With cybercrime becoming more common and sophisticated, strong cybersecurity practices are crucial to keeping both your personal and business information safe.
In order to make sure that your business has top-notch cybersecurity, we worked with Ryan Barrett, Founder and CEO of ORAM Cybersecurity Advisors, a company that works to streamline businesses’ technology systems to help them grow and was recently ranked as one of the top two cybersecurity firms in the Massachusetts Lawyers Weekly 2020 Reader Ranking Awards.
Barrett has spent the majority of his career consulting to organizations whose data is critical to their business, making him a cybersecurity expert. Learn what he has to say about how credentials can be compromised, what attackers can do with compromised credentials, and resolutions for cybersecurity.
How Are Credentials Compromised?
- Phishing: Scammers will send emails disguised as legitimate messages tricking users into disclosing credentials or delivering malware that captures the user’s credentials.
- Malvertising: Cybercriminals will inject malware into legitimate online advertising networks, delivering malware to visitors that captures user’s credentials.
- Watering holes: Fraudsters will target a popular site such as social media or a corporate intranet, inject malware into the code of the legitimate website, which will then deliver malware to visitors that captures credentials.
- Web attacks: Attackers will scan internet-facing company assets for vulnerabilities, exploit discovered vulnerabilities to establish a foothold and then move laterally through the network to discover employee’s credentials.
What Can an Attacker Do with Compromised Credentials?
- Send spam from compromised email accounts
- Deface web properties and host malicious content
- Install malware on compromised systems
- Compromise other accounts using the same credentials
- Cause a data breach of sensitive data
- Identity theft
10 Resolutions for Cybersecurity
- Make hard-to-crack passwords
Make passwords a long phrase. The extra length makes it much more difficult to crack, while the phrase will keep it memorable. - Update
Always keep everything up to date to ensure the latest security. - Be cautious on public Wi-Fi
While not connecting to public Wi-Fi in the first place is your safest option, if you do, make sure not to type out any personal information. - Use two factor authentication (2FA) whenever possible
2FA adds another layer of security to logins, keeping criminals from accessing them with just the username and password. - Use antivirus software
Antivirus software is always a surefire way to keep yourself safer. - Stay private
The more a hacker knows about you, the easier it is for them to get into your account. Keep social media accounts private and only accept people you know. - Educate
While you might take extra precautions on the internet, others in your house or office may not. They could give a hacker access to the entire network, which includes everyone else on it. - Only purchase from reputable sites
If you’ve never heard of a website it’s best not to buy from it, but if you do, ensure that it uses a secure payment system. - Click cautiously
A simple click is all it takes for a hacker to take over your computer. Watch out for phishing emails or malicious pop-ups. - Phones aren’t immune
Mobile phones are just as hackable as computers. Make sure your device, as well as apps, are up-to-date.
