (Note: The EU does have a new regulation effective next year – GDPR – General Data Protection Regulation. GDPR is worth looking into if you collect any personal data from the EU.) Companies are not going to update old business PCs when they are still working “just fine”. People will continue to be lax about passwords and IT security. Most unmanaged Businesses do not have the layers of backup required, let alone one working backup system. It’s human nature to wait until there is proof. But note that the hackers know this, and they are taking advantage of it.
The saying “Hindsight is 20/20” may apply, but the reality is these breaches could have been prevented with proactive security maintenance and systems. The Australian Government is going to manage the next Census much better! The Australian Government now knows there is a backdoor into Medicare data. If the IT focus is that the current system is unsafe, regular testing, preventative measures and ‘filling the holes’ will go a long way [Dez Blanchfield].
A Cyber Security Breach is not an internet security problem – it is a data and information management problem
Not using the internet is not an option, not using cloud services such as Dropbox or O365 isn’t either. Switching to Mac is not the answer, malware exists on Macs as well. A Cyber Security Breach is not an internet security problem – this is a data and information management problem. All the security in the world will not matter if your server credentials are the same as your LinkedIn account or something basic like admin/admin. So best case scenario, what can we, as business owners and consumers do to contribute to our personal and global cyber, the internet, data, information security?
Cyber breaches can affect you personally, your business, our country and our world. These breaches will still occur if you do something or not. The best way to tackle this is to be proactive, protective and considerate of your own and your clients’ information management and data security. Use a password manager with unique passwords, update everything regularly, use a firewall, maintain good antivirus and intrusion detection software.