Although all headlines in IT at the moment appear to be bad news, there is some comic relief available. A sign outside a Texas Restaurant recently said the following:
Apparently, you can’t use “Beef Stew” as a password. It’s not Stroganoff.
Another tip which came out of the Colonial Pipeline attack was that you should install a Russian keyboard to avoid cyber-attacks. It’s true, Russian malware can contain a self-destruct code to avoid controversy at home. These safeguards may check for installed keyboards and snoop through the Windows registry for tell-tale signs of a computer’s location on the global stage. But installing a Cyrillic keyboard isn’t an all-in-one safeguard against ransomware. So don’t make this your only defence against attack.
Nearer to home the NCSC (National Cyber Security Centre) have created a great new option for reporting a suspicious website. This can be found here – https://www.ncsc.gov.uk/section/about-this-website/report-scam-website. All you need to enter are 3 pieces of information:
- Website link or URL
- How you received the address
- An optional section to tell the NCSC more
A scary post on Facebook recently, hopefully fake, said the following about passwords.
- I set all my domain admin passwords with one-character passwords and to never expire. When hackers try to brute force me they think it’s a honeypot and just leave.
This is definitely not something that we would condone at Tycom. Having a strong password policy is always a good starting point to protect yourself from attacks.
On a more serious note, a good way to check if your business is prepared for a cyber-attack would be to do the Exercise in a Box.
Firstly, it is completely free, and you don’t have to be technical to be able to do it.
The Exercise in a Box can be best described as a tool that recreates real world business scenarios and tests your cyber resilience in each scenario. It was developed by the National Cyber Security Centre and started its life as a self-use tool to help organisations test and practise their internal response to a plethora of cyber issues. It is, in essence, a box full of exercises based around real world scenarios with probing questions attached to each scenario. It allows your organisation to do them in your own time, in a safe environment, as many times as you want. It includes everything you need for setting up, planning, delivery, and post-exercise activity, all in one place.
A link to this can be found here – https://www.sbrcentre.co.uk/prevent-protect/cyber-services/exercise-in-a-box.
If you would like to discuss any of the above, please contact us at Tycom.