Cybercriminals have often capitalized on chaos and disfunction. We saw a rise in cyber-crime after the twin towers were hit on 9/11 in 2001, during the recession in 2008, and now, after the COVID-19 pandemic in 2020. When businesses and communities are unprepared for the circumstances at hand, cyber-criminals often use breaking news as an opportunity to entice the public to click on malicious links. Hacker attacks rise drastically under these circumstances.
As a business, it is crucial to prepare for unprecedented events. Within the realm of cyber-security, it is imperative to have a running Disaster Recovery Plan (DRP) and a Business Continuity Plan (BCP). A good DRP prevents a company from data loss and allows for a quicker recovery time on system functionality. The step-by-step plan of a DRP model will allow a business to quickly handle any problematic events, while giving clear direction to anyone involved. The BCP is a risk assessment that is conducted on critical processes to identify options that ensure certain processes can still be maintained at their optimal level. Organizations should also evaluate their own security defenses and see where they might be allowing weak spots in their systems.
Hackers typically accomplish breaches within businesses “by exploiting the same bush-league security weaknesses, such as companies using shared and simple passwords and not requiring multi-factor authentication” (Washingtonpost.com). The weakest link in any company are their employees, and a weak password is the number one way a business gets hacked today. Unique and complex passwords are the first step to a higher defense against cybercrime. Passwords that meet complexity requirements but still resemble common words or phrases, like H@rdP@ssw0rd, can be compromised by a hacker in under three hours. When passwords with complexities are not used, say all lowercase letters, it would only take a hacker 11.9 seconds to compromise the password. If that password is also shared among many employees at the office, more data can be lost to hackers, or encrypted and put up for ransom. A strong password should include upper and lower case letters, numbers, symbols, and should not include dictionary words. The best way to keep all of the unique hard passwords ready for use by the correct person is a password management software like LastPass or Passportal.
Phishing is a form of cybercrime that rose 600% during the COVID-19 pandemic. Phishing is an email, phone call, or text message that poses as a singular person or organization to lure prospective victims to click on malicious links that can infect their network or provide sensitive information including banking/credit card details or passwords. If an uneducated employee clicks a malicious link or divulges passwords to a hacker through phishing, there is potential for an infection or encryption of the entire network. Home networks may not include the same security protocols as office networks if the online infrastructure is not cloud based with backups. When COVID-19 resulted in employees working from home, the rise of phishing attacks grew. Hacker attacks are continuing to grow, which is why it’s extremely important for businesses to have an IT department or outsourced IT support service to maintain defenses against cybercrime.
If technology and cyber security is not your area of expertise, no fear. Responsive Technology Partners has plenty of experts to answer any and all questions. If you would like to have a 10-minute phone call for professional advice and a free assessment of your own network, please call (877) 358-9388 and we can schedule an appointment. For more information on the free network assessment available to those who read this blog post please visit: https://www.responsivetechnologypartners.com/free-assessment/
