In recent weeks, hackers have taken hundreds of thousands of computers captive through the WannaCry ransom attack.
What is a ransom attack? Using this type of attack, hackers lock down a computer’s data and hold it hostage until the victim of the attack agrees to pay a ransom.
The implications are far from benign, and could indeed be life-threatening. Hospitals in the UK were particularly hard-hit, and without access to records were forced to turn some patients away.
On the heels of WannaCry, news broke that thieves dumped database with 560 million passwords on the Internet. Many of the records were compiled from previous hacks, including LinkedIn, Dropbox, MySpace and Tumblr.
The password dump poses a significant risk to personal and business data, as many use the same passwords across multiple platforms and services.
Both of these attacks highlight this truth: security extends far beyond the physical space. Increasingly, organizations must be vigilant about protecting themselves and their customers in cyberspace, too.
What can you do to protect yourself and your business? The steps are simple, and you’ve probably heard them before, but it’s worth repeating.
Don’t reuse passwords. Just don’t. Strongly consider purchasing a secure password generator and storage solution. Don’t forget to change passwords regularly, too, and never leave default administrative passwords in place.
Keep connections minimal. Only network and connect to the internet when necessary, and in those circumstances work to minimize exposure and secure connections. Following the DDoS attack that took down Spotify and Twitter last fall, we put together this Q and A with Anthony Tatman, our director of IT.
Keep software updated. Make sure you don’t use pirated versions of software; you’ll miss out on critical updates. When updates and patches are release, update promptly. Hackers rely on software vulnerabilities to worm their way in to systems.
Beware of phishing attacks. Never open emails or documents from sources you don’t recognize. Even if you recognize the source or it seems legitimate, exercise caution. Be aware of uncharacteristic language or strange file extensions.