We all use the Internet regularly to communicate with colleagues, share vital information, and carry out our business duties. Think of trying to get through your workday without access to your e-mail, your documents, or your spreadsheets.
Nevertheless, that same Internet we depend upon is viewed by cyber criminals as a pathway into your company – one that allows them to locate and steal your valuable business, customer, and partner information.
More recently, cyber criminals are using the Internet to get into your computers, install malware that encrypts your data so you can't access it, and hold your business information ransom. One of the latest of these so-called #ransomware attacks, dubbed #WannaCry, is currently making news around the world.
IMPORTANT WannaCry ransomware targets computers running unpatched versions of Microsoft Windows. To be safe from WannaCry ransomware, read Microsoft's detailed instructions for protecting your computer.
It's easy to get caught up in the media-incited panic of the WannaCry ransomware infection. However, there will be more attacks like this one in the future. Panic often leads to emotional rather than logical decisions—and that's exactly what ransomware hackers want. Smart businesses that think strategically can do two things right now to protect themselves against all types of cyber attacks:
- Resist the urge to buy more cyber-security software: Vendors will always tell you to buy and deploy their specific cyber-security solution in order to be safe. Thoughts of businesses rushing to buy protect against ransomware certainly made investors rush into security stocks these past few days.
- Implement common-sense protections that are proven to work: Depending on your business, there are cases where a specific type of new
cyber-security solution will make sense. But for most businesses, it most likely will not be necessary.
Here are 7 common-sense actions that you can take today that WILL NOT require a lot of additional spending. These actions have been recommended by the Department of Homeland Security and WILL increase the ability of your business to better defend against cyber-attacks:
- DO download and apply security "patches" for all of your software regularly. Enable automatic updates when possible so you don't forget to update
- DO make your passwords complex by using combinations of letters, numbers, and symbols
- DO make electronic and physical back-ups or copies of all your important work. This is the single most important (and easiest to do) task to protect yourself from ransomware, and hard disk failure, and computer failure, and losing your computer, and having your computer stolen, and… (you get the idea)
- DO update your anti-virus software daily (it should be able to do this automatically). If you don't have an anti-virus, use whatever came with your
computer (e.g. Windows Defender is available
at no additional charge for most versions of Microsoft Windows)
- DO NOT open emails, links, or attachments from strangers – especially if the email demands urgent action from you. Stop and think, that email could be a “phishing” email from a cyber attacker
- DO NOT give any of your usernames, passwords, or other computer/ website access codes to anyone else. Never e-mail your credentials to anyone and never give them out of someone over the phone (no matter how urgent that person says it is)
- DO NOT check your e-mail or access the Internet from a computer account that has administrator privileges
In future blog posts, I will detail how these steps protect you.
In the meantime, contact firstname.lastname@example.org for more information on how to better protect your business and ensure you are implementing essential best practices.