Cyber incidents are fast moving and increasing in number and severity. When a cyber incident occurs, the attacked enterprise responds with a set of predetermined actions. Get trending information on exploits, and vulnerabilities every week to help your organisation to be better equipped to avoid being victim of cybercrimes. Anglo African brings you the weekly cyber-attack news wrap-up and remedy tips to support your business to defend against hackers.
A newly registered scam website targeting Mac users was making the rounds late last year. Simply visiting the malicious site on an older version of macOS would start creating a series of email drafts, which eventually cause the machine to run out of memory and freeze,” said, MalwareByte’s Jerome Segura.
Based on statistical data gathered by Sucuri from 7,937 compromised websites, WordPress, Joomla, and Magento, in this order, continued to be the most hacked CMS platforms in the third quarter of 2016 (months of July, August, and September).
A new ransomware family made its presence felt today, named Spora, the Russian word for “spore.” This new ransomware’s most notable features are its solid encryption routine, ability to work offline, and a very well put together ransom payment site, which is the most sophisticated we’ve seen from ransomware authors as of yet.
A cache of data including 3.3 million user credentials belonging to Hello Kitty parent company Sanrio surfaced over the weekend. The breach was originally reported in December 2015, but at the time Sanrio denied any data was stolen as part of the breach. The breach was tied to a misconfigured MongoDB installation that was discovered by security researcher Chris Vickery.
With so many records exposed, It is not always possible to prevent a breach, having proper cyber security protocols in place can help reduce the likelihood of a breach and make recovering from a security event much easier, should one occur. Here are tips to help get your business’s cyber security ready for the threats of 2017.
- Ensure employees know safe protocols for social networking sites
It’s easy to forget that the Internet is a public resource, and privacy is not guaranteed, even on social networking sites. If your employees use social networks on company devices (and many do), educating them on safety protocols for social networks is crucial to preserving cyber security. Here are just a few reminders to give your team:
- Always assume that everything you post is public, even if your settings are set to “friends only”. You never know who will share what you post.
- You can’t take anything back once it’s been posted. Even deleting a post won’t necessarily remove all the copies of the information available.
- Don’t post any identifiable information, like your address or daily routines. This goes for business secrets as well.
- Be considerate of the information you post about others.
- Be wary of strangers. You never know the intent of someone you meet online
- Establish cyber security training for all employees
You can’t blame your employees for unsafe cyber security habits if they haven’t been taught how to protect the sensitive information your company retains. Develop protocols for protecting your business’s data so that everyone can be on the same page for cyber security. Establish cyber security training for all new and existing employees. Because knowledge can fade over time, and protocols can change, offering periodic review trainings should also be a priority.
- Add encryption protocols
Encryption has been used since ancient times to code messages that could only be read by authorized parties. Today, encryption technology uses advanced algorithms to make data unreadable except by those with the correct key. Encryption is a must for businesses protecting sensitive information, such as patient records or customer credit card information.
- Keep software and browsers up to date
Vulnerabilities often occur when software and browsers are not updated on a regular basis. Software manufacturers periodically release updates for their programs, which often include security updates. Cyber criminals are always changing their methods for breaching security systems, and software companies are forced to keep up with them, constantly improving on their security measures. Take advantage of these updates, and don’t leave your operating systems, browsers, and anti-virus software vulnerable.
- Use multi-factor authentication technology
Passwords can be compromised, and once they are, it’s easy for criminals to gain access. Multi-factor authentication requires an extra step to log in, whether that means email authentication, or a text message sent to users’ phones. While these protocols often spark protest from employees, they are a great way to ensure an additional layer of security.
- Ensure the security of Wi-Fi networks
Access to your business’s Wi-Fi network is a huge benefit to cyber criminals. Keeping your network safe requires a few extra steps than setting up a home router. Use a firewall, and hide your network name from broadcasting to help protect it. Require a strong password for Wi-Fi access.
Intrusions happen, threats emerge and your security operation needs to be at its peak efficiency. Anglo African solutions can quickly intercept threats and thus help in avoiding data breaches. For more information about cyber security kindly contact Anglo African on 2331636 or by e-mail at contact@infosystems.mu
