The word “cyber” gets thrown around quite a bit as a marketing term but no matter what you call it, cyber attacks are no joke. The threats are real and certainly constant, which is why it’s important to ensure you take steps to protect yourself and your business.
If you have a system connected to the Internet, you need to take steps to protect it.
Just recently (June 2020), the Prime Minister has warned that there’s increased activity and significant cyber attacks currently occurring against a number of government services as well as commercial entities.
What is a Cyber Attack?
To put simply, any attack over the Internet. This can be against your website, against your email, against your servers and infrastructure and/or against your personal devices and computers.
What is a state based actor?
This is someone who is acting on behalf of a foreign government. Due to political sensitivity of naming particular countries, government entities will normally use this as a generic term to avoid diplomatic fall-out.
While knowing the country may seem important, it’s not. There’s nothing unique about any country who initiates an attack, the focus needs to be on the protection against the attacks.
What are they trying to do?
The attack reasons are wide and varied. There’s generally four reasons attacks occur:
Disruption. This can include disruption to your network, your website and/or your email services. If the attack is aimed at causing pain or
Extraction of information. Malicious users may be after your information. If they can extract users from your website, then they can easily target your customers with fake sales, phishing campaigns and similar. This information may also have a commercial value, which means they may seek to sell the information.
Financial Gain. The common one here is if your site is under attack, you’ve been infected by cryptoware or they’ve managed to extract confidential information then they may use this for financial gain. This may be in the form of a ransom they request you pay or if information is extracted has commercial value then it may be sold off to the highest bidder.
If your site is under a DDoS attack, then they may request that you pay a fee for the attack to stop.
Zombie Net. To put simply, they want any website or email they can compromise in order to use it however they please. This could be to send spam, run phishing campaigns, launch DDoS attacks or simply to hack more websites to build their pool of resources for future use.
Again, the focus should be on protection.
Who needs to be worried?
You should be alert, not alarmed. If you’ve taken steps to mitigate the risks, then the likelihood of having an issue will be greatly reduced.
These threats exist 24/7 and while there’s currently some heightened activity, there’s never a time where the threat is ever zero. These current attacks should simply serve as a reminder that you can’t ever forget your security and should serve as an opportunity to review your current protection.
If you’re a government entity or work with large corporations then it may be pertinent to look at increasing your security through greater risk mitigation. This will require a more detailed review of your current security strategies and while well beyond the scope of this document, Conetix can provide general advice in regards to options for your website.
But why would they be interested in my business?
The mistake many make is that they don’t have to worry about security as they’re too small to be a target. While your business or website may not be on their radar to directly target, it’s an absolute guarantee that your website has already been the subject of an attempted breach.
The easiest way to describe this is like a thief trying to steal a car. If they have a key fob which can unlock certain cars, then they’ll walk up and down parking lots until a car unlocks. In this scenario they didn’t target that particular car, but it was simply the one which unlocked first.
Websites with security vulnerabilities (such as out-of-date plugins or code) are exactly like this. Hackers won’t be targeting your site directly, but scouring the Internet looking for the first weakness they can find. If your website has a security vulnerability then it’s highly likely it will be hacked.
What does Conetix do to protect us?
We take the security of our systems very seriously and continue to adjust and evolve our platform constantly to ensure we provide one of Australia’s most secure hosting platforms.
To do this, we use a multilayered security approach. This includes high level protection from dedicated DDoS attack protection upstream to our network through to Intrusion Protection Systems (IPS) within our dedicated, hardware firewalls. This information is also monitored so that anomalies are detected and can be investigated immediately.
At a server level, we then run and constantly update all the software regularly to ensure the latest security patches are applied as well as apply server level lockdowns and set further restrictions specific to our needs.
We then offer (as an additional service) a fully featured Web Application Firewall (WAF) and real-time malware scanners for our managed clients to again provide further layers of protection.
What do I need to do?
There’s a number of steps you can take to help protect yourself and your data. We covered most of these recently with our article on IT security during COVID 19, but it’s always good to go through them quickly again.
Use secure passwords. We have a great article on the importance of secure passwords which will help you choose and use better passwords. Always unique, longer than 10 characters and kept securely in a password manager should be the bare minimum.
Keep your website up-to-date. Websites like all software based systems require constant updates. We recommend running updates at least once a week, or using a service such as our Managed WordPress Hosting to have someone take care of this on your behalf.
Use Multi Factor Authentication. This means instead of just having a password to login, your website, email, server and similar all require a secondary authentication method. This is normally in the form of an extra app on your phone such as the Azure Authenticator App, Authy or Google Authenticator.
Ensure you have reliable, off-site backups. In the event of a disaster or even an accidental change or deletion, you’ll be reliant on your backups. For your website, this can be managed within Plesk or via a plugin for your website. We highly recommend that you also test your backups to ensure they actually contain all of the data.
Ensure your PC’s all have Anti-Virus protection. Our expertise is in web and not necessarily desktops so we’d advise you to ensure you have some form of protection enabled and up-to-date (even Windows Defender). Ensuring your PC has all of the latest updates applied is also critical.
Keep yourself educated. As the threats evolve, so should your knowledge of them. Obviously we recommend following us on Facebook, Twitter or LinkedIn so that you see when we publish security related information but we also recommend the Australian Cyber Security Centre website for detailed information.
Conduct a review of your systems. This should be done on a regular basis and ideally completed with a security professional. A systematic approach of identifying all of the websites and infrastructure associated with your business will then allow you to conduct a risk assessment against these to then determine if you have any changes or weak areas to address.
We always like to remind ourselves and remind customers:
Security is only as strong as your weakest point.
There’s no point having the world’s most secure password if you don’t keep your website up-to-date and vice versa. Security requires a holistic approach to ensure all attack vectors are covered.
If you have any concerns over the security of your website, please don’t hesitate to contact us so that one of our team members can conduct a basic assessment for you (at no cost). The security of our customers is utmost importance to us so we will always ensure we do whatever we can to keep your website, emails and data safe.