Year of the Hack (Again)

2017 can easily be called the year of the hack. From HBO and Equifax, to the Pentagon and the Republican Party, it seems like no organizations were immune to cybersecurity woes this year.

However, the same can be said about 2016.

What gives?

Common sense says that the digital world is moving too fast for consumers and businesses to implement proper security measures. In what amounts to cybersecurity Whack-a-Mole, IT departments have been forced to chase yesterday’s problems while foregoing the dangers their organizations will face in the future. This is further mitigated when C-Level leadership does not invest adequate resources on IT and cybersecurity.

Former White House Cybersecurity Czar Richard A. Clarke perhaps said it best,” If you spend more on coffee than on IT security then you will be hacked. What’s more, you deserve to be hacked.”

The argument can also be made that individuals are failing at incorporating even the most basic IT security elements into their lives. If you were to grab 100 random people on the street and quiz them about the most basic cybersecurity terms there’s a strong likelihood you’ll be met with blank stares and puzzled faces.

Although employees may not be able to individually prevent more sophisticated attacks there are some easy steps they can take to stop three of the more common hacks.

How to Stop Three Common Hacks

1. Phishing. Phishing is one of the easiest ways for hackers to penetrate organizations. A phishing email involves the hacker posing as a legitimate entity (friend, co-worker, business partner) to request access to information, usually passwords or other items they would need to break into a company’s system. These emails can be sent en mass to multiple employees or can be “spear-phishing” attacks that are directed at individuals such as executives or IT personnel. Even though IT teams deploy a host of software to stop inbound malicious emails phishing attacks still occur with shocking regularity. In the past two years they have caused an array of damage at JPMorgan Chase, eBay, Target, Sony Pictures, and the US government. This diverse group or organizations shows than no one is immune. Employees can help prevent these attacks by taking two simple steps. For one, always exercise caution when clicking links. If you have any doubt, don’t click! An easy way to confirm the validity of a link is to hover your mouse over it to see the URL. This should let you determine if it’s legitimate or not. Secondly, always check with the email sender. If you have any suspicions about an email just shoot the sender a separate message to confirm they sent the message.

2. Weak Passwords. One would think that in 2017 everyone would be savvy enough to use strong passwords to protect their accounts. Unfortunately, we still live in a world where the most common passwords are terrible ones such as ‘123456’ and ‘password.’ Even big business is not immune as Facebook CEO Mark Zuckerberg famously used ‘dadada’ last year, and it was discovered during this year’s Equifax breach that the company used ‘admin/admin’ as an employee login for critical online portals. This advice is quite simple; use a strong password! Your password should NOT be a proper noun, name, sequential number, or anything someone could remotely guess. Instead, your password should be a random mix of eight or more letters (lower and upper-case), numbers, and symbols.

3. Password Reuse. Implementing strong passwords is a great first step, but to keep your accounts, both work and personal, safe you must have a unique password for all your accounts. The danger of password reuse is that if one of your accounts is hacked then hackers will have easy access to all of your accounts that have the same password.

This risk is increasingly elevated as the number of accounts we have continues grow. A danger for businesses is that employees come to the workplace and use their personal passwords for work accounts.

The easiest way to ensure you have a unique (and strong) password for all your accounts is to use password management software.

The best way to survive a heart attack is to live a healthy lifestyle so you don’t ever have one. The more risky behaviors you engage in, such as smoking or maintaining poor diet, the higher the likelihood you’ll experience an heart attack.

The same is true for cybersecurity.

Prevention is key.

The better your cybersecurity hygiene the lower the chances you and your organization have of experiencing a catastrophic breach.

---

Ready to experience the benefits of a business password manager? See first-hand how it can help your organization maintain strong passwords and eliminate password reuse.

Over 7,000 businesses worldwide trust Dashlane Business – start your free trial now!