Cyber-attacks on large companies dominate the media headlines, but small businesses can also be targets, especially during a crisis. Statistics show that one in five small businesses fall victim to a cyber attack. Many businesses wait until they are actually compromised before they are motivated to take action, and to actually build some security into their systems.
Entrepreneurs can easily get too busy and overwhelmed by how to successfully protect their business. Recently, we spoke with Catapult member Joel Sierra, founder of Jed’s Tech. He feels that now more than ever, small business owners need to be vigilant of 6 primary things:
1) Beware of Cyber Bad Actors
Be mindful that cyber bad actors, adversaries that attack information systems of businesses, are continuing to ambush everyone with a concerted, organized effort to deviously play on emotions of anxiety, fear and concern centered around the current crisis to steal your money.
2) Confirm an unusual URL
Joel states that 85% of these cyber-attacks are in the form of an email with a link. He wants to remind everyone that Banking Trojans, Ransomware, or Account Compromise happen after we simply click on a bad URL. His advice is don’t click, but double check and validate with the sender you are not sure about over a phone call before responding.
Banking trojans are a specific kind of trojan malware. Once installed onto a client machine, banking trojans use a variety of techniques to create botnets, steal credentials, inject malicious code into browsers, or steal money.
Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website. Ransomware can be devastating to an individual or an organization.
3) Awareness of a Compromised Account.
Many small businesses are having their email account compromised, not only to steal from them directly, but to use their good name and email address to attack a customer, vendor or partner indirectly. Be mindful of strange or unusual emails from someone you trust, their email may have been hacked and the attacker may be reading/replying on behalf of the owner without them knowing.
4) Use Unique Passwords
It is urgent to use a unique alpha numeric 12-15-digit password for each and every account, website or laptop. Do not re-use or recycle passwords. Make use of one of the many free password managers available
Top Three Password Managers:
5) Secure your mobile number
Confirm with your mobile cell phone provider that you have enabled a SIM or account lock with a verification password (make it a unique never before used password). IT Attackers will call and transfer your mobile number so that they can get bank account confirmation texts
6) Install a hardware network firewall
Along with Joel’s top tips, don’t forget the basics. Installing a hardware network firewall is an essential step in securing your business from cyber attacks. A firewall controls which applications can connect to the internet and which ones don’t have that permission. It helps to protect network traffic by incorporating “antivirus software, antispyware, intrusion prevention, device control, application control, and network access control”. We found for you 4 affordable options for your business:
- Fortinet Security Fabric
- Ubiquiti EdgeRouter
Read the comparison of these firewalls in the article.