In the wake of escalating tension with Russia, the national press this week has been warning of a threat of global hacking of computer systems. We thought it would be an appropriate time to remind you that you should always keep your IT security up to date.
You might not be able to do anything about their ability to undermine utility systems, government bodies and major corporations. However, we can all endeavour to make sure that our individual systems are as secure as they can be.
What is happening?
Britain and the United States have warned that Russian cyber-experts have been busy planting themselves on tens of thousands of vulnerable networks and devices. There they can sit undetected, spy on private communication and wait for the command to launch a cyber-attack if instructed to.
They are also able to carry out “spoofing” attacks. Should they wish to, the hacker can intercept messages passing between two people and delete or distort the contents without either party having any idea that it’s happened.
“Once you own the router, you own all the traffic (that flows through the router), to include the ability to harvest credentials, passwords, essentially monitor all traffic,” Rob Joyce, the White House’s out-going cybersecurity co-ordinator said. “It is a tremendous weapon in the hands of an adversary.”
It also means that Russia can launch denial-of-service attacks. That’s where traffic to a given computer network (for example utilities, public services etc) is increased to a point that the system can’t cope and is knocked out.
Exploiting vulnerable computers
It’s worth noting that in many cases there isn’t any hacking taking place. All the usual weaknesses are being exploited by the cyber-experts.
Expired anti-virus software, weak passwords, old hardware and software which is no longer supported by updates all provide easy ways in. It’s the digital equivalent of leaving your back door open and inviting burglars into your house.
Worryingly, it’s not just individuals who are being targeted, but businesses have been infiltrated as hackers also aim to steal intellectual property.
According to The Times, the UK’s National Cyber Security Centre, the US Department of Homeland Security, the FBI and the White House signalled in an unprecedented warning that the extent of the penetration was so deep and widespread that it had given President Putin a ‘tremendous weapon’.
Ciaran Martin, head of the NCSC, part of GCHQ, said in a briefing with US officials “Russia-backed cyber-attacks have directly targeted the UK government and elements of the country’s critical national infrastructure”.
What should I do?
Review your security. Think about what would happen if your system was disabled.
No matter how large or small your business is, the data which you hold digitally will be vital to its operation. From email addresses and copies of previous correspondence to a full, detailed Customer Relationship Management system – we all rely on computers to some extent.
At the smaller end of the scale, ensure that firewalls on your PC and devices are enabled. That way you’re not relying on firewalls in your router.
Do you need help to keep your IT security up to date?
If necessary take advice. Don’t be complacent. You can only do your best, but in the event of a catastrophe, doing your best might just save you from the worst.
Here at Jones Harris we have an extensive network of contacts which can help you with all manner of business issues, including IT security. If you need any help please get in touch and we will put you in contact with someone.
Get the latest updates
Make sure that you’re following our website and sign up for the Jones Harris enewsletter here