These 5 ways to protect against cyber attacks will educate any company or person on this crucial topic. There are thousands of attempted cyber attacks every day; most are thwarted, but many are successful. Flaws in operating systems and software, and human behaviour are both big factors when considering potential attack vectors. It is important to understand the risks that we’re all vulnerable to and learn how to implement mitigation mechanisms.
Virus and Malware Protection
Microsoft Windows and Apple macOS both include virus protection out of the box which provides extensive protection against cyber attacks. These are good offerings and work great for home environments, but often fall short when protecting business endpoints. Cambridge Support recommend implementing a suitable AntiVirus product for organisation-owned devices to provide business-grade protection against cyber attacks.
Third-party AntiVirus products build on integrated security by providing protections against various threats. These can be zero-day attacks, potentially unwanted applications (PUAs), ransomware or crypto-attacks, worms, trojans, and many other types of threat based on signatures and running behaviour differences. Cambridge Support can offer advice on selecting a suitable anti-virus to deploy in your organisation. Simply contact us now, we’d be more than happy to help.
Implement Strong Passwords
Although this seems obvious, we still observe many IT users who use weak passwords. This can be for their accounts, and oftentimes these people recycle the same password for many services. Weak password policy greatly increases the risk of cyber attacks. Therefore, this becomes an easy target for phishing or impersonation attempts.
It has often been advised that people should use complex passwords. This can be a mixture of upper and lower-case characters, special characters, and numbers. It is typically recommended that a password is at least 8 characters long. The problem is that unless a password manager is used, it may be difficult to create unique passwords for each service used. In addition, even more difficult to remember them, resulting in passwords being written down.
Cambridge Support recommend utilising a password manager to store passwords for each of the services that you use. Password managers typically allow you to generate random and unique passwords. This helps meet the complex requirements and will securely save them. You can then refer to the password manager when needed.
It is also reasonable to expect that some passwords cannot be stored in a password manager. If such a situation exists, it is recommended that you use long, sentence-based passwords. You may still be required to include an upper-case character, a number, or a special character. However, the sentence-based passwords are much easier for the human mind to remember. The increased length makes it harder for potential malicious actors to breach the account. Having something memorable reduces the likelihood that it will be written down.
Multi-Factor Authentication
Multi-factor authentication (MFA) introduces another step to the authentication process when accessing an account. This is another means to reduce any cyber attacks. The theory is that it has three pieces of information that are required as conditions for account access:
- Your identity, this is typically your email address or username.
- A password, PIN, or other passphrase associated with the account.
- A physical token that generates a secure code or can receive a notification for authentication approval. This is typically a smartphone or RSA token.
Implementing MFA greatly reduces the risk of phishing and mitigates against compromised accounts. If details are obtained by a malicious actor, they will still not be able to access the account without physically having the MFA device.
Public Wi-Fi and Computers
Public Wi-Fi is commonplace in the digital age and offers internet connectivity as a great convenience. We have all used it in restaurants, bars, coffee shops, entertainment complexes, supermarkets, etc. Whilst this convenience has its benefits, we advise caution when using these networks. This being that anybody can join them due to their open nature which presents another cyber security threat.
We are glad to say that Microsoft Windows 10 does include protection on public Wi-Fi networks by default. It will greatly restrict Windows Firewall to protect against potential threats. However, this is not full proof and does not account for exposed and unpatched vulnerabilities. It is advisable to avoid online banking and shopping when connected to a public network. We would also advise avoiding signing into any accounts.
Publicly accessible computers offered by libraries and internet cafes should also be treated with caution. In the modern age where most people access online banking and social media accounts on a smartphone, reliance on public computers is reducing. However, they are still a target for cyber attacks. Therefore, public computers should be approached in like manner as public Wi-Fi networks.
Keep Everything Updated
Updates are an imperative protection layer against potential cyber attacks. Viruses and malware typically exploit unearthed flaws in software or operating systems to execute their payload. Whilst having a fit-for-purpose antivirus product helps to protect against these threats, some occasionally slip through the net.
Software and operating system vendors, like Microsoft, have dedicated security teams. These teams research and develop patches against flaws which malware and viruses can exploit. Once the patches are available, they are distributed as updates. It is critical that any endpoint has the most recent available updates installed. This ensures it is fully patched against all known exploits.
Microsoft Windows automatically searches for and applies updates whenever they are available, as does Apple macOS. The two primary mobile operating systems, iOS and Android also have automated update features available. We greatly encourage clients to ensure these are enabled to best protect your devices. Our blog on why Windows updates are so important will broaden your understanding on this topic.
How Cambridge Support Can Help Fight Cyber Attacks
Cambridge Support can provide advice and guidance on deploying protections relating to all of the topics mentioned in this article. We have extensive experience in MFA enrolment, patching procedures, Anti-Virus deployment, and many other security focused services. We would be happy to review your cyber security and determine if there are any areas for improvement.
Cambridge Support also offer Cyber Essentials and Cyber Essentials Plus guidance. This is a government initiative to validate cyber security in business settings. It grants a certificate to display to your clients and customers to show that you are compliant.
If you have any questions about cyber security, we would love to hear them and will be more than happy to discuss. To find out more, please contact us on 01223 921 000, or email us at ask@cambridgesupport.com.