Computer security has always been a concern, even more now if you are involved in Cryptocurrency or Investing Online.
The rise in cyber attacks has been directly proportional to the rise in bitcoin. We only have to look at the most recent attacks on exchanges and wallets to know there is a growing concern for Cyber Safety.
Types of Attacks
Malware is a piece of software that usually has to be installed and has harmful effects, such as a virus or Ransomware. Once the Malware is installed it can do anything like keystroke monitoring and sending files to the attacker without your knowledge. Ransomware will encrypt your files and hold files to ‘Ransom’. You may not even know until you are emailed instructions on how to get your files back for a cost.
Dubbed the biggest malware attack in history, WannaCry infected 230,000 computers across 150 countries when it was unleashed in May 2017. How did they do it? Through a security vulnerability in older versions of Windows.
Everyone knows not to open or respond to the Nigerian prince who wants to give you millions, but Phishing has become more and more elaborate. Emails from your bank that look genuine and ask you to verify your information by clicking on a link, or the email from aunt Aggy that asks you to look at the attached PDF. When you click on the link or open the attachment, the malware is downloaded. Clicking on a link will take you to a website that may have a slight variation on the correct website and will capture your credentials.
Date: Late 2016
Impact: Personal information of 57 million Uber users and 600,000 drivers exposed.
Details: The company learned in late 2016 that two hackers were able to get names, email addresses, and mobile phone numbers of 57 users of the Uber app. They also got the driver license numbers of 600,000 Uber drivers. As far as we know, no other data such as credit card or Social Security numbers were stolen. The hackers were able to access Uber’s GitHub account, where they found username and password credentials to Uber’s AWS account. Those credentials should never have been on GitHub.
Here’s the really bad part: It wasn’t until about a year later that Uber made the breach public. What’s worse, they paid the hackers $100,000 to destroy the data with no way to verify that they did, claiming it was a “bug bounty” fee. Uber fired its CSO because of the breach, effectively placing the blame on him.
3.Denial of Service
Denial of service is akin to a traffic jam, Many computers trying to get to the site, resulting in no-one able to access it. This may happen when there is an event or sale, or it may be a dedicated malicious attack where many computers at the same time access the website.
Imagine playing piggy-in-the-middle. You are on one end, the website you are accessing is on the other end, and the hijacker is in the middle. The hijacker will ‘take over’ your session with your intended website, Sometimes acting as the intended website, sometimes just taking all your given information.
How many passwords do you need to remember? and how often do you reuse your passwords? If a website is compromised and attackers have collected the passwords, they could reuse these passwords to try to get into other websites. Passwords should be unique to each website you log into, A combination of letters, numbers and special characters with no dictionary word in the password.
Date: May 2014
Impact: 145 million users compromised
Details: The online auction giant reported a cyber attack in May 2014 that it said exposed names, addresses, dates of birth and encrypted passwords of all of its 145 million users. The company said hackers got into the company network using the credentials of three corporate employees, and had complete inside access for 229 days, during which time they were able to make their way to the user database.
The time to really look at your security is now.
Have you got an antivirus software and internet browsing package that safeguards you while you are browsing and transmitting Data?
Ensure your Passwords are strong and secure.
Use a spam filter on your email – Don’t open any unsolicited emails or links. It doesnt matter how valid the emails look, Banks and financial institutions do not send links in emails.
If a supplier changes their bank account, Always ring and confirm. There have been reports of valid emails being compromised and the bank account details being changed.
Monitor your accounts for suspicious transactions. If there is anything suspect, notify your Bank and Service provider.
Have you got a Data Security program? Investing in a good Data Security program could be the best thing you Invest in. The best thing for your business and the best thing for your personal information.