For individuals and businesses alike, it pays to be aware of the latest cyber security risks. Protecting your devices and the data stored upon them should be a priority for any savvy computer user and is essential when navigating the technological landscape. Besides the typical forms of cyber attack such a viruses, malware and phishing, it’s also important to stay on top of the latest trends in cybercrime, and to stop hackers from exploiting vulnerabilities in order to access your devices.
Cyber security experts at Syntax – IT Support highlight the most common of these vulnerabilities and advise on how you can counter them.
Admin account privileges
Any cyber security professional will tell you that restricting account access is a vital first step to take when securing your IT systems and data. Allowing unrestricted access to users is a common mistake and means that their accounts can do more damage to the entire server if compromised. To avoid a potential disaster, first review your current settings – is every user in the network a so-called “superuser”, with full administrative access?
If this is the case, you should work to limit access privileges by giving users control over only the files and software that are needed for them to do their job. Going forward, ensure that new accounts also do not have admin-level access, thereby preventing users from simply creating more privileged accounts in order to access data.
Automated running of scripts
Often, popular web browsers such as Safari are set up to automatically run “safe” scripts, but this has now become a vulnerability that attackers have learned to exploit. The way that cyber criminals can do this is by creating malware that mimics these “safe” pieces of code, thereby tricking the browser into running it without the user’s knowledge or consent. While it’s important to advise users not to visit any untrustworthy sites and put your network at risk, a safer approach is disabling the browser setting that automatically runs these so-called “safe” scripts altogether.
Hidden backdoor programs
Backdoor programs are intentionally created by manufacturers of computers or software, typically designed to allow a computer to be remotely accessed in order to provide diagnostics, configuration or technical support. These programs aren’t a threat on their own, but can become dangerous when exploited by hackers. Anyone with knowledge of a computer system’s backdoor programs is able to access the entire system and any network it’s connected to, putting multiple devices and potentially sensitive data at risk. Because many backdoor attacks are able to prevent detection by discovery tools, protecting against them can be difficult, but by putting firewalls in place, practising network monitoring and using a good anti-malware solution, you can reduce the risk of a breach and should be able to block entry points from all but authorised users.
Mobile malware is becoming an increasingly critical threat, but although we’ve learned to treat the security of our computers seriously, most of us don’t give the same level of consideration to our mobile devices. Cyber criminals are targeting mobile phones and tablets more than ever before, using malware that targets these devices to gain access to our data. Introducing a BYOD policy and providing proper training for employees is a great place to start when it comes to protecting mobile devices, and enhancing your company’s mobile cyber security measures is vital to keep your business protected against mobile threats.