VIEWPOINT
MAKE PASSWORD SECURITY YOUR TOP PRIORITY
In an age when online security and serious cyber attacks demand urgent attention, businesses continue to put themselves at risk by ignoring the importance of strong password protection.
S
erious data breaches attract significant publicity, such is the devastating effect a hacked password can have for individuals and businesses.
The most recent report from the National Cyber Security Centre (NCSC) makes for worrying reading, as it highlights that 70% of people believe they will fall victim to a cyber-crime within the next two years, while 23.2 million hacked accounts of victims used 123456 as the password.
Sequential numeric passwords will no longer suffice, and businesses must begin prioritising password security if they are to protect their business from would-be criminals.
NCSC report findings Taking the lead on cyber security-related issues within the UK, the NCSC uses its own research and findings to deliver practical guidance to businesses of all sizes. Responding quickly to security incidents and protecting companies from serious harm, the organisation draws on industry and academic expertise to improve security measures and safeguard public and private sector networks. The report delivered by the NCSC is based on data compiled from telephone interviews and shows that 37% of respondents agreed that losing money or personal details over the internet has become unavoidable. Ironically, the same report reveals a serious disregard for password security, with many individuals setting weak or predictable combinations that make it easy for hackers. With freely available programmes designed to run automatically and try millions of combinations, simply setting your password to ‘Pa55word’ is not enough.
Creating a strong password When it comes to protecting your data, information or money, the only way to make a long-term difference is by changing your attitude towards password security. Although it may sound straightforward, the first step is to stay away from obvious passwords that you’ve trusted in the past. This includes sequential numbers or letters,
24 “
birthdays and especially the word ‘password’. Not only will these be cracked in seconds, but hackers will recognise you probably use it for other accounts and target all your other password-protected assets.
Instead, it’s important to make passwords longer, aiming for at least 15 characters where possible, using a combination of upper- case and lower-case letters, while throwing in numbers and symbols for good measure.
70% of people believe they will fall victim to a cyber- crime within the next two years, while 23.2 million hacked accounts used ‘123456’ as a password.
Alternatively, a word combo can be extremely effective, using a combination of random but memorable words that make it almost impossible for hackers to guess. An example of a word combo could be ‘FootballDogYellowRibbon’ – the more ridiculous the better.
Sophisticated methods Although changing your attitude towards password security is an important first step, that won’t necessarily help you spot an incoming threat or identify the points of attack.
The most common method used by hackers remains brute-force, which despite its name, can be technically effective for those looking to breach an already weak security system. Brute-force attacks will often use a password dictionary, containing millions of words and numbers that can be tried in combinations to discover the correct password. This can take minutes, hours, days or even years – the programme has enough patience.
Once a hacker has set the programme
running, passwords will be tried systematically, delivering a successful hack if the dictionary contains the correct password.
Internal threats
While outside hacking attacks can be difficult to prevent, there are other routes into secure networks and accounts, which typically involve the actions of individuals granting access.
Some cyber-criminals will try to trick, intimidate or pressure an individual into giving them what they want, otherwise known as phishing, when attacks are personalised to target a specific organisation.
”
Typically, the phishing email explains that a receiving bank account’s details have changed or there is something wrong with an account, prompting the recipient to click a fake link to resolve the issue.
This same approach is used regularly by cyber criminals, targeting businesses, law firms, banks and anyone with valuable data or money moving through their accounts.
Securing the future of your business…
Password protection is not a new feature within the world of online security, but unfortunately businesses are still ignoring its importance.
Although straightforward and simple passwords are quick and memorable, they are also extremely easy to crack, especially for hackers who have programmes designed to test millions of combinations in quick succession.
Although opting to use a selection of upper-case and lower-case characters isn’t always efficient, doing so can help secure your account from hackers.
Remember, cyber-attacks are becoming more sophisticated over time, so it is important to regularly update your password and other security measures, ensuring you stay one step ahead of criminals. If you’re unsure about the next steps, contact an experienced managed service provider and begin securing the future of your business. BMJ
www.buildersmerchantsjournal.net November 2019
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52
