Today’s C-level executives would be wise to watch a few episodes of the USA network hit series Mr. Robot. The technology details in the show are provided by a security expert, former hacker Kor Adana. He recently provided 10 insightful ways to avoid being attacked.
Mr. Robot is one of the most accurate cybersecurity shows to date as Kor breaks down each hacking incident including precise screen behavior and how the attack operates. He often performs the hack himself and records the screens so everything is as authentic as possible including typical hacker tools and social engineering techniques. Season 2 airs on Wednesdays at 10pm (ET) this summer.
Here is my take on Kor Adana’s top recommendations to improve your business security:
1. Double up on passwords
Enable and use two-step verification for sensitive functions whenever it is available. This especially applies to communications such as email and all financial transactions.
2. Never use the same password twice
Many computer users, including business owners and C-level executives, use the same password for all their accounts. Of course this is the easiest way to remember the password but it makes you very vulnerable to a hacker—imagine the damage they will do if they get that password and use it with all of your accounts. Also consider using password software that will generate very long complex passwords.
3. Take business mobile security seriously
Many businesses have important mobile apps that store account credentials and a hacker that unlocks your mobile device can quickly get access to all that data. It’s a pain to lock the device every time but using a complex password will slow down or even stop the hack.
4. Cleverly answer security questions
Your Mom taught you to never lie but here is a case where a lie may save heartache and financial loss. Many companies ask a series of security questions when you create the account. If a hacker knows your dad’s middle name, the name of your pet and other information commonly available on social media they have a very good chance of getting into your sensitive information.
5. Don’t over-share on social media
How many times have you read a post about someone on vacation or at a social event? That’s like an “all clear” signal to a thief. And by sharing birthdays, mom’s last name and other personal information they are providing a hacker the tools needed to compromise your security.
6. Continuously update
Many business executives frequently ignore update messages on phones, computers and other devices that run software. Excuses like it takes too long, I might have to learn how to use a new interface (like Windows 10) and I have much more important things to do with my time top the list. Here’s the problem with putting it off: using older versions of the operating system, antivirus, anti-malware and applications open them up to hackers who exploit the known vulnerabilities. Consider the tradeoff: spending a little time now or deal with huge security issues later.
7. Don’t fall for email scams
Some emails practically scream “if you click here you will be in deep trouble”. But sophisticated hackers have found ways to mimic an email from a trusted associate and insert a URL address that, if you click the link, will go to them. Think about whether Bob in accounting would really ask for every employee’s social security number ASAP. Get into the habit of hovering your mouse over links to see where the reply really goes. If you’re still uncertain, either verify via a phone call or an email to the sender to confirm the situation.
8. Keep your webcam software updated
Ever heard of ‘ratting’? Once the stuff of science fiction, it really is true that hackers can gain remote control of your camera and microphone. Putting tape over your webcam only blocks the view—hackers can still hear what you say. A better approach is to keep the webcam software up to date and disable your camera when not in use.
9. Always connect securely
Free wifi doesn’t always mean safe wifi. Studies show that most popular resorts like Disney World often have bogus wifi spots planted there by hackers. Double check with the store or resort manager to verify which wifi is secure. Avoid unsecured wifi networks and never do sensitive financial transactions over unverified links.
10. Be smart when attacked
Take every precaution possible to prevent an attack; but if you sense an active breach, unplug and shut down all systems and get a security tech involved. They will likely want to wipe your system clean and help you improve your security procedures to avoid an intrusion in the future.
Business leaders live in a strange new security world and find themselves smack in the bullseye of the hacker world due to their trusted position. Following these 10 tips will go a long way to “covering your back” and avoiding the negative fallout from business cybercrime.