I’m sure you have all heard about the situation in Ukraine, one consequence that we need you to be aware of is the increased risk of cyber-attacks on UK businesses.
There are those in Russia and those sympathetic with Russia’s aims, that would like to see businesses in the west impacted. One of the key weapons that will be used to try to achieve this aim is the use of so-called “Cyber Warfare”. The most devastating of these attacks are successful when we are tricked into running programs that start the cyber-attack within our business network, these programs are generally referred to as Malware.
What we are suggesting is that you treat any communication you receive from the outside world with caution.
In particular, we ask that every time you are prompted to enter your user name and password, that you ask yourself “is this how and when I would normally be asked for this information?” If it does not look normal, no matter how slight the difference or the timing, then stop, do not enter the details and contact your IT support.
In addition, if you see any of the following, stop and talk to your IT support, they can then check that you are not about to be tricked.
- Emails from contacts or companies that have Links within to websites
- Emails that appear to come from another member of the business but look strange or different to usual emails from them
- Emails informing you that your password is expiring
When surfing the web, please be extra careful when typing in web addresses, it is very easy for these Cyber Criminals to set up a website that looks like the original but has a slightly different spelling.
e.g. PayPol.com instead of PayPal.com
Ensure that any website you are entering credentials into has the little padlock symbol in the address bar.
In summary, if it looks unusual or too good to be true, then STOP!
If you would like to do more, then here are three more tips that will help keep you safe:
- Ensure you regularly install all security patches on your computers, servers and firewalls
- Use a Password Manager that will allow you to use unique complex passwords for every website and service you log into
- Use Multifactor Authentication for all key Business services. (ERP, Banking, eCommerce, etc)
We recommend that you share this type of message with your colleagues.