Could the Russians hack your data via your employees?

Probably. But, in reality, the far more serious threat is much closer to home. Employees are the main source of leaks and they are where you are the most vulnerable to loss of data. “Social engineering” can provide a channel to the heart of your computer systems and the amount of “hacking” expertise required is minimal. It is inattention, more often than malicious intent, that can lead to employees leaking valuable data, maybe not to the Russians, but perhaps to a competitor.

Hackers can be cunning, plausible and malicious. Passwords can be like gold, but easier to find. Armed with information about your organisation, perhaps from the internet, they can phone or email you with very plausible requests. Once in to your servers the world may be their oyster. What would you pay to know your competitor’s margins? Or rather, what would they pay to know yours? From the hacker’s viewpoint they need to be successful only once. You and your staff need to be vigilant all the time.

Many of the actions you can take are reasonably well known. The advice here is directed at employers. Most of it will also apply to their staff.

  • Don’t open email attachments from unknown sources
  • Don’t share passwords
  • Keep at least one (high level) password exclusively in your memory, use it selectively
  • Don’t write your other passwords down. However, you might record prompts that others won’t recognise.
  • Change relevant passwords when employees leave
  • Don’t divulge passwords to IT guys (or others) unless you know precisely to whom it is you are speaking (and perhaps not even then)
  • Avoid WiFi unless you are certain who controls the connection (and perhaps not even then)
  • So far as reasonable, keep business information out of the public domain, it can be used to generate plausibility.
  • Make sure your IT department, or supplier, manages “permissions” on files and folders. Alternatively, understand the process yourself.
  • Rely on “industry standard” routers and anti-virus.
  • Train your staff so they know how to be vigilant. We can help.

The list is not exhaustive.

Apple made the iPhone un-hackable – until the FBI got serious. As for the Russians.

Training Courses

Click here to register for one of our Training Courses.