Top Ways IT Hackers from Get Around Your IT Security
Updated: Apr 16, 2020
How much do you know about IT Hackers? Cyber-crime is at an all-time high and IT hackers are setting their sights on small and medium businesses. They are doing this via Firewall and anti-virus weaknesses in particular in the IT security setup. These IT Hackers know the small and medium businesses who are “low hanging fruit.” Don’t be their next victim! This article reveals the most common ways that hackers get in and how to protect yourself today.
IT Hackers Take Advantage Of Poorly Trained Employees-
The #1 vulnerability for business networks are the employees using them. It’s extremely common for an employee to infect an entire network by opening and clicking a phishing e-mail (that’s an e-mail cleverly designed to look like a legitimate e-mail from a web site or vendor you trust). If they don’t know how to spot infected e-mails or online scams, they could compromise your entire network. IT Hackers are very well aware and well equipped to make the most out of gaps when it comes to poor employee IT security practices.
IT Hackers Exploit Device Usage Outside Of Company Business-
You must maintain an Acceptable Use Policy that outlines how employees are permitted to use company-owned PCs, devices, software, Internet access and e-mail. We strongly recommend putting a policy in place that limits the web sites employees can access with work devices and Internet connectivity.
Further, you have to enforce your policy with content-filtering software and firewalls. We can easily set up permissions and rules that will regulate what web sites your employees access and what they do online during company hours and with company-owned devices, giving certain users more “freedom” than others. Learn more about cyber security awareness training for your employees here.
IT Hackers Take Advantage Of WEAK Password Policies-
Passwords should be at least 8 characters and contain lowercase and uppercase letters, symbols and at least one number. On a cell phone, requiring a password to be entered will go a long way toward preventing a stolen device from being compromised.
Again, this can be ENFORCED by your network administrator so employees don’t get lazy and choose easy-to-guess passwords, putting your organization at risk. At Cinnte, we highly recommend you have strong, enforceable password policies.
They Attack Networks That Are Not Properly Patched With The Latest Security Updates-
New vulnerabilities are frequently found in common software programs you are using, such as Microsoft Office; therefore it’s critical you patch and update your systems frequently. If you’re under a managed IT plan, this can all be automated for you so you don’t have to worry about missing an important update.
They Attack Networks With No Backups Or Simple Single Location Backups-
Simply having a solid, reliable backup can foil some of the most aggressive (and new) ransomware attacks, where a hacker locks up your files and holds them ransom until you pay a fee. If your files are backed up, you don’t have to pay a crook to get them back. A good backup will also protect you against an employee accidentally (or intentionally!) deleting or overwriting files, natural disasters, fire, water damage, hardware failures and a host of other data-erasing disasters. Again, your backups should be AUTOMATED and monitored; the worst time to test your backup is when you desperately need it to work!
They Exploit Networks With Employee Installed Software-
One of the fastest ways cyber-criminals access networks is by duping unsuspecting users to willfully download malicious software by embedding it within downloadable files, games or other “innocent”-looking apps. This can largely be prevented with a good firewall and employee training and monitoring.
They Attack Inadequate Firewalls-
A firewall acts as the front-line defense against hackers blocking everything you haven’t specifically allowed to enter (or leave) your computer network. But all firewalls need monitoring and maintenance, just like all devices on your network. This too should be done by your IT person or company as part of their regular, routine maintenance.
They Attack Your Devices When You’re Off The Office Network-
It’s not uncommon for hackers to set up fake clones of public WiFi access points to try and get you to connect to THEIR WiFi over the legitimate, safe public one being made available to you. Before connecting, check with an employee of the store or location to verify the name of the WiFi they are providing. Next, NEVER access financial, medical or other sensitive data while on public WiFi. Also, don’t shop online and enter your credit card information unless you’re absolutely certain the connection point you’re on is safe and secure.
They Use Phishing E-mails To Fool You Into Thinking That You’re Visiting A Legitimate Web Site-
A phishing e-mail is a bogus e-mail that is carefully designed to look like a legitimate request (or attached file) from a site you trust in an effort to get you to willingly give up your login information to a particular web site or to click and download a virus.
Often these e-mails look 100% legitimate and show up in the form of a PDF (scanned document) or a UPS or Fastway tracking number, bank letter, Facebook alert, bank notification, etc. That’s what makes these so dangerous – they LOOK exactly like a legitimate e-mail.
They Use Social Engineering And Pretend To Be You-
This is a basic 21st century tactic. Hackers pretend to be you to reset your passwords. In 2009, social engineers posed as Coca-Cola’s CEO, persuading an exec to open an e-mail with software that infiltrated the network. In another scenario, hackers pretended to be a popular online blogger and got Apple to reset the author’s iCloud password.
If you want to learn more about how you can ensure your IT security is as strong as it could be and how you can improve this to ensure your data, network and all IT systems are kept safe, you can learn more here, or you can fill out the form here and we would be happy to send one of our Consultants to you to perform a complimentary IT security assessment.
Don’t wait for hackers or other cyber criminals to take advantage of any vulnerabilities in your system. Help your business to be secure & grow by having the best IT security you could possibly have.