- Keep operating systems up to date, because hackers exploit software vulnerabilities. This also includes replacing old operating systems like Windows XP, for which updates are no longer provided. It is also important to create an inventory of all company computers and applications.
- Check user rights annually and in the event of role changes. This way you can prevent former employees from accessing the network.
- Install antivirus programs that detect and block malicious software and use a firewall that prevents unauthorized access.
- Use intelligent passwords that include special characters, combine numbers and letters, are at least eight digits long and do not contain your own name, for instance.
- Raise employee awareness and inform them about phishing, for example. After all, employees are the gateway for almost all cyber attacks.
- Perform regular data backups, even on a daily basis depending on importance. The latest backup should not overwrite the previous backup. Otherwise historical data may be lost. Banal but important: The backup should always be disconnected from the Internet so that it does not fall victim to the virus. You should also regularly test whether the data backup was successful.
- Risk analysis as a management task: What are my "crown jewels" and how can I protect them? This also includes professional crisis management with an emergency plan for cyber attacks.
- Check your insurance coverage: The new Zurich Cyber Insurance for SMEs covers certain costs following a hacker attack, such as cleaning up computer devices after a virus attack or restoring damaged data. In addition, the insured are given access to experienced attorneys, who can provide advice on the assertion of claims for damages, for example. Optionally, you can also protect yourself against claims for damages on account of stolen data as well as against the financial consequences of a business interruption after an attack.
Five terms that nobody understands
Denial of service
Denial of service refers to an Internet service that is not available. This can have a variety of causes but may also be brought about intentionally by hackers to harm a company. A popular method is to hack thousands of private computers or networked home appliances and turn them into "sleepers": All devices contain malicious software that is activated at a certain time, causing the hacked devices to access the website of the victim simultaneously. Its system becomes so overloaded that it breaks down. This is referred to as a distributed denial of service attack. This method is used as a form of protest, but criminals now also sell such activities in order to harm competitors. Another variant is to threaten a company with a denial of service attack in order to extort money.
A darknet is a network between computers that can only be accessed by invited users and that cannot be viewed from the outside. It is used by people who wish to keep their communication secret and anonymous: These may include dissidents in a dictatorship, investigative journalists, but also terrorists or criminals. For example, darknets are used for drugs and arms trafficking or for child pornography networks. It is now also possible to buy services like "rent a hacker" there.
Ransomware means "ransom software" and that is precisely what it is: A company network is infected with malicious software that encrypts all data. Only after payment of a ransom is the data (hopefully) made readable again. Another term for ransomware is "blackmail Trojan," because the malicious program is smuggled into the computer system of the company or private person like a Trojan horse and spreads throughout the network.
Social engineering, implying "social manipulation," refers to behavior to make people surrender confidential information. Social engineering takes place over the phone, among other things. The caller spies on their victim in advance. During the conversation, they mention snippets of information to build trust and make their role more credible. A criminal might, for example, pretend to be a representative of the authorities, an employee or a computer specialist in order to gain access to data such as passwords or credit card details. Their aim is either to penetrate company networks or to siphon off money directly.
Phishing is a special type of social engineering via email or over the Internet. Using fake communication, criminals try to capture information. Typically, they claim to be a bank or software company and ask their victims to disclose their passwords. Spear phishing involves the prior identification of and a targeted data attack on a specific group. Modern phishing no longer needs emails but uses infected websites or even intervenes directly in the communication between a company and customer in order to siphon off information there. The criminals then assume the victim's identity and use it to make money.