As we are all too aware. Hacking attempts are on the increase and many businesses are suffering because of it.
Statistics show that at least 50% of small businesses who incur downtime with their IT solutions for more than 3 consecutive days in a row file for insolvency within the first 12 months of the downtime happening.
It was only recently that we were delivering a workshop in Liverpool to a group of 19-24-year-olds based on IT and Web Design/development within employment and business.
One of the topics that arose was the reasons why hackers do what they do and how they can achieve their overall goal. A couple of days later – the NHS systems are hacked and we see the answers to the above questions very clearly:
1: Why they do it?
As with all hackers. Their main enjoyment is to bring a business to its knees. Due to the statistics above – many businesses who have their IT / Website solutions compromised only focus on the short-term damage that is caused. However – the long-term damage can be just as catastrophic.
A stop in operations has the ability to end many businesses depending on the industry, current operations and income levels.
Even though the hackers don’t always seek personal financial gain, their monitory gain can be measured by the amount of money they cost the business during the process.
2: How they do it?
There is usually only 2 ways hackers can compromise either your business Website or IT Systems.
- Bad Maintenance:
Our business CMS Websites and IT systems need to be updated regularly with the latest patches provided by the product manufacturer.
If these updates are not completed – then you leave your systems and sensitive client information up for the taking or to be destroyed.
In the case of the latest NHS attack – old operating systems were in place i.e. Windows XP that are no longer supported by Microsoft. The large organisations keep these old legacy OS’s and pay Microsoft a large chunk of cash to keep their support going.
A recent podcast from a hacking expert even said that it’s often not about the money side of things that deter large organisations from upgrading their systems, but more of a lack of knowledge regarding IT and security itself.
If the guys at the top don’t know – then most likely the staff won’t know or even bother to speak about it.
- User Error:
Lack of knowledge amongst staff can result in them clicking a dodgy link or opening a bad attachment via email.
The recent hacking attempts usually see a virus email that is sent to all your email contacts when you click the link within it. Often – the email has been sent from somebody you know because they too have clicked the link and it was sent to their contacts, which can continue for some time.
The hackers have now taken this concept one step further. When the link is clicked or attachment opened – they have the ability to encrypt or lock all of your data on your computer, connected devices and even your main business server if you connect to it to save files in a single folder that everyone has access to.
Once this happens – then there is no going back. Unless you have the encryption keys – you will never be able to unlock the data and all is lost.
The only options available are to pay the hackers ransom of £2000 were in turn – they may never even give the keys you need costing you even more.
The next option is to start again from scratch, which can take a very long time.
3: How to stop or reduce the impact on your business?
Website:
Your website is just like a computer. It needs updates regularly to keep known vulnerabilities patched and safe. Without these vital updates – you are leaving your information open to those that know how to access your site and take it.
As web design specialists – we recommend that you check your website at least once per month to make sure updates are applied or alternatively – allow your web team to take care of this for you for a monthly fee. Money well spent on the long run.
Having a regular backup of your website and database is also just as important.
IT Systems:
As always – having a robust backup solution in place is the main thing to think about. If your files are backed up on a regular basis – then if a disaster were to strike – you simply download the files back to their locations and all is back online saving you hours of downtime.
The other things are to stay up to date with the latest technology. Upgrade your version of Windows before the support expires by Microsoft. Considering that they provide support for all their operating systems for 10 years after release – there really isn’t any excuse to have old systems running within your business environment.
Automatic updates can be enabled on the computers so that the computer downloads and updates the computer for you saving time and effort.