cybersecurity Archives - Nisyst Cyber Security

6 tips to keep your charity secure

The pandemic wreaked havoc in many areas of our lives. And one particularly worrying trend we saw was a huge increase in cyber crime. Just last year, 26% of charities fell victim to a cyber attack, proving no one is safe.

It’s essential to keep your charity as secure as possible to protect your reputation, your donor’s information and, of course, your staff too. So here are our top six tips for improving your charity’s online security.

Regularly train your staff

Eight out of ten charities say their staff have been the targets of a phishing attack. No employee or volunteer falls victim to them on purpose. All that you can do is make sure they’re well-trained. We recommend retraining staff every four to six months as research shows that, after six months, staff begin to forget best practices.

Change your passwords

Using long, randomised passwords, and changing them regularly, is one of the easiest and quickest ways to keep your charity secure. Aim to change them monthly. And make sure they’re complex. Many people still use names, places, and other words meaningful to them to create passwords, but these are easy to guess. Choosing a random, complex password makes it much harder for hackers to access any accounts.

Use multi-factor authentication where possible

Multi-factor authentication adds an extra layer of security. If, for example, you’re required to tap a number on your mobile phone to access your emails, it means only you will be able to log in. Even if cyber criminals steal your password, they’ll struggle to access your account without access to your phone.

Ensure your phone is secure

More and more of us are using our phones for work, so it’s never been more important to ensure we’re using best practices to keep our phones secure. Start by setting up a password so only you can unlock your phone. Then lock your sensitive apps with different passwords. This way, you have two layers of security.

Consider switching to a cloud-based EPoS system

Cloud-based EPoS systems are more secure than server-based systems, in part because you don’t need to keep any hardware on-site. As well as this, cloud-based systems update regularly and automatically, keeping your data safe. Switching to a cloud-based EPoS system can give you that extra peace of mind.

Prepare a response plan

Unfortunately, it’s impossible to completely prevent your charity from falling victim to a cyber attack, so it’s a great idea to have a plan for if one happens. Linking back to the last tip, another benefit of choosing a cloud-based EPoS system is that it makes it that much easier to get back up on your feet when combined with cloud backup.

As cyber criminals become increasingly sophisticated in their methods, we need to step up our online security to have a fighting chance. That’s why, at the Charity Retail Association Conference, we’ll be launching CHARiot Web. This is our cloud-based EPoS solution designed to evolve with your to keep your charity as secure as possible from cyber criminals.

Curious to see what else CHARiot Web can do for your charity? Come and visit our stand at the Charity Retail Association Conference on the 9th and 10th of September. Or, get in touch with us today on 01204 706000.

August 12, 2021/by Alia Coster

Cyber Security

Ransomware attacks: three modern examples and what you should do

Ransomware attacks are a particular variety of malicious cyber attacks. Whereas some prefer to operate in the background and would rather you didn’t notice, ransomware isn’t quite so shy. If you’ve been hit, you’ll know it. As the name suggests, these types of attacks hold your data and systems at ransom, promising you’ll get a key to unlock your files if you pay the price.

Perhaps the most famous example is the WannaCry attack on the NHS. The cost of the devastating attack was almost a massive £6 million, and the effects were disastrous. Hospitals that fell victim had to cancel 13,500 outpatient appointments, including 139 appointments for patients with suspected cancer.

And they’re just as common today. Here are three examples from this year alone, and what you should do if you’re ever affected.

Isle of Wight schools

We’ll start with the smallest attack, yet it’s no less devastating. The Island Education Federation confirmed they’d fallen victim to a cyber attack that would delay the start of the school term. This immediately made people worry that young students’ information could be at risk.

A spokesperson for the Federation said: “We are working with officers from the police Cybercrime Unit to pursue the cyber criminals and understand the full impact of the attack. There are obviously some significant implications of this, which we are managing and will take measures to secure our systems even further in the future.”

Northern ticket machines

Rail provider Northern was hit recently, affecting over 600 touchscreen self-service ticket machines. It wasn’t said what type of ransomware affected the machine, nor what was compromised by the attack. But Northern has assured people that no customer information or payment data was stolen.

A Northern spokesperson said: “We are working to restore normal operation to our ticket machines as soon as possible. We are sorry for any inconvenience this incident causes.”

In the interim, travellers were asked to buy tickets through the mobile app, website, or at ticket offices at the station.

REvil

This is the biggest ransomware attack story of the last few months. It affected up to 2,000 businesses and organisations across the world. The price for providing the master key that would unlock it all? Just $50-70 million.

US IT firm Kaseya obtained and distributed the key, though they declined to say where from or whether they paid. All they had to add was that it came from a “trusted third party”. Kaseya was one of the first to be hit by the REvil attack, which has been linked to a Russian ransomware gang.

What you should do

Despite them being so well-known, ransomware attacks still happen on a regular basis. More often than not, if they happen to you, the attacker will offer to unlock your files – for a price. Some may be tempted to pay the cost, but this doesn’t guarantee they’ll actually supply the key.

If you are attacked, find which systems have been affected and isolate them. Disconnect them from your network. Pull the ethernet cable out if you have to. With them isolated, you can start to triage the affected units and work on rooting out any malware.

Now, let’s talk about payment. The general advice of law enforcement would be to not pay the cost. But, in reality, 65% do actually send the money. Considering this can get into the thousands of pounds, it can be quite the hit. It could also be “scareware” – created just to make you think it’s ransomware, when it’s not actually encrypted your files at all.

You don’t want to take this decision lightly and are better off talking to an expert about it. While there’s no way to be completely safe from cyber criminals, there certainly are measures we can take to prevent attacks and minimise the damage. For businesses, it’s now more important than ever to have the strongest, most secure cybersecurity possible.

Are you ready to protect your business? At Nisyst Cyber Security, we pride ourselves on creating the most efficient and effective cybersecurity solutions. For more information, get in touch today on 01204 706000.

August 5, 2021/by Alia Coster

Cyber Security

Four simple tips for mobile phone security

There was a time where our phones were just big, chunky bricks only capable of calling other people. Now they’re our digital Swiss Army knife, with cloud storage, emails, messaging, a calculator, and hundreds of apps that help us with work and so much more. But phones are only going to continue to improve and we’re going to rely on them more and more.

And with the lines between work and home life blurring, our phones have become essential tools in our jobs. Over three-quarters of the UK use their personal device for work. With this in mind, it’s critical we make sure it’s secure. With so much important information on these devices we take everywhere with us, we can easily open ourselves up to hackers and cyber attacks. So what simple ways can you look after your mobile phone security?

Lock your apps

We all know you can add a password to your phone to stop people from browsing through it, but you can also lock individual apps. This is particularly useful for those who use their phone for work and simply can’t delete sensitive files.

This way, you can protect sensitive information with not one password (the one you use to unlock your phone) but two. Or, if you don’t want to lock your apps, you can simply log out each time to protect your information.

Install an antivirus app

We all have antivirus for our computers and laptops, so why not for our phones too? It may seem redundant as most phones already have protection against malware, but these measures sometimes just aren’t enough.

For example, Google removes malware it finds in the Play Store. But this just tells us that malware can find a way onto the Play Store. You may download an app infected with malware before Google can remove it. Not all built-in protection is strong enough, and it’s better to be safe than sorry.

Keep Bluetooth and Wi-Fi off when you aren’t using it

Keeping either of these on essentially just opens you up to hackers. Hackers can intercept and change the data sent over Bluetooth. And, sadly, public Wi-Fi – though convenient and free – can be dangerous too. Instead of connecting to the Wi-Fi, you could be sending your data directly to a hacker. Hackers can also use unsecure public Wi-Fi to distribute malware.

Don’t use public chargers

I’m sure this one is hard for many to hear, but it just isn’t safe. When you plug in your phone at the train station, airport, Starbucks, or wherever you are, the port doesn’t just charge your phone; it transmits data.

A compromised charging station could give a hacker access to just about anything in your phone, including texts, emails, and photos. If you regularly find yourself low on battery when out and about, it might be time to invest in a power bank.

As we use our mobile phones more often, it’s essential that we protect the sensitive information on them. Following these tips won’t make your phone immune from cybercriminals, but they will make the chances of you falling victim to an attack much less likely.

Nisyst Cyber Security has been leading the UK tech scene for over 30 years. We can help you look after your mobile phone security. Ready to protect your business? Call us now on 01204 706 000.

July 8, 2021/by Alia Coster

Posts