Every computer user must be aware that cyber threats are lying in wait for you as soon as you log on; you could say that it is a truth universally acknowledged.
- You know that passwords need to be unique and strong
- You know not to click on strange attachments on phishing emails
- You know that MFA (multi-factor authentication) makes your logins harder to crack
- So, is there any point in doing cybersecurity training?
It turns out that you could learn a thing or two, and if nothing else, it will serve as a refresher for good practice. It’s also a good reminder that security awareness applies to your whole environment, not just when you are in front of a computer screen.
I had the opportunity to undertake cyber security training recently. Have you heard of these terms which were new to me?
Cloud jacking
This is the act of taking over control of your cloud account. When you consider how many applications you have in the cloud, you soon realise that this has far-reaching consequences.
A common example is infiltrating your email system and sending out phishing emails from your account.
Criminals with access to your authentication texts (by stealing your phone) can authorise payments from your online banking – very scary.
Malvertising
You don’t even have to interact with the hacker. The victim simply visits a popular website and the attacker pops up posing as a legitimate advertiser.
Watering Hole
When you hear the term “watering hole”, does it make you think of a David Attenborough documentary with zebras gathering for a drink? Well, this is pretty much the concept here too.
- The cyber criminals identify a website used by a particular organisation, for example in the health sector.
- They manipulate the site to deliver malware.
- You could become the victim of a “drive by” attack, installing malware without realising it.
- Or you innocently download the malware as it is a trusted site, exposing yourself to remote access trojans.
You can learn more about these attacks on the government website NCSC.gov.uk.
I challenge you to give security awareness training a go! Ask Computer Troubleshooters for a recommendation of a suitable course.
You might just learn something that could save your business!