Intelligensia explains Cyber Security

21 Jun 2023
Education

The words ‘cyber security’ get a lot of use in the media these days, but for most people it can be a confusing term, best left to the experts. What does it mean, and can you be proactive in its implementation?

Cyber security is about keeping your network and devices safe from attack by those who wish to cause harm or obtain financial gain. Financial gain, as a reason, has exploded over the past few years as hackers gain access to systems and hold data to ransom, threatening to release it online or encrypt files so that businesses can’t access them if they don’t pay the ransom.

CERT NZ, a key component of New Zealand’s Cyber Security Strategy, received about 30 ransomware reports in 2022, though the real figure is likely much higher, since reporting is not mandatory in New Zealand. These devices hold a lot of data (which is why they are targeted) and an attack can keep a business locked out its files for days.

But that’s not all. New Zealand’s National Cyber Security Centre reported 350 incidents affecting nationally significant organisations in 2021/2022. Of those, they estimate 81 were criminal or financially motivated. But if you look at their wording, ‘affecting nationally significant organisations’, there were potentially many smaller businesses that were affected and never reported.

One small business, a New Zealand-managed service provider of just 25 employees was attacked in December 2022, showing it’s not just large organisations that are targeted. Despite its small size, this company provides IT services to over 200 organisations, making the impact of such an attack potentially far-reaching.

How do these attackers get in?
Some ways include:
  • Stolen credentials. Your password is a major defence against cybercriminals and it’s your responsibility to keep it safe and not easily guessed. After all, why would a cybercriminal go through the trouble of looking for other entry points if they can easily get in with a password?
  • Links in dubious emails. Dubious emails used to be easy to spot. They were full of spelling mistakes and company logos didn’t look right. These days, cybercriminals have gotten smarter and now their emails look almost identical to the real thing.
  • A malicious application disguised as a genuine application that can steal your data.
  • Computers lacking security updates. Security updates are often overlooked. You get notified at the most inconvenient time, they take too long to install, and they mostly require you to restart your computer. Who has the time?
Prevention is better than cure
It’s a cliché because it’s true. It’s much harder to undo an attack than it is to prevent it.
So, what’s the best way you can protect yourself and your business?
Education.
There are a lot of access points in every organisation, from the smallest one-person business to the largest organisation. And no matter how small your business, your data, systems, and customers are just as important as the largest corporations.
Education can teach you how to determine a genuine email from a fake email. It can help you recognise apps that want to steal your data. It can enable you to distinguish phone calls that try to trick you into revealing your details. It can teach you best practices, so your business systems are as secure as possible. And, it can highlight the security risks of your business and provide ways to fix them.
It’s our business to keep abreast of the latest security risks threatening New Zealand’s shores, and we feel we are best placed to help you stay ahead of the cybercriminals who not only want to upend your business but the lives of your customers as well.
And you can bet they’ll keep trying in 2023.
Let us do a review of your business to help you spot the gaps in your security and how to plug them. Get in touch today.
Contact us