Today is Safer Internet Day – an annual event dedicated to the importance of cyber security in an increasingly digital world.
For businesses, one of the most difficult and growing challenges they face is protecting against hackers, who are becoming more frequent and severe in their attacks as they develop new and improved ways of circumventing security systems.
Today's attack by an online group calling themselves “cybercaliphate” on the Twitter account of Newsweek highlights this fact – less than an hour ago, the magazine started tweeting images showing documents purportedly leaked from the Defense Cyber Investigations Training Academy (DICTA). The hackers have now been removed from the account.
Similarly, less than two months ago a series of cyber attacks on Sony resulted in some of the company's confidential corporate files being posted online, including employee salaries and social security numbers. The event caused such nervousness among investors that shares fell by 4.56 per cent in value at the time.
But according to Carl Leonard, lead security analyst at cyber protection firm Websense, there are methods companies can adopt to minimise the likelihood that they will fall victim to cybercriminals.
Below are Leonard's recommended “do's” and “don'ts” for businesses entering an era of heightened cyber security risk.
What businesses should do
1. Check the start of the URL before you input data
Ensure that the website of the page starts https:// before you enter any confidential data – this ‘s’, and a padlock at the bottom of the page, means the page is secure.
2. Keep updating the security systems on your computers and phones
Ensure your computer, mobile, laptop operating systems are kept up to date and that your security and anti-virus software is patched with the latest updates. Set those applications to update automatically if you can.
3. Don't just visit websites – check how secure they are first
Be vigilant in ensuring the security of websites that you visit. Tools exist that allow you to check how secure a website is before you visit it.
4. Be careful about opening files
Avoid clicking on any websites or attached files in emails that aren’t from people that you know or trust, or that you weren’t expecting to receive.
What businesses should not do
1. Ignore or postpone security alerts on your computer
Failing to update programmes can be the weakness that helps cybercriminals steal your data. Set those applications to update automatically if you can, as fake update notifications are a method that cybercriminals use to trick you into infecting your machine.
2. Use the same passwords
Don’t use obvious passwords or the same password for every online service that you use. This simply invites cyber criminals to hack into your accounts.
Most online services now ask for a combination of numbers and letters, and often lower and upper case letters when setting your password. The more difficult you can make it for someone to guess your password the better.
3. Store personal information on your computers
This can be an invitation for cybercriminals, as it is very easy for them to access information stored on computers without any added levels of security.