Cyberattacks are forever increasing, and for the time being, that’s something we’ll all need to come to terms with. Because businesses contain a large amount of sensitive data, they naturally, become the primary target of these cybersecurity attacks.
Whether you run a small business or a big one, everyone’s a potential target. A couple years back, Twitter experienced its very own security breach, which proves, even the biggest sites/businesses using the most sophisticated security software, are still vulnerable to attacks. In this case, the Twitter security breach was due to a social engineering attack, which ultimately requires human error to succeed.
In order for you to properly prepare for such attacks, you and your employees must have some understanding of what cybersecurity entails. On top of that, it helps to understand the common mistakes businesses and personal users make. By knowing this, it’ll help you better position yourself against these attacks.
1. No Password Management
One of the leading causes of cyberattacks is due to using weak passwords for your user accounts. Recent studies have shown that, weak passwords account for more than 30% of all ransomware attacks.
Creating and remembering a complex password for every account that you may have, can be rather difficult. However, using simple, weak passwords, opens you up to possible attacks.
In 2018, a large number of Magneto user’s experienced brute force attacks. Research showed, that the main cause of these attacks was due to having predictable, weak passwords.
That’s the main reason why you want to take the necessary precautionary steps, when creating your own passwords. When creating a password, there are several things for you to consider, these are:
- You use a combination of numbers, letters (bother upper and lower case), along with special characters (if supported).
- You change your password every 3 to 6 months.
- Don’t write your password down on paper.
- Use a unique password for every account that you create.
- Enable 2-factor authentication, where possible.
2. Using Both Personal and Business Devices Interchangeably
Many end users, in an attempt to make things more seamless, may opt to use their personal devices, on their business network. Such actions may be something small, like accessing their emails on your mobile phone. Although it makes sense, and ultimately is most convenient, it also opens you up to potential attacks.
In order to minimise this situation, providing each staff member with their own work phone, is most ideal. However, employees must be coached on what they can and cannot do on these work phones. For example, any form of browsing, should be strictly business related. This will minimise the changes of a network breach, due to contracting a virus while surfing the net.
3. Not Updating Your Software
While using your computer, you may receive pop-ups from time to time, notifying you about a specific update. Some updates may request you restart your system. However, because of the obvious inconvenience that that will cause, having to save, and shut your system down, many decide not to update their system altogether.
The reality however, is that these software updates are crucial to the overall security of your system. Despite the obvious delay in running these software updates, the overall benefits make it worth it. Bearing in mind, if your system was to fall victim to a cybercrime, the potential costs in fixing it, far outweigh the amount of time you’d spend waiting for the system to update. So in truth, there’s no reason why you shouldn’t update.
4. Buying Online From Untrusted Sites
A lot of people like to buy on impulse, however, when it comes to the internet, there are other factors for you to consider. No matter how tempted you may be to purchase a product, for best practice purposes, you should refrain from buying things from unknown sites. This is especially the case when navigating websites that do not have all the necessary security measures in place.
The very last thing you want to happen is for cybercriminals to acquire sensitive data on you, such as your bank details or credit card number(s). As this is what will most certainly happen, if you attempt to purchase something from a fake or insecure website!
5. Make Sure Your Payment Method Is Protected
So, as a solution, you want to stick, almost exclusively to the major websites, especially the ones you’ve vetted and have an overall positive experience with. Websites that you can trust, may include sites like Amazon, as such websites have the necessary safety measures in place.
However, if you’re on a new website, that you’re interested in buying from, there are several things for you to consider, before you do:
- Does the website URL have a padlock next to it?
- Does the website URL begin with a HTTPS?
- Is the reputation of the website sound? Does it have a strong presence online?
- Is there any information about the website related to fraud or scams?
- Does the website look professional, and does it provide you with the necessary contact information?
These are some of the questions you need to ask yourself, as they will help you legitimise any website. Despite that fact, there is still an element of risk. So, to be on the safe side, when buying, always opt to use secure payment methods like PayPal, and stick with credit cards, you may also want to check your bank balance, to make sure the right amount of money has left your account.
6. Downloading Without Checking Things First
One common method that hackers use to gain access to networks and devices, is to hide virus files within downloads. Such downloads may come as a download button on a site or as an attachment in an email. There are also pop-up ads, soliciting fake programs.
You should always check the validity of any provider, and take extraordinary measures before and when downloading.
7. Relying Only On Antivirus Software
Any effective antivirus software, will be able to block malware, from your system. However, this is limited to only the malware the developers are aware of. However, the reality is, cybersecurity is forever evolving, with hackers constantly creating new viruses, worms, Trojan horses etc.
Hackers also have a series of ways that they can access your system, illegally. Although, having antivirus software, up-to-date and running on your system, is essential, there are other preventative measures that you should also employ. Such measures may include the use of a firewall, antimalware tool, and offline backups, for data recovery, in the event of a data breach.