From hacking children’s smart toys to good old fashioned security scams, Neil Lewis, author of The Official CyberSafr Home Business Guide outlines the 7 key cyber threats of 2018 and how businesses can stay vigilant as the ‘bad guys’ up the ante.
The major attack of last year – WannaCry, which took down parts of the NHS and affected companies and health care organisations across the globe – didn’t depend on clicking a ‘bad link’ – it just exploited ‘port’ technology.
Sadly, ransomware is expected to both grow and get more sophisticated in 2018.
The solution is a combination of increased vigilance and double backups – that is, a physical back up as well as a reliable sync cloud solution.
The BlueBorne vulnerability, which allows hackers to gain access to your whole network via a weak device, was published in August 2017 and large software companies (Microsoft, Apple and Google) have provided security patches.
However, not all mobile phones get these security patches, only computers with up-to-date operating systems will receive the patches and many Internet of Things (IoT) devices will either not receive an update or are incapable of receiving any kind of update.
This has to make Bluetooth one of the big vulnerabilities for 2018, but it is one that you can protect yourself against now. Check each device connected to you network, to see if it has the latest security updates and if not, then retire it…
3. Your smart phone
Your smart phone is rapidly becoming the default device to provide secondary verification login to key accounts. In previous years, only banking services used smart phones in this way, but now a range of apps require it – from email services to contact list databases etc.
Clearly, this makes your smart phone more and more like your data wallet – a combination of access to your critical personal data as well as access to your money.
I am advising people to avoid storing banking information on their smart phones unless they are sure that they have the most up-to-date security updates. In fact, if your phone is more than a year old, you should check that you are still going to receive updates in 2018 and if not, replace the phone as soon as possible and remove banking apps until you do.
4. Children’s smart toys
It has been a bad year for children’s smart toys and 2018 will be worse. First, Germany banned the Layla Doll and then Norway banned children’s smart watches. Not only are these toys easily hackable but they often give parents a false sense of security, for instance, in several cases the SOS button isn’t reliable.
The risk to your business is that these poorly secured devices offer hackers access to your home business network and therefore to your laptop and smart phone.
My advice is to disconnect these toys until you have clear commitments for ongoing security from the manufacturers.
5. Security scams
In 2018 you may get a scary pop-up warning…
“…millions of problems have been found on your device and you can clean then now by downloading and buying our software”
Do you trust that message? Probably best not to! We will need to be less trusting in 2018 to stay safe.
6. GDPR – General Data Protection Regulations
British and EU based companies and home businesses need to comply with the new Data Protection rules set by the EU which go live on 25th May 2018. Essentially, you can be fined up to 4% of your turnover for a data breach or loss of data.
You need to know what customer data you hold on your devices and online accounts, ensure that it is protected and that your home business network is cyber secure. You will also need to check that any customer data held by cloud services is physically holding that data within the EU – assuming you are either an EU business, or if not, at least for your EU customers.
7. Director’s data and your home business
As a Home and Small Business owner, you will probably own a company of one sort or another (Ltd or LLP etc.…).
So you need to be aware of the data that Companies House has freely and openly published about you so that you are not surprised by persuasive emails or messages.
Add to this the massive hack at Equifax last year and small business owners with a mobile phone contract may find that they their data has been released into the wild.
This sets company directors up as the perfect spear phishing victims in 2018. So watch out!
Neil Lewis is the author of The Official CyberSafr Home Business Guide.