Happy New Year to everyone. Now that 2016 is officially here it means a whole new year for progress as well as a whole new year for those who wish to do harm to try and impede that progress. Here is a little list of a few security risks to keep an eye on during 2016 to ensure your business and technology are safe.
Also heavily referred to as the Internet of Things, this technology has entered every facet of our lives, whether for business or pleasure. From smart watches to smart refrigerators, technology now comes in all shapes and sizes. However, this boom in connected devices doesn’t offer uniform methods to safeguard you from hackers. As mentioned in a previous newsletter, toy makers probably don’t have “safeguarding a doll from hackers” on the forefront of their minds — and your other tech may not have a focus on your security either. Simply put, more gadgets equals more opportunity for hackers to access your information.
At this point, nearly everyone has a smart phone. While it is also a connected device, your phone has the added responsibility of handling lots of sensitive data. A lot of people use their phones for work, and by doing so, might also be sharing sensitive data about their company (for legitimate reasons) which could fall into the hands of a hacker that is targeting phones. Not only that, but personal banking information and other data that is sensitive to the owner of the phone is fair game too.
You may or may not have heard of ransomware, but you should definitely know about it either way. Ransomware is an attack that will encrypt important files in your system, rendering it inaccessible, until you pay the ransom to the hacker (and hope they release the information). Its popularity has increased because it is often easier for a company to pay to get their files back than it is to recover the files when they were not sufficiently prepared.
Phishing is a practice you may have heard of before (no, not fishing) in which a hacker sets up a seemingly legitimate website or email in order to get you to input your private information. Spear phishing is a more refined, targeted version of this. In contrast to phishing, spear phishing goes after high-level executives or anyone with a high security clearance. These hackers know that if they get in at the top levels, they’ll have access to nearly everything else.
You and I both know there are constant vulnerabilities in off-the-shelf software packages and your operating systems. Software companies frequently release patches and newer versions to fix vulnerabilities in the product. However, you need to actually keep on top of these patches and install them if you want them to take effect. HP’s 2015 Cyber Risk Report found that 44% of 2014 breaches came from vulnerabilities that are two to four years old, which goes to show: people don’t keep up with these updates.
In summary, these are only a handful of potential threats and areas to keep an eye on for 2016. Remember to have policies in place for when you have employees using their own devices for work and educate them on the risks so you can help prevent issues with connected devices and phones. Make sure you have a regular and extensive backup routine to defend against ransomware. Make sure your software and systems are up to date on patching to eliminate old vulnerabilities to come back and bite you. Knowledge and education is always on your side when it comes to overall data security and phishing scams. If you ever have questions about any of these risks, give SWK Technologies a call; it only takes a phone call to ensure your network is safeguarded from attacks.