SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Not long now: Cyber attacks to target local businesses
Wed, 27th Jul 2016
FYI, this story is more than a year old

Cyber attacks are on the rise and it won't be long before local businesses are targeted.

That was the dire warning from a report published last week from security software firm Symantec.

Echoing these warnings is Rob McEwan, Staples Rodway Taranaki IT director, who says no matter what type of business you're in, security within your IT system is crucial to maintain your reputation and avoid any major information breaches within your organisation.

Symantec reported that criminals were increasingly targeting businesses and other organisations through ransomware by exploiting security vulnerabilities in computers. The criminals would then hold the business up for ransom in order to restore their computer files. The level of these ‘fees' has increased dramatically over recent years.

In response to this report and the growing need for New Zealand businesses to improve their cyber security, McEwan is sharing his tips to avoid the potential damage faced by many businesses.

Don't operate your computer as an ‘Administrator'. The number one reason for not running as an administrator is to limit your exposure to malware. As an administrator, every program you run has unlimited access to your computer. If malware is able to take hold through one of those programs it is equally able to access all parts of your computer or potentially your network.

Update your software, patches and updates as soon as they come out. Not just Windows, but all third party products. It is widely recognised that as soon as patches are released hackers reverse engineer the patches to identify the problems that are being addressed. They then immediately set about writing exploit code that will attack un-patched computers. The quicker you can apply patches following their release, the less likely you will be exposed to these hackers. Also keep in mind that it's not just Microsoft patches that need to be applied but patches for all products you have installed on your computer.

Remove software from your computer that you do not need. The rule of thumb is that if you don't need it, it shouldn't be installed. The more applications you can remove from your PC the smaller the footprint for exploitation becomes. As mentioned above all third party applications must be updated to maintain a secure computer. But if you don't need to use the software; removing it means you no longer have to maintain it.

Have a reputable anti-malware (malicious software) solution installed and use its advanced features. We often find people spending a significant amount of money on antivirus software, installing it, but not configuring it to provide the protection that it is capable of. Make sure you have a good quality antivirus solution that has a robust reputation in the market and it has been installed correctly and configured to provide you with the best protection possible against modern malware threats.

Backups. The ultimate protection against a malware infection is your ability to completely restore your system from a backup. As a rule of thumb data should not be considered backed up until there are three copies, two of which are backups of the first, and one of those backups must be off-site.

Staples Rodway's IT department has launched a cost-effective service that businesses can utilise to help avoid any imminent cyber attacks. The process involves a firewall demo unit being installed behind a businesses current firewall for a week in order to create a risk and threat analysis report.

The firewall will collect a set of data which will be analysed to determine the cyber-security risk profile and the recommendations to reduce the risk.