You have probably read numerous stories about the WannaCry cyberattack (also known as WannaCrypt) that shook the world's IT systems recently. Hundreds of thousands of computers were infected across 150 different countries; if you live in the UK, there's a chance you were affected by the chaos that ensued when a number of NHS systems were hit by ransomware.
The WannaCry attack - which is still ongoing at time of writing - has thrust the issue of online security into the spotlight once again, and many business owners are now wondering what they can do to safeguard their own IT systems from future cyberattacks. Here are a few tips:
- Look carefully at emails before clicking a link or opening an attachment. Hackers often impersonate trusted companies (PayPal, Apple, Amazon, etc.) and sometimes even your own colleagues/clients. Before clicking on a link in an email (or opening an attachment), read it carefully - are there any spelling/grammar mistakes that you wouldn't expect the sender to make? Any suspicious statements or incorrect information? Also, look at the sender's actual email address - it's common to see emails from 'Apple' or 'Google' that are really from unaffiliated email addresses (e.g. customerservice@company.xyz) or 'spoof' addresses that are subtly misspelled (e.g. admin@appple.com).
- Hover your mouse over links before clicking them. If there's a hyperlink in a potentially suspicious email, don't click it to find out what it is. Instead, hover your mouse cursor over the link - this should reveal the true destination of the hyperlink. Again, look out for subtle misspellings and unfamiliar domain names, and don't assume that the clickable text is representative of the link's actual destination - just because the link said 'www.amazon.co.uk' doesn't mean it wasn't sneakily linking to something else!
- Implement an information security management system. It can be difficult to ensure good cyber security practices throughout the entirety of a large organisation, and it may therefore be worth implementing an information security management system within your company and seeking ISO 27001 certification. We at NPT Management Systems can assist with this task - contact us now to discuss your requirements.