From Russia, With Love: A story of security.
Aug 09, 2014
Not an overly sexy story, but an important one for everyone living and working in the cloud!
Earlier this week the story broke that 1.2 Billion Passwords and over 4.5 Billion records from 420,000 websites across the globe were hacked. To date, it is the largest online heist and poses a very important question for businesses moving or on the cloud: Am I Protected?
To answer that we have to ask; how did they do it? Using common computers infected with viruses to scan the internet for vulnerable websites. If the user on the infected computer went to a website, the virus probed the site to see if it was hackable, and if it was it gave all the details to the hacker team.
The worst part about the breach is the Russian group used a well-known and easily avoidable SQL Injection attack on the poorly designed sites.
While it isn’t confirmed if financial data is a part of the heist; certainly email addresses and passwords are, along with many other personal details.
So… are you protected?
Most security is only as good as your password, which means we recommend the following;
- Change your password on important sites. Now.
- Make sure your email account password is changed (in a lot of cases your email is your most important online real estate and is linked to all your other online accounts and password reset facilities)
- Don’t Re-Use Passwords: Once your password is out, hackers will try it on other websites as well. If you use the same password on more than one, your whole online world could come crumbling down.
- Create Stronger Passwords: Make it hard for the bad guy, and don’t use your personal information in it, it’s likely they could have those details as well.
- Two Factor Authentication: Some sites like CBA Banking or Mail Chimp, you can turn on Two-Factor authentication meaning you need a text or application to confirm you login or major activity. This is particularly good for your banking or really important online presence.
- Password Manage: If you are like us, you have a hard time remembering everything, and a whole bunch of passwords are just going to get forgotten. https://www.passwordbox.com/ is a really good manager of passwords so that you can keep them all in one place.
- Experts for security: Have an IT company, like our technical team, keep an eye of your systems and work with your software vendors to ensure your software is secure; especially ones that have a public facing presence (i.e. website, etc.).
- STAFF NEED TO CHANGE THEIR PASSWORDS REGULARLY. We can setup your systems to do that automatically.
- Strong Foundation: Secure & Managed IT Platform.
- Protect from within, X-Staff or unhappy Employee: If a staff member is leaving your business, let us know on the day so we can log that account out.
- The Basics: Antivirus and regular maintenance are key to ensuring there is no infection on your computers.
As always, we are here to help; call us on 08 8922 0000 or contact us if you'd like more information on security for your business.
Tropical Business Solutions
Director at Tropical Business Solutions