Posts

Cyber hygiene: The key to your business’s good cyber health

Image
Cyber hygiene: The key to your business’s good cyber health We all know that basic hygiene is a must to lead a healthy life. Did you know that the same rule applies to IT as well? There’s something known as cyber hygiene that plays a key role in keeping your business healthy from the IT perspective. So, how do you ensure your business doesn’t fail when it comes to cyber hygiene? Here are a few tips. Follow industry benchmarks and standards Remember that if an IT practice has gained industry-wide recognition and adoption, it is because it certainly offers some benefits. Protocols like the HTTPS implementation, SSL security certificates, CIS Benchmark, etc., are examples of industry standards that you must follow to maintain good cyber hygiene. Following these standards enhance your cybersecurity quotient and also play a positive role in helping you win your customer’s trust. Stronger IT administration The role of an IT administrator is very critical in any organization. IT administratio...

Free Internet Access? Don’t fall for this one

Image
Free Internet Access? Don’t fall for this one One of the popular internet scams that has been doing the rounds since 2017 is the one about “Free Internet”. This scam seems to resurface and somehow manages to claim quite a few unsuspecting victims. Here’s how they catch you. Ads are created on Google, Facebook, popular search engines and social media platforms advertising free internet hours. The ads look professional and show up on general searches and on social media when surfing. This offers a sense of validity. Once you click on the ad, you will be taken to their website, where you will be asked to perform an action, such as Filling out a form with your Personally Identifiable Information (PII) Sharing your credit card information, and though you will be promised that your card won’t be charged, you may end up signing up for something or subscribing to a service for which your card will be charged later. Sharing a few e...

Online shopping? Watch out for these red flags

Image
Online shopping? Watch out for these red flags Who doesn’t like online shopping? Online shopping has opened up a whole new world to us. Get whatever you want, whenever you want, without wandering from store to store. It doesn’t matter if it is too hot to venture outside or if there’s a blizzard out there, you do your shopping from the comfort of your couch and the stuff at your doorstep. You get great deals, some are better than in-store specials. But, did you know cybercriminals love the concept of online shopping as much as you do. Cybercriminals are exploiting the growing popularity of online shopping to cheat unsuspecting buyers through techniques such as phishing, malware injection, etc. Here are a few tips that may work to keep you safe from being a target of cybercriminals as you shop online. How to determine if the ad or shopping site is genuine? As you browse the web, you will come across various ads targeted at your interests. Businesses engage in ‘Retargeting’ which means t...

DNS Cache poisoning: What every SMB must know

Image
DNS Cache poisoning: What every SMB must know In one of the most common poisoning attacks, the attacker poisons the DNS Cache with the aim of leading visitors to a fake website. In a DNS cache poisoning case, the attacker gains control of the DNS server and then manipulates cache data such that anyone typing the URL of the actual website is redirected to the fake one. This could be a phishing site where the attacker would have carefully laid out a trap to capture the unsuspecting victim’s personal data or secure information. For example, the visitor thinks they are logging into their bank’s website online, but are actually on the attacker’s phishing site, where they enter the login credentials. Protecting yourself against DNS poison attacks Here are some ways to protect yourself and your customers from becoming victims of DNS poison attacks.     As discussed before, one of the most common poisoning attacks is the DNS attacks. Cybercriminals try to corrupt your DNS server using thei...

Protecting yourself against poison attacks

Image
Protecting yourself against poison attacks Data poisoning by way of logic corruption, data manipulation and data injection happen when the attacker finds a way to access your data set. The kind of poison attack varies depending on the level of access the attacker is able to achieve Here’s what you can do to ensure such access is prevented. The data poisoning attacks discussed above adversely affect your IT system’s machine learning capabilities. So, the first logical step would be to invest in a good machine learning malware detection tool. These tools are different from the typical anti-malware tools you get in the market and are specifically designed to prevent machine learning capability poisoning. Always follow general IT security best practices such as- Training your employees to identify spam, phishing attempts, and possible malware attacks Following good password hygiene, which means never sharing passwords and only using passwords th...

Poison Attacks: A quick overview

Image
Poison Attacks: A quick overview Smart technology is everywhere. Not just in our offices, but even in our day-to-day lives with tools like Google Home and Alexa becoming a commonplace. With technology becoming smarter every minute, the risks are increasing by the minute as well. Cybercriminals are finding new ways to corrupt our IT networks to disrupt our businesses, hold our data hostage and even clear our personal bank accounts. Some of the more overt, commonly known acts of cybercrime include hacking, phishing, and ransomware attacks. This blog discusses a lesser-known cybercrime--Poison attacks. What are Poison attacks Poison attacks are attacks on the ability of the system to make smart decisions. Think about this. How do systems make intelligent decisions? Based on the training or data they receive. This data is used to hone the artificial intelligence of the system to help make smart decisions. Poison attacks mess the very base--the training data set. Poison attacks basically sk...

Employee training and Cybersecurity

Image
Employee training & Cybersecurity Employee training will form a big part of the cybersecurity initiative that you will take on as an organization. You need to train your employees to identify and respond correctly to cyberthreats. Here are some employee training best practices that you can make a part of your cybersecurity training program. Create an IT policy handbook Make sure you have a handbook of your IT policy that you share with every new employee, regardless of their position in the company. This IT policy handbook must be provided to everyone--right from the CEO to the newest intern in your organization. Also, ensure this handbook is consistently updated. IT is evolving at great speed and your handbook must keep up Make cybersecurity training a part of your official training initiatives Cybersecurity training should be a part of your corporate training initiatives for all new employees. You can also conduct refresher sessions once in a while to ensure your existing employe...