Ever since lockdowns started, cyber attacks have become even more aggressive. According to an article on CNBC, large-scale data breaches increased by 273% in the first quarter of 2020, compared to last year’s numbers.
Among the targeted businesses, it’s the smaller ones that are most at risk. In fact, a post on cybersecurity by HP highlights how 43% of all data breaches target SMBs. After all, SMBs have fewer resources, so their security tends to be a lot weaker.
Some of the most common entry points for breaches include insecure connections, phishing email links, downloadable malware, and more. However, a recent study shows that there are two vulnerabilities that hackers like to exploit the most, simply because they’re the most overlooked: weak passwords and outdated company security systems.
Weak passwords and outdated systems
A few days ago, threat analysis solutions company Positive Technologies released their new Penetration Testing of Corporate Information Systems report. Their findings show that hackers can penetrate a business’ system in less than 30 minutes. They usually made use of two strategies: enter the server via “brute” force through guessing admin passwords or subtlety leave new malware that outdated computers can’t fight off. Either way, the result is a breach that has the potential to not only strip your business of sensitive information, but also lose credibility among your customer base.
Protecting yourself from attacks
They may be the most exploited flaws, but weak passwords and outdated systems can be patched. For example, Forbes’ guide to creating strong passwords notes that it’s just a matter of leaving it in the hands of a reliable password manager. Company-wide password management systems like Passwordstate and Secret Server will generate combinations no human can come up with, usually consisting of random letters, numbers, and symbols. It then stores the information in their system so you don’t have to remember it. If you’re worried about safety, don’t be. Ron Culler, senior director of technology and solutions at ADT Cybersecurity, assures that it’s “far safer than not using one.” Password managers are encrypted. Plus, they have two-factor authentication for good measure.
Meanwhile, it’s important to update your system as soon as there’s a new patch available. Most computers (and programs) will automatically prompt you whenever there’s a new update available. Resist the urge to “remind me later” and spend a few minutes to a couple of hours updating. It’ll set your business back a little, but it’ll bolster your system’s protection against a potential breach. Plus, make sure that every device in your business is installed with antivirus software like Avira and Avast. These are your last line of defense in case malware manages to sneak passed your first wall of defense. Check their prices, coverage, and how long their licenses last to find the best antivirus program for you.
You can have the best defenses in the world, yet still be breached simply because of an easy-to-guess password or an outdated computer. Cyber attacks can come from anywhere, so it’s important to stay vigilant in all aspects of your business.