Screen TimeTech advice and news. From the experts, for you. |
A new security report has revealed some alarming trends.
First off, cyber attacks are becoming faster than ever. Breakout times (that’s the time it takes for a criminal to move within your network after first getting in) have dropped significantly. We're talking an average of just 62 minutes compared to 84 minutes last year. This is not good news. Not only are these attacks faster, but they're also becoming more common. The report has identified a whopping 34 new cyber criminal groups, bringing the total to over 230 groups tracked by the company. And guess what? These cyber criminals aren't sitting around twiddling their thumbs. They're getting smarter and more sophisticated. The report highlights a new record breakout time of just two minutes and seven seconds. That's barely enough time to grab a coffee, let alone mount a defense. But here's the real kicker: The human factor is increasingly becoming the main entry point for these cyber attacks. They will try to get your people to click a link in a phishing email, which will take them to a fake login page. Once your employee enters their real login details, they have inadvertently handed them over. Or they pretend to be someone your team trusts. This is called social engineering. So, what can you do to protect your business from these cyber threats? · Educate your employees Make sure your team is aware of the latest cyber threats and how to spot them. Regular training sessions can go a long way in preventing costly mistakes. · Implement strong password policies Encourage the use of complex random passwords generated and remembered by password managers. Use multi-factor authentication for an added layer of security (this is where you use a second device to confirm it’s really you logging in). · Keep your systems updated Make sure all software and systems are up to date with the latest security patches. Cyber criminals often exploit known vulnerabilities, so staying current is key. · Invest in cyber security software Consider investing in reputable cyber security software that can help detect and mitigate threats in real-time (we can help with this). · Backup your data Regularly backup your data and store it in a secure location. In the event of a cyber attack, having backups can help minimize downtime and data loss. When it comes to cyber security, it's better to be safe than sorry. If we can help you to stay better prepared, get in touch.
0 Comments
Picture this: Your business gets hit by a ransomware attack, and your valuable data is locked away by cyber criminals demanding a huge ransom fee.
You can’t afford to pay it. But there's a twist – just like those "buy now, pay later" schemes, some ransomware gangs are offering victims payment extension options. Recent research reveals that ransomware groups are getting creative with their extortion strategies. One group is even offering victims various choices when it comes to their ransom demands. These "choices" include: Paying to delay the publication of their stolen data, with a standard fee of $10,000… or paying to have their stolen data deleted before it's made public. The exact amounts charged are often negotiated with victims, adding a chilling dimension to the whole ordeal. To increase the pressure on victims, these ransomware groups have added some terrifying features to their web sites. These include countdown timers displaying how much time businesses have before their data is released, view counters, and even tags revealing the victim's identity and description. It's all designed to make victims feel cornered and more likely to give in to the demands. You might be tempted to pay that ransom to protect your business data. Not so fast. Paying is always a bad idea and here’s why… Paying doesn't guarantee that you'll get your data back or that the cyber criminals won't demand more money later. By paying, you're essentially funding criminal activities, encouraging them to continue their attacks on others. Paying a ransom might even get you into legal trouble, as some governments have made it illegal to pay cyber criminals. So, what can you do to safeguard your business from falling victim to ransomware?
Paying cyber criminals rarely makes things better, and we’re seeing businesses that do pay become targets time and time again. Instead, invest in the proactive measures above to help you stay secure. And if we can help you with that, get in touch. Google has unleashed a powerful new tool to make your Gmail inbox a safer and spam-free haven, and it's called RETVec.
But what exactly is RETVec? Well, let's break it down in simple terms. RETVec stands for Resilient and Efficient Text Vectorizer. Fancy. In plain English, it's a tool that makes Gmail even better at spotting annoying spam emails that try to sneak into your inbox. Did you know that the people behind spam emails can be very smart to try to avoid detection? Some use invisible characters, something called LEET substitution (like "3xpl4in3d" instead of "explained"), and intentional typos to get past our defenses. But RETVec is trained to be resilient against all these tricks. Google explains it as mapping words or phrases to real numbers and then using these numbers for further analysis, predictions, and figuring out word similarities. In short, it's like giving Gmail a supercharged spam radar. How does this benefit you? Gmail's spam detection rate shot up by an impressive 38% with RETVec on the scene. Plus, Gmail's false positive rate dropped by nearly a fifth (that's 19.4% fewer false alarms). I know that some of you might be wondering if there’s a catch. Well, there's a tiny caveat you should be aware of, especially if your business sends promotional emails. With RETVec's increased vigilance, some legitimate emails might get caught in the crossfire. It's a good idea to keep an eye on your email analytics to ensure your messages reach their intended recipients. RETVec isn't just about better security. It's more efficient too. Google reports that the Tensor Processing Unit (TPU) usage of the model dropped by a whopping 83%. Smaller models mean reduced computational costs and faster delivery, which is a game-changer for large-scale applications and on-device models. So, it's a win-win situation. Spam is a go-to weapon for cyber criminals and now RETVec can help keep us better protected. It blocks malicious emails, keeping our data safe and our inboxes clutter-free. If you don’t use Gmail, don’t feel too left out. It’s likely we’ll see other email providers including Microsoft bringing similar protection in the future. In the meantime, if you’d like us to review your business’s email security, get in touch. Did you ever imagine a world where the lengthy, complicated passwords people often forget would become a thing of the past?
It seems that day might be arriving sooner than we anticipated. Google has officially made Passkeys the default sign-in method for all personal accounts on its network, signaling the beginning of a new era in online security. What's a Passkey, you ask? It's the next big thing in internet safety. And as a business owner with staff, you should pay attention to this game-changing innovation. Here’s everything you need to know. What are Passkeys? Imagine logging into your account using just a four-digit PIN or your biometric data like fingerprints or facial recognition. That's precisely what a Passkey is. Simple, isn't it? But don't let the simplicity fool you. This new technology significantly reduces the likelihood of having your credentials stolen or your account taken over by cyber criminals. How do Passkeys work? Creating a Passkey is easy. Head over to Google's official Passkeys website, create a PIN or connect your biometrics (fingerprint or face), link your smartphone, and you're done. Just remember, your PC needs to run at least Windows 10, or your Mac should have macOS Ventura or above. And on your phone, you need Android 9 or iOS 16. As of now, this tech works only on Microsoft Edge, Safari, and Google Chrome browsers. What are the benefits of Passkeys? According to Google, 64% of people find Passkeys easier to use than traditional login methods. Not only are they simpler and more secure, they're also faster. Logging in with a Passkey is 40% quicker than using a regular password. What's next? Google's decision to make Passkeys the default sign-in method is just the beginning. The tech giant is already working with select partners to make this new login usable across Chrome and Android. It's already available on Uber and eBay, with plans to expand to WhatsApp soon. So, it might be wise to start thinking about how Passkeys can benefit your business. After all, Google could soon roll out this feature for business accounts too. Meantime, if you're not quite ready to embrace Passkeys, you can still opt-out. Just head to the Sign-in options page, find "Skip Password When Possible", and toggle off the switch. We’d recommend you give it a try and see how much easier – and more secure – it can make things. And of course, if you need any help, get in touch. New research has uncovered an unexpected twist in the tale of cyber security risks – your tech-savvy younger employees may be your biggest vulnerability.
Shocked? Let's dive into the details. More than 6,500 employees across the globe were surveyed, with an almost equal representation of demographics. The results were rather alarming. The study found that younger office workers, those 40 or under, are more likely to disregard standard password safety guidelines. Can you believe that 34% admitted to using their birth dates as passwords, compared to just 19% of those over 40? And it doesn't stop there. The habit of using the same password across multiple devices was also more prevalent among younger workers, with 38% admitting to doing this. And let's not even get started on phishing scams. A whopping 23% of the younger demographic didn't report the last phishing attempt they received. Their reasoning? "I didn't think it was important". But surely they understand the gravity of security threats against businesses, right? Well, not quite. While ransomware and phishing were acknowledged as critical threats by 23% and 22% of employees respectively, the overall attitude towards cyber security leaves much to be desired. Here's the kicker: a staggering number of those surveyed revealed that their organizations did NOT provide any mandatory cyber security training. From the US (30%) to the UK (17%), Netherlands (32%), Japan (35%), India (31%), Germany (22%), France (43%), Australia (29%) and China (65%) – the numbers speak for themselves. So, are we really to blame our young workforce when it's clear that businesses aren't doing enough to equip their employees with the necessary cyber security skills? It's high time we stopped treating cyber security as an afterthought and started investing in regular cyber awareness training for everyone in our businesses. Yes, EVERYONE. Not just the tech team or the executives, but every single employee. At the end of the day, it's not just about protecting your business; it's about creating a safer digital world for us all. We can help you do that. Get in touch.
|