By Marc Arbesman, ThrottleNet, Inc.
Computer hacking, hackers, and the unfortunate "hackees" have been a hot topic of late.
First it was the Chinese who were thought to employ an army of hackers to penetrate government infrastructure and the Fortune 500 companies.
Cybersecurity firm Mandiant reported that these hackers were looking to gain access to broad categories of intellectual property, including technology blueprints, proprietary manufacturing processes, test results, business plans, pricing documents, partnership agreements, and emails and contact lists from the leadership of various organizations. The Chinese Government has publicly denied any involvement.
Then a new report surfaced claiming that hackers targeted dozens of computer systems at government agencies across Europe. This was brought about by a recently discovered security flaw in Adobe Systems Inc.'s software.
The report said the targets are believed to include government computers in the Czech Republic, Ireland, Portugal and Romania. A think tank in the United States was also believed to be targeted by the malicious software.
Even companies like Apple indicated their platforms could be susceptible to attacks. They issued a patch recently to fix a flaw in Java Runtime to prevent future problems.
This leads to the question every business owner large and small needs to consider...
"Could my business be hacked, and how I could prevent it from happening?"
The reality is that any business unaware of a potential threat could easily be a victim of a hacking breach.
How? Through a most common technique used by hackers called "Spear Phishing". This is where a hacker will glean names and information about your company from public records which can be easily accessed over the Internet.
When you become targeted a hacker then signs up for a dummy email account. This can be named after your CEO, boss, CFO and/or a fellow worker, sometimes all. Emails then begin to flow from these accounts with language that would be common in the workplace.
The dummy account appears to come from your boss with a different email address. For example if your colleagues are used to seeing email with a person's name followed by the company but instead gets one with a dot Google or dot yahoo after the name then they should pause before opening it.
Instead of opening the email one should contact the sender and ask them if they are using a new account.
Dummy accounts also appear from other sources like credit card companies, PayPal and others. They might say account disabled or something similar. A harmless looking word document or spreadsheet can be included with the emails which can actually contain malicious code.
Verifying the source is a good first step to prevent a hacking attack.
In addition your firm should undergo a security audit. The audit can indicate your readiness to withstand an attack. It can indicate if your anti-virus software is up to date, if a firewall makes sense for your business and should you be employing anti-spyware software.
Software can lose its effectiveness over time as hackers introduce new malicious programs. Therefore it is important to not only install the latest anti-virus software but to make sure it is updated regularly.
Taking preventative measures and understanding all potential threats is a sound strategy to help protect your key information. An IT professional or Virtual CIO can help you start the process to ensure your workplace is safe and secure.
Marc Arbesman is a founder and CIO of ThrottleNet, Inc. ThrottleNet offers an array of technology services and products to help business owners achieve their corporate goals, while reducing overhead. This is accomplished through outsourced Managed Network Services which helps companies improve their technology uptime and IT capabilities while, at the same time, reducing costs. The firm offers custom software development and mobile applications to help companies accelerate their business growth. For additional information contact ThrottleNet online at http://www.throttlenet.com or call 866-826-5966