This week, nationally, it is Stay Smart Online Week (9-13 October 2017). Protecting yourself and your business has never been more important so we asked REA Group’s head security coach Craig Templeton to join us for a series of videos about how you can protect your personal and business assets from cyber-criminals.
It’s important to focus on what are the most likely things that you may encounter. At the moment it seems to be things like Ransom Ware, which is where you might get an email inviting you to click on a link or visit a website. But then downloads a piece of software onto your computer, which then encrypts it and locks all the data. Effectively you’ll get something like a ransom note on the screen to say, “If you ever want to see your data alive again please send bitcoins to this address.”
Think very carefully before you pay. You effectively have no idea if they’re even going to unlock your data. So even if you pay up your software might be broken. So you mightn’t get your data back anyway. Or they might just come back for more.
I’m certainly not going to recommend one way or the other what you should and you shouldn’t do. Cause everybody’s circumstances are obviously individual. But there is strong recommendation from law enforcement, would be never pay ransoms. Having a backup, though, will absolutely save you. So it there’s one thing that you can do to protect yourself against Ransom Ware, apart from not clicking that email, if you do find yourself actually accidentally installing that malicious software having a back up to recover will absolutely 100% kill that dead.
So that’s actually one of the most common things that people are most likely to face these days. That and the email phishing in terms of, sometimes it’s called wire fraud, sometimes it’s called business email compromise. But effectively just an email to say, “Hey, would you do this thing for me?” So there’s no attachment. There’s no link to weird website. It’s simply an instruction, quite often it’s made to look as if it come from the company CEO, or the company CFO. It might come through as an email say, “Hey Craig, it’s Bob here, your CEO, please can you wire $25,000 to this account.” They just send it out to a whole lot of people hoping that eventually get someone who actually has got the authority to do that. If I happen to be in accounts payable, and I can approve such payments then I’ve already got access to all the systems to be able to do that. So, if they can simply trick me then they’ve just bypassed all of the security control.
So, it’s really just having your wits about you. To understand that just as in the real world, in the online world not everyone’s your friend.