By John Burton
Today’s c-level executives would be wise to watch a few episodes of the USA network hit series, Mr. Robot. The technology details in the show are provided by a security expert and former hacker Kor Adana, who recently provided 10 insightful ways to avoid being attacked.
Mr. Robot is one of the most accurate cybersecurity shows to date as Kor breaks down each hacking incident, including precise screen behavior and how the attack operates. He often performs the hack himself and records the screens so everything is as authentic as possible, including typical hacker tools and social engineering techniques.
Here is my take on Kor Adana’s top recommendations to improve your business security.
Double up on passwords
Enable and use two-step verification for sensitive functions whenever it is available. This especially applies to communications such as email and all financial transactions.
Never use the same password twice
Many computer users, including business owners and c-level executives, use the same password for all their accounts. Of course this is the easiest way to remember the password but it makes you very vulnerable to a hacker—imagine the damage they will do if they get that password and use it with all of your accounts. Also consider using password software that will generate very long complex passwords.
Take business mobile security seriously
Many businesses have important mobile apps that store account credentials and a hacker that unlocks your mobile device can quickly get access to all that data. It’s a pain to lock the device every time but using a complex password will slow down or even stop the hack.
Cleverly answer security questions
Your mother taught you to never lie but here is a case where a lie may save heartache and financial loss. Many companies ask a series of security questions when you create the account. If a hacker knows your dad’s middle name, the name of your pet, and other information commonly available on social media, then they have a very good chance of getting into your sensitive information.
Don’t overshare on social media
How many times have you read a post about someone on vacation or at a social event? That’s like an “all clear” signal to a thief. And by sharing birthdays, mom’s last name, and other personal information, you are providing a hacker the tools needed to compromise your security.
Business executives frequently ignore update messages on phones, computers and other devices that run software. Excuses like it takes too long or I might have to learn how to use a new interface (like Windows 10) or I have much more important things to do with my time top the list. The problem with putting it off? Using older versions of the operating system, antivirus, anti-malware and applications open them up to hackers who exploit the known vulnerabilities. Consider the trade-off of spending a little time now or dealing with huge security issues later.
Don’t fall for email scams
Some emails practically scream “if you click here you will be in deep trouble.” But sophisticated hackers have found ways to mimic an email from a trusted associate and insert a URL address that, if you click the link, will go to them. Think about whether Bob in accounting would really ask for every employee’s social security number ASAP. Get into the habit of hovering your mouse over links to see where the reply really goes. If you’re still uncertain, either verify via a phone call or an email to the sender to confirm the situation.
Keep your webcam software updated
Ever heard of ratting? Once the stuff of science fiction, it really is true that hackers can gain remote control of your camera and microphone. Putting tape over your webcam only blocks the view—hackers can still hear what you say. A better approach is to keep the webcam software up to date and disable your camera when not in use.
Always connect securely
Free Wi-Fi doesn’t always mean safe Wi-Fi. Studies show that most popular resorts like Disney World often have bogus Wi-Fi spots planted there by hackers. Double check with the store or resort manager to verify which Wi-Fi is secure. Avoid unsecured Wi-Fi networks and never do sensitive financial transactions over unverified links.
Be smart when attacked
Take every precaution possible to prevent an attack. But if you sense an active breach, unplug and shut down all systems and get a security tech involved. They will likely want to wipe your system clean and help you improve your security procedures to avoid an intrusion in the future.
Business leaders live in a strange new security world and find themselves smack in the bulls eye of the hacker world due to their trusted position. Following these 10 tips will go a long way to covering your back and avoiding the negative fallout from business cyber crime.
Learn more about UVM’s Cybersecurity Fundamentals Professional Certificate, an eight-week online program that prepares leaders and managers for how to remediate breaches and find sustainable solutions.
-John Burton ’76 is president and co-owner of NPI Technology Management.
This post was originally published on LinkedIn.