(How many Halloween puns can you spot?)
The last two years have given most of us enough fear to last a lifetime, but don’t let this mean you take your spooky glass eye off the ball. There are always cyber criminals with every trick or treat in the book lurking to try and catch you out! Hopefully our helpful suggestions will come in candy.
Has your password ever been stolen? Would you know if it had?
This time of year is synonymous with ghosts and ghouls. But let’s creep it real, in the realm of cyber security there are some things witch are even more frightening – like stolen passwords!
It’s extremely frightening to imagine your passwords being stolen by cyber criminals. The scary thing is your passwords could have already been compromised without you knowing! If your passwords are present on the dark cobweb, you will definitely have pumpkin to worry about, including fines from authorities, cyber-attacks, and subsequent data breaches. Plus, in a post-GDPR world, it’s more important than ever to protect yourself, your staff, and your customers.
The frightening truth
The frightening truth is that data breaches are incredibly common, and they happen to companies of all sizes. In the last year, many major brands have experienced their own scary security crisis’, including LinkedIn, T-Mobile, and Audi.
In June 2021, professional social networking monster LinkedIn saw data associated with 700 million of its users posted on the dark web. This impacted 90% of their customers, leaving many people across the globe petrified about the security of their personal details. This specific hacker went by the name of “God User” and even boasted to LinkedIn that they were going to sell the details of all LinkedIn users (700 million people!). Whilst this threat didn’t come to fruition, this cyber-attack still put the personal data of millions of people and the reputation of the business at risk.
Significantly, the infamous Colonial Pipeline hack also occurred this year, costing them $4.4 million and disrupting the entire American oil industry, all because of just one compromised password! The Senior Vice President of cyber security firm, Mandiant, confirmed the hackers gained entry through a VPN account that was no longer in use. The right measures hadn’t been taken to close the account down securely and the account’s password had been found lurking on the dark web, giving cyber criminals enough information to hack their entire system. Just how this cyber-attack occurred is shrouded in mystery, but password security was certainly a determining factor in enabling cyber criminals to gain access.
Trick or treat: Create secure passwords to avoid being tricked
In the world of cyber security, when faced with the question, “trick or treat?”, you don’t want to be faced with a nasty trick, whereby a cyber criminal knows your password.
Here are some quick tips for creating secure passwords:
- Only use unpredictable passwords that in no way represent recognisable words
- Use a combination of upper case, lower case, numbers, and symbols
- Avoid using some of the most hacked passwords – find out what they are here
- Don’t reuse the same password across multiple accounts
- Here’s an example of a secure password: 8Eu!GX03_F7
The friendly ghosts
So how can you protect your passwords from the threat of cyber criminals?
A multi-layered cyber security strategy is key. At Netstar, we can help you implement comprehensive cyber security measures to protect your businesses. However, here are our top four friendly ghosts that we recommend to keep your passwords safe.
1. A password manager
You may zombie thinking, if I use the tips above to create my passwords, how am I ever going to remember them all?!
That’s where a password manager comes in. A password manager is an online tool that securely stores your login information for all the different online accounts you have. The data in your password manager is en-crypt-ed, meaning it cannot be accessed by unauthorised villains.
Once you’ve set up your account with a password manager, you’ll be able to login to all your other accounts automatically, without needing to remember each individual password. This enables you to create long complex passwords without worrying about forgetting them.
2. Dark web monitoring
As mentioned, your login credentials could already be available on the dark web without you knowing. Once login details are on the dark web, they can be sold to cyber criminals who can use them maliciously to launch a cyber-attack. But don’t worry, there’s an easy way to check if your personal details have been exposed: dark web monitoring.
Dark web monitoring will continually search the dark web, on the lookout for any of your personal details. If it does detect anything suspicious, it will alert you immediately. Your IT partner can then help and advise you on how to remediate risk and prevent a cyber-attack.
3. Multi-factor authentication
Multi-factor authentication is a fa-boo-lous way to add an extra layer of protection to your passwords. This means that, even if cyber criminals do obtain your login details, they cannot login to your accounts without another means of verification.
Additional verification methods include, accepting a nudge via a mobile app or inputting a code delivered via SMS. This helps confirm that the person logging into an account is the person they say they are, blocking out scary cyber criminals.
4. Cyber security awareness training
Cyber criminals target businesses of all sizes. They know that the biggest weakness in a business is often the naivety of its employees. If your team can’t easily identify a security risk, they could end up putting your passwords, sensitive data, and business at risk.
Cyber security awareness training includes a series of interactive videos and assessments to teach employees about how to identify and combat security risks. The videos are short and concise, so don’t take significant time out of their day-to-day responsibilities, whilst enhancing their security knowledge.
According to Pensar, security-related risks are reduced by 70% when businesses invest in cyber security training and awareness. Educated staff are therefore key to protecting your business and minimising data breaches.
We hope you’ll be dressing up, trick or treating, and having a fang-tastic time this Halloween, without having to worry about the impact of compromised passwords. But, if you don’t have the above security measures in place, you may have more to worry about than running out of Halloween sweets.
If you’re a Netstar client, contact your Business Technology Advisor now to discuss password security and how we can help you maximise your protection.
Likewise, if you’re new to Netstar, you can contact us today to learn more about our security solutions and how we can help you combat scary cyber criminals!
Witch-ing you all a spook-tacular Halloween!
Ps: we have a few more vampire puns, but they all suck.