As hackers become more sophisticated, businesses and individuals become more vulnerable to attack. Everyone must remain vigilant. Installing security software and firewalls are a start, but they certainly aren’t enough. For one thing, security software only works when it’s used. People who install the software without ever taking the time to schedule regular computer scans defeat the purpose of having the software in the first place.
In 2011, we saw many large enterprises and government agencies come under attack from “hacktivist” groups like Lulz Security and Anonymous. That doesn’t mean that small-business owners and individuals are safe.
As part of an attack on Booz Allen Hamilton, a hacker group revealed the email addresses of 90,000 military personnel, ordinary people who had no reason to expect that they would be targeted by hacktivists. A similar and possibly more damaging attack came at the hands of the hacker group Anonymous when members revealed the email and IP addresses of some of the Family First Association’s newsletter subscribers. They shared the credit card information of a dozen others. The Family First Association drew Anonymous’ fire when it protested the television show “All-American Muslim” and encouraged retailers like Lowe’s to withdraw their sponsorship of the program. Cyber attacks are anything but victimless crimes.
Hackers can access personal data in a number of ways. They can infiltrate company databases and lift customers’ information. If an employee has sensitive company information stored on a laptop or smart phone and it gets lost, whoever recovers it could have access to that information. Hackers also gain access by sending email messages with tainted links or attachments. One way that both businesses and individuals can protect themselves is by encrypting files and/or password protecting them. Encryption is something that all business leaders should consider, especially if they allow their employees to take work home on company laptops, tablets or smart phones.
Beware of malware that masquerades as security software. Many people have probably had popups appear on their computer screens letting them know that their computers contain about a dozen different viruses, worms and other threats. Don’t believe it. Clicking on the link to have the threats removed could start the installation of real malware. Although this particular ruse has begun to abate, authorities recommend that people remain on guard. Sadly, sometimes people have to be on guard even against people they know.
Spoofing the email address of someone’s friend or colleague is another way that hackers can get an unsuspecting individual to open malicious email. Sometimes, the friends’ or colleagues’ email accounts are hacked and the attackers go through their address books. Either way, be careful about opening emails from friends or colleagues if the subject line is left blank or if it has something incendiary like “Did you see what someone said about you on Twitter?” That should raise an immediate red flag.
Neither small-business owners nor average individuals should ever allow themselves to believe that only big businesses and government agencies have to worry about hackers. Cyber criminals don’t discriminate. We’re all fair game.