Cyber Security Awareness Month

October 13, 2017 by Innovation for Africa - No Comments

Since 2004, the United States and other countries around the world have used this opportunity to educate, providing tools and training to help arm us against the daily threats that go hand-in-hand with the dynamic technology we enjoy in our personal and business lives. Even if you have chosen stronger tools — like Symantec or Sophos —they only stop about 75 percent of malware and infected emails.

Small-business owners often don’t believe they are of interest to hackers, but a Ponemon survey found that in 2016 half of all small- to medium-sized businesses were hacked. Those are businesses with under 100 employees and less than $50 million in annual revenues. Security is not an IT problem. It is a business problem.

Protecting your business against cyberattacks is a good news, bad news proposition. The good news is that almost all business are running some form of malware/anti-virus protection. The bad news is that 53 percent of you are using free tools designed for home, not commercial, use.

The fact is that no technology system can succeed alone. True security is three-pronged: (i) Hardware like firewalls and segmented networks, edge systems with intrusion detection, (ii)  Software such as anti-virus and malware detection, email-filtering systems with learning algorithms and (iii) Humanware, the often neglected but most critical of the three. No amount of technology, regardless of the cost, can protect a business from an authenticated user who clicks, opens, or installs something they shouldn’t.

Cybercrime isn’t slowing down anytime soon. In the 3rd quarter of 2016, cybercriminals were increasingly more ingenious, using innovative technologies and new tools to spread their wares. According to the PandaLabs report, 18 million new malware samples were captured in this quarter alone, an average of 200,000 each day.

According to the Computer Crime and Intellectual Property Section (CCIPS), more than 4,000 ransomware attacks have occurred every day since the beginning of 2016, a 300% increase over 2015, where 1,000 ransomware attacks were seen per day.

Statistics from Cisco’s 2017 Security Report show that it takes an average of 200 days for a company to uncover a hack. Once a company knows, they hire a forensic firm and retain counsel.

It’s true that technology has made life easier. With information literally at our fingertips, we have access to anything we want, which also opens us up to more vulnerabilities. So when a cyber-attack or ransomware hack strikes a start-up, it seems like weeding through the system to clean up invasions can be the most tedious task a company can undertake during a time of immense stress. Most start-ups have a technological component engrained into their business models, whether that’s the product, storage methods or simply housing dozens of computers with sensitive information in an office.

That being said, start-ups can be the most defenceless against sophisticated cyber criminals, especially during initial stages of intense growth. Regardless of size, start-ups should guard themselves against cyber malpractice just as responsibly as the tech departments at Fortune 500 companies. While implementing cyber measures may seem daunting, costly and time-consuming, the value of confidential information getting leaked and potentially ruining the reputation of a company is detrimental compared to the financial expenses associated with investment in cyber protection.

In defence against cyber-attacks, you should always allow operating systems to update whenever updates are released, which typically occurs every few days, update external hard drives and back-ups at least once per week, and check for software updates at least once per month. These updates will keep apps up to speed and running smoothly.

With cyber and digital threats occurring more frequently, start-ups should consider incorporating a cyber insurance policy that acts as an extra layer of protection during vulnerable times. Cyber insurance partners can help mitigate potential financial losses and ensure continuity if a start-up’s network is manipulated, and help founders have better peace of mind.

As hacks, data breaches, and other cyber-enabled crime become increasingly commonplace, this year’s Cyber Security Awareness Month is an important reminder of the need to take steps to protect yourself and your family when using the Internet.

When you’re at work, you’re a target. From personal data to financial information to company secrets, company networks are a gold mine for hackers and fraudsters. One common scam that victimizes companies is Business e-mail compromise, in which a hacker will gain access to a company official’s e-mail to defraud the company or access employees’ private information. Additionally, ransomware, in which hackers will place malware in digital files that demands ransom, is a serious threat to companies and other large organizations. Learn more about cyber hygiene to protect yourself and your employer.

Cyber security goes beyond your computer and phone. Many homes are now filled with Internet-connected devices, such as home security systems, connected baby monitors, smart appliances, and Internet-connected medical devices. All of these devices present opportunities for hackers to spy on you and get your personal information. Using strong passwords and purchasing IOT devices from companies with a good security track record are just a few of the things you can do to protect your family and home. Learn more about IOT devices.

The current cyber threat landscape is increasingly complex, with cyber-attacks becoming far more widespread, sophisticated and more straightforward to execute. In such an environment, organisations face a catch-22 situation: it’s becoming harder to detect hidden threats early, yet early detection is essential to mitigating the loss of confidential and sensitive data – not to mention the damage to a brand’s reputation.

Over the past few years, we’ve seen several high-profile organisations succumb to crippling security breaches. Each incident acts as a reminder that malicious attackers do not discriminate and no organisation is safe, no matter the size or industry. What’s more, it’s become abundantly clear that there will always be cyber-criminals intent on causing harm to businesses and individuals, whether for monetary gain or personal incentive, such as influencing a politically-focused event.

Ransomware, the latest cyber security threat, is defined as a type of malicious software designed to block access to a computer system until a sum of money is paid. Examples of popular ransomware attacks include Crypto Locker, Crypto Wall, Locky, and Crysis. Ransomware attacks have accrued tens of millions of dollars over the past few years, with the average payment coming in at $1,077 per device (up $294 from 2016).

An example message you may see pop up on your screen includes, “Unfortunately, the files on this computer have been encrypted. You have 96 hours to submit payment to receive the encryption key, otherwise your files will be permanently destroyed.”

You can get ransomware through e-mail, spamming you with a malicious attachment or instruct you to click on a link. Yahoo email accounts are very susceptible, visiting websites you know and trust as many sites out there are infected by malware and when hackers embed malware within an advertisement on a website.

We have to be vigilant when using the internet as hackers are always devising new ways of gaining access to our files and attempting to infect systems with malware. We should become more wary of websites and downloads that are not trusted and reliable as we will become susceptible to phishing and malware.

@nelson.madzima