New Members
We are pleased to announce that
have all completed the application process and are now members of AIM. Visit their profile pages for contact details.
Cyber Security
According to the official statistics, a total of 11% of businesses and 8% of charities experienced cyber-crime in the year May 2022 to April 2023. While the term cyber-crime covers many things, there are some incidents that can be extremely damaging to a business even to the point that the business is forced to close.
Arguably the most dangerous attack in this category is ransomware, whereby the victim’s entire computer system is hijacked and held to ransom for a payment in a crypto currency such as Bitcoin.
In most cases, these attacks are intercepted by strong anti-virus software and firewalls, but only if the software is kept up to date.
Update your Anti-Virus
Anti-virus software works by recognising hostile file names or pieces of code within files and preventing those routines from running on your system. It’s a constant arms race between viruses and anti-viruses as new viruses are created and older ones evolve. If your anti-virus was last updated a month ago, you are vulnerable to every new virus or adaptation that has been created in that time period. With estimates of around 6000 new variants per day, that’s a lot of risk.
Update Windows and Other Software
Most software providers are constantly working to fix vulnerabilities as they arise. While many software updates are to improve functionality, they often include patches to fix such vulnerabilities. It is important to keep all software up to date.
Password Policy and Admin Rights
Passwords should be changed regularly, and admin rights should be restricted. The majority of “hacks” are not because the hacker found a vulnerability in the software, but because they discovered the password to the system.
Vigilance
Password discovery techniques vary, but the strongest counter-measure is vigilance.
Phishing attacks are often very easy to spot. They usually require you to click on a link to a fake website and enter your login details. The link can be spoofed to look like the genuine website URL, so your standard policy should be to never click any link that asks you to log in, but to visit the site via your bookmarks, from within the software itself, or by directly typing in the address bar.
Malware is often imbedded in email attachments (with increasingly devious file names) so no attachment should be opened unless you know who it is from, and you are sure of what it contains.
