Cyber Security with Patrick from Computer Clinic

31 October 2023
IMG 0488

In an era where technology touches every aspect of our lives, from banking and emails to phone calls and social media, the significance of safeguarding our digital presence is more important than ever before.

To gain some insight into the current cybersecurity landscape, we caught up with Patrick, a seasoned cybersecurity expert from the Computer Clinic.

What are the top things you can do to mitigate becoming compromised? 

The answer to this will depend on the business and their budget. Some first steps include: 

  • Implementing MFA/2FA on all your logins
  • Ensuring your devices are up to date
  • Having professional antivirus
  • Using a password manager and making sure these are strong and unique

To be honest, I can give you a complete list along with the pros and cons of each one. However, realistically, only large companies are able to implement everything. I believe business owners are intelligent people and, armed with the right information, they can assess their own risk versus the costs and are able to decide on how far to go in terms of cyber security. Effectively how many layers of protection do you want to implement?

So here are three alternative potential vulnerabilities that I'm currently experiencing: 

  1. Have better controls on where your domain names are hosted. You need to ensure that only you can login to your domain host and have MFA/2FA on this login to protect against hackers accessing your domain records. Why? With access they can then implement their own additional MX record which means they can intercept all emails without entering your email system or computers. Most people leave this to their website company or IT company. So what protections do they have in place and do they have MFA/2FA on these logins to avoid the username and password simply being used by hackers?
  2. Protect domain names that you own but don't use (parked). Why? these can be used to spoof emails to make it look like you have sent emails when you haven't. To prevent this, set them up with specific zone records to state that these are website names that will never send out emails. Thus, if these are spoofed, emails sent by these domains will be rejected worldwide.
  3. Have your domain names used for email (yourname@company_domain_name.co.nz ) set up with SPF DKIM and DMARC zone records to avoid spoofing. This is a complex topic so suggest reading our blog on this but I'd say this is the most important thing to do right now to avoid being spoofed.

Read more on DMARC & DKIM

 

How many cyber breaches are your clients experiencing at the moment? 

One a week and they are all completely different and it is through lack of investment in their security layers or a genuine belief that everything is being handled correctly by their current website or IT provider.

A lot of people believe that if they have antivirus software they are protected but as you are now learning, it is a layered approach so antivirus alone is not enough. Antivirus does protect against viruses in software but it does not stop human error where passwords are inadvertently obtained by hackers.

So, what is human error? It is people giving away information - clicking or opening stuff they shouldn't. So training is a key defence.

How good are your staff? Have they ever been sent a phishing test to identify security gaps? Have they ever received formal cyber security training?

Scams are very elaborate these days, so very hard to spot, and impulse clicks on the spur of the moment often lead to trouble.

 

What is the most common type of hacking attack?  

There are too many to go into and they are always changing so there is not a one size fits all solution for this.  However, some common examples are:

  • Gaining local access to a computer due to someone opening a corrupted file
  • Gaining access to an email account due to someone clicking on a corrupted link
  • Gaining access to servers due to using older types of remote access protocols such as VPN and RDP which don't have MFA/2FA on them too.
  • Spoofing emails at a domain level where companies don't have spf, dkim and dmarc policies employed between their domain and their email system (see our blog)

 

What is the impact on a business when a breach occurs?  

It's the unknown, what happens next? The stress and additional workload for both the business owners and the staff. The physical aspects are downtime, outages, reputation damage, loss of data, identity theft and being held to ransom.  It is a terrible situation to be in.


What to do if a cyber breach happens?

Call for professional IT support immediately and although there are set action plans and procedures, being able to think on your feet is vital. Focus just as much as finding a way to keep the business operating immediately as to finding out how it occurred in the first place and stopping the breach. Send out a communication (have one ready) to inform everyone of the situation too, as it is best coming from you than others.

 

What is your best tip and suggested method to store passwords?  

Bit Warden Teams or Enterprise version – see our blog on this.


Are there any free websites or tools I can use to see what my security posture/profile looks like from the outside to a hacker?

Install the SecurityScorecard Security Ratings plugin to your browser. This will tell you how secure your security profile is based on all the domains you own and if you haven't been 'checked' as yet, there will be no score but you can request a free check which normally takes about 2 weeks to complete.

Another website (that hackers use) is Shodan. This shows in real time all the vulnerabilities worldwide. A hacker would use this website to search for a specific item to target, such as a vulnerable VPN connection in NZ.


Is there a minimum requirement I need to comply with to obtain cyber insurance?

The problem is that you can tick yes to what you want on insurance forms thinking it is correct but if the worst happens and you claim, then if some of these ticks are not true then it could invalidate your insurance. Effectively you would have to then prove that what you stated on your insurance form was actually in place (which is hard to do in the middle of a cyber crisis) and if you can't prove this then technically you were insured on the wrong basis which may invalidate your insurance. So we would suggest getting your insurance form professionally assessed by an IT company.

 

If all my data is in the cloud, is it backed up and safe?

No, the cloud is just another computer in another location. You need to contact your cloud provider to establish what measures they have in place to safeguard your data and ensure it is backed up too. The main way to protect your cloud is by putting MFA/2FA on every login to the cloud provider's system.

 

Let's take these insights from Patrick to heart. Cybersecurity affects us all, and by staying informed and implementing best practices, we can better protect our digital lives in an increasingly connected world. 
Back to Articles

Other Recent Articles

Identifying Stock on Hand Variances Between Xero and Your Inventory System: A Step-by-Step Guide
Cracking the Code: Top Tips for Creating Effective Product Codes
Navigating Inventory Control: Best Practice for Stocktaking
Perpetual vs Period stock: What's best for your business?
Is dropshipping right for your business? The pros and cons