Five things every company should know about cybersecurity
After the biggest ransomware cyberattack Wannacry had took place in May 2017 world was again hit by the second massive cyberattack: Petya Attack. The Petya virus is a ramsomware that encrypts MBR (Master Boot Record) files that store location and size information of all files on the computer.
This encryption completely prevents access to the file and the hacked person / organization can't open the encrypted files. If the specified amount is not paid, the hackers say that will be destroyed or sold.
Let's remember again what happened with Petya cyber attack!
Petya ransomware began with hacking the system of an Ukrainian Company while they are updating their financing app. The virus that started spreading to Europe and then to the US after Ukraine and Russia, many small and big companies have trouble geting into their databases. Petya cyber attack sabotaged the operational activities of many big and small companies, including Maersk and TNT. These cyber attacks, particularly that made large corporations unable to handle their international trading abilities, have caused huge losses for companies like Maersk and TNT. The cyber attack has neutralized Maersk's booking service and corporate databases. Many ports belonging to Maersk had become unable to work. It's been a month since the date of the cyber attack, However the effects are still not completely eliminated.
If you want, you can read the "Maersk Still Feeling Effects Of Cyber Attack".
All the facilities of the digital age are disappearing and people are experiencing the stone age again.
In the beginning, these cyber attacks made with a sense of action and self-satisfaction, unfortunately it is a profitable bonanza and becomes a sector quickly now. As the ransom obtained from the cyber attacks increases, the new cyber attacks are fired and it is obvious that this type of cyber attacks will be repeated over and over again.
How are we going to provide cyber security? What should we do for our cyber security? What should we avoid using ? What should we pay attention to what should we careful about ?
Let's review and highlight the proper responies to the above questions.
1)Not use the same devices in your business and personal life.
Many company employees use the same device in their work and personal lives, and they enter company's database with personal devices. This increases the risk area rather than keeping the risk in the center, ie, in one place ... and makes your company more vulnerable to cyber attacks. It is very important to warn our employees not to enter their company database with personal devices. All devices connected to company networks must be protected. The failure to set up the necessary safety rules means that cyber criminals can access this information from anywhere. This is something that should not be missed.
2)Be careful when opening email that comes to you!
Think..you are a very big company, you spend thousands of dollars a year on cyber security. But your employee is opening an uncertain e-mail from where it comes is not known and the thousands of dollars you spend on your cyber security are garbage on the fly. We do not want this to happen, do we?
Golden rule, Do not open emails if you don't know where they come from.
If you do have to open such, do not open it without scanning with antivirus program. Let's say you received an email with shrank url contains t.co, bit.ly etc. If you open the mail and click on the link, you will not know what you will come across.. a user has no idea where the link is going, what’s behind that link, or what kind of benevolent or conversely malicious payload is going to load in the default browser. So do not click on the unseen URLs.
3)Backup your files
Backup is one of the most basic and most important aspects of ensuring security. Your backups will always save lives in case you are attacked. Of course, securing your backup area may require you to make additional effort or budget. It's a good idea to take backups on resources that you will have not trouble with restoring while backing up. Otherwise, returning from the backup may take a certain period of time, and various troubles may disrupt your business. The area you have backed up must be an area that is not be physically damaged.
4)Create your cyber security policy!
With the cyber security policy, all the staff should know what to do in case if cyber attack, Screen in detail how this process should be governed.
How to act in the possible ransom negotiation and what kind of privileges will be given? You should prepare plans to respond to such questions.
5)Improve your cyber security systems constantly.
Cyber security is a process that needs to be regularly monitored and constantly updated in order to be effective. Test your developed cyber security systems and prepare the correct reports. So you will be able to determine where the cyber security vulnerability originated. You can easily develop weaker parts in your cyber security.