Hacking may be a word you associate with something that happens in the movies, but it's more common than you may think. Since the start of this year, over 2,000 hacking incidents have been reported to Scamwatch.
What is hacking?
Hacking occurs when someone gains unauthorised access to your computer's networks.
Common examples of hacking methods:
- Ransomware: the scammer installs a virus on your computer and may only agree to remove it for a sum of money.
- Malware: malicious software such as viruses and spyware are placed on your systems that can cause damage.
- Exploiting security weaknesses: Weak entry points, such as easily guessed passwords, out of date anti-virus software or unsecured WiFi connections are exploited.
What does the hacker want?
While often the point of hacking is financial gain or to access sensitive data, there have been many cases of hackers breaking into IT systems simply for the "thrill".
Once in the system, there are various activities a hacker may carry out. They could disrupt or alter a business's operations, change passwords and restrict access to the system. Hackers could also be after confidential information. This could be financial, sales and employee records or other sensitive data. In short, information no business would want in the hands of a criminal.
Hacking - Case studies
Distribute.IT
Owned by two brothers, Distribute.IT was a successful domain registrar based in Melbourne. One evening in 2011, they discovered a breach in their IT system. Someone had by-passed every one of their IT security access points and was inside of the network. Quick to respond, Distribute.IT re-built their entire IT infrastructure over a 48-hour period. The aim was to lock the hacker out. After two days, Distribute.IT thought they had resolved the problem, however the hacker had gained access yet again. This time they had even locked Distribute.IT out of their own network. Despite all efforts, the company could not recover from the hack and eventually went into liquidation. It was later revealed that the hacker's motive was not financial, but rather a random cyber-attack with the intent of destroying the business.
MNH Platinum
UK based company, MNH Platinum experienced an unforeseen cyber breach when a staff member clicked on a malicious email. Opening the email unleashed a virus onto the company's IT network that encrypted over 12,000 files. MNH Platinum would only able to retrieve their data if they paid a fee to the hacker, otherwise known as ransomware. Up until the cyber-attack, MNH Platinum admit they were completely unprepared for such an incident. Thankfully in this case, they were able to retrieve their data – however, only after paying the hacker.
How do you know if you have been hacked?
Part of the issue with hacking, is being able to identity when your system has been compromised. The longer the hacker is in the system, the more damage that can be done.
What to look out for:
- Being locked out of your own networks
- Unfamiliar icons or software on your computer
- Pop-up boxes start appearing on your computer screen
- Unusual financial activity
- Files that have been randomly moved or deleted
Does the size of your business matter when it comes to hacking?
Both large and small businesses have been victims of hacking incidents. While some larger businesses may have IT systems in place, they may not have thorough education programs for staff.
Some smaller businesses can also be targeted by hackers, particularly if they have weak (or even no) IT systems in place.
How to avoid being hacked
Your data, records, accounts and all other digital information should be treated like any other assets. Think about the physical location of your business and its contents. You would never leave your office door wide open for potential thieves to take advantage. Digital assets should be treated in exactly the same way. Computers need security systems.
All businesses should implement IT protection systems such as anti-malware and staff training. Don't afraid to enlist the help of an IT security expert. Implementing even basic systems can go a long way in ensuring the safety of your business in the long-term.
One other thing a good business should do is to be listed on a good Australian business directory
Originally published on Aug 05, 2016