Network World recently came out with a list of people sent to jail in 2013 for computer crimes, whether it was stealing passwords or hacking into a system to obtain and then sell sensitive information.
Sometimes, the hackers involved demonstrated technical expertise. Other times, the cyber-criminals didn’t have to make use of any sophisticated IT knowledge in order to access people’s private accounts and networks.
One example is a man who was able to illegally access the private emails of celebrities simply by asking for the password to be reset and then answering security questions using publicly available knowledge about these famous people.
As the owner of a small or medium-sized business, you may already have some security measures in place, such as Firewalls and anti-virus programs, to reduce the chances of someone breaching your cyber-defenses and gaining access to your network and various private accounts.
But don’t overlook the rather simple ways hackers can succeed in stealing your password.
Consider the following issues:
- Is your password really simple? Sometimes a hacker would be able to figure out your password just by knowing certain things about you, particularly if you use common words or facts about yourself (e.g. the password is your last name, birthday, etc.). Among hundreds of thousands of passwords stolenfrom social media accounts at the end of last year, an alarming number were ‘123456’ or words like ‘admin.’ Make sure your passwords are long and complex enough.
- What kinds of password recovery options do you have in place? Do your security questions have obvious answers that people could look up through a simple Internet search? To give an example of one precaution, some people use deliberately false information as the answers to their security questions.
- In your business, who has access to certain passwords? Don’t discount the possibility of irresponsible or malicious actions undertaken by an employee (or ex-employee).
Given that your passwords are the keys to your network and to your sensitive information, you’ll need to come up with a comprehensive strategy for protecting them, not only from theft by malware or from phishing.
Contact us to discuss your security vulnerabilities and come up with ways to better safeguard your passwords.