More than 2 in 5 charities hit by cyber attacks last year!
HQP, your virtual procurement department, has partnered with CT, a leading IT support expert and in partnership with their Managing Director, Ian Snow, we would like to share a Q&A session on how to keep yourself and your Hospice safe from cyber attacks and security threats.
They say that hindsight is a great thing but when it comes to cybersecurity, foresight is crucial. Although attackers are constantly looking for new exploits and strategies to defraud and damage companies, some older threat strategies remain amongst the most frequent threats to a business’ cyber security.
Below, CT have answered some of the most common questions regarding cyber security in the workplace, with details about how to keep yourself and your business safe.
1. I have an email containing a link ordering me to send a payment, what should I do?
This is called Ransomware and the link is a form of malicious software (malware), delivered by email that renders all data inaccessible – essentially locking you out of your device. Attackers typically demand payment to release the files. There has been a growing trend of ‘targeted’ attacks- where criminals identify critical files and systems within an organisation.
So, what do you do if this happens? Disconnecting your device from the network is the first step – this can reduce the number of files lost. Contact an IT expert who can investigate how and why the attack happened. Once this has been determined, ensure good malware protection software is installed and regularly carry out data backups to prevent future attacks.
2. I often receive suspicious emails asking me to send sensitive data. How do I spot these from regular emails?
It can be hard to spot an attack as phishing emails/ messages often look completely convincing.
Phishing – a term meaning to ‘fish’ for passwords and financial data – has become one of the most common methods of cyber-attack. Scammers tend to pose as a trustworthy business or service such as a bank, in order to gain sensitive information from victims. The point of vulnerability here isn’t in the computer systems – it’s human, which is why it’s important for businesses to have regular training sessions for all staff.
If you do receive a suspicious email, don’t respond, and take immediate action. You or your IT support should run anti-virus software on the device, change all passwords for accounts that use the password captured by the hacker and contact the company or person that was impersonated. To prevent phishing, be suspicious of unexpected emails, keep spam filters turned on and check them regularly.
3. What does a Firewall do and why do I need it?
A Firewall will detect APT (Advanced Persistent Threats) as quickly as possible, however even if your network is infiltrated, the firewall will take all affected systems offline and restore them from a clean backup.
APTs are a sophisticated form of cyber-attack where a hacker enters a system network and remains there for a period of time – undetected. They do not inflict any damage to systems, instead quietly stealing financial and security information. APTs are serious and hard to detect but there are ways to protect against them, installing a Firewall is crucial and will block unauthorised access to your systems.
4. I’m experiencing a lot of strange emails, pop up ads and software downloads, what could this mean?
This type of activity could be a sign that a botnet has accessed your entire network through one device. A botnet- short for ‘robot network’ is effectively a network of robots. Botnets are collectoins of internet-connected devices that have been compromised by an attacker. They are used to initiate attacks on websites, steal private information and deploy malware.
All devices connected to the internet are vulnerable to attack from botnets but taking some precautionary measures can help keep them at bay. Keep software updated, avoid suspicious links and downloads from file sharing networks and look for antivirus protection that covers all your devices.
5. How can I protect myself from cyber-attacks?
Every business is susceptible to a cyber-attack no matter the size of the organisation. Not only is having a backup and disaster recovery plan crucial in protecting your business in the event of a cyber attack, so is training your team as most attacks arise from human error.
This is best managed by an IT support specialist which can constantly monitor for threats and remain up to date with the latest methods being used by hackers.