Many insurance brokers were checking their emails and feeling a little less secure after the information security presentation by Keith Price, Security Consultant for Allianz Australia.
Price outlined the ways and methods of internet hackers, and the risks we are all unwittingly taking. At the moment, he noted that 55 per cent of all emails are spam infected with malware and Microsoft is a bigger target, as it has 90 per cent of the market.
A list of the most common targets showed that corporate servers were a prime target (48 per cent), followed by a corporation’s own developers (42 per cent), employees (40 per cent) and the company website (36 per cent). Personal accounts were down the list at 26 per cent. The root causes were:
- negligent employees and contractors (48 per cent)
- third party mistakes (41 per cent)
- error in the system (35 per cent)
- don’t know (32 per cent)
- errant hacker attack (27 per cent).
The most worrying of these factors was that 32 per cent still didn’t know how the attack occurred.
Price explained how malware takes about five seconds to install itself after you have clicked on infected link or file. After that, it may take only 10 to 15 minutes for the malware to make its way through your environment and encrypt all your programs and files.
The most concerning part was that once encrypted, not even the hackers could decrypt the information, so there is no point in paying the ‘ransom’, he pointed out.
The best way to protect ourselves is through prevention, and Price gave these tips:
- Install the latest patches – Microsoft releases a patch every second Wednesday of the month. Hackers start writing malware to attack the weaknesses the patch is fixing.
- Upgrade to Windows 10.
- Use a reputable anti-malware provider; freebies won’t protect you. Credible, well-known anti-malware brands, from reputable retailers have the staff to monitor and respond to threats.
- Turn on ‘auto-update’.
- Run full scans every week.
- Change passwords every 90 days. Hackers have access to lists of common passwords.
- Do not use the same passwords for multiple accounts. Use Password Vault apps.
- Use the cloud, for example, OneDrive, Dropbox etc – and test your ability to recover files.
- External drives are commonly used by small business, but hackers can attack them. It’s important to disconnect them when not in use.
- Avoid using public wi-fi. This surprised many but Price said anyone on the network could track key strokes. If you do use it, avoid doing anything personal, banking or shopping.