What if the greatest threat to your company documents, inventions, client list and financial info, was already inside your firewall? Don’t think too long about it because it’s already true.
Yeah those wonderful co-workers in your company, especially the ones that bring donuts in on Friday, they’re also the weakest link in the chain of security that prevents your sensitive business information and secrets from being broadcast around the world.
In our field of networks, computers, firewalls, antivirus, anti-malware and anti-threat, it’s well known that the most effective technique that hackers use is social engineering.
Social engineering in the hacker world tells them how to set their trap right where a normal carbon unit would step. Even in the legitimate world of software makers like Java or Adobe Acrobat or Microsoft Internet Explorer, what we like to call crapware gets downloaded every day. Your machine tells you that you need to update and so you agree to its all-knowledgeable directive and click through the screens until it does its thing and goes away. Only you didn’t see the little checkbox asking if you also wanted this other program, or that you’d prefer your homepage and search engines to be changed to this site or that.
Yet just clicking OK without thinking is kinda like walking alone through New York’s Central Park at night counting Benjamins in your wallet, all the while singing “Money for Nothing” by Dire Straights.
Here’s a silly example: If you were perusing the City Pages website, perfectly legitimate, reading about upcoming music and movies and other events, and you came across a button, and I’d like a show of hands here, that said “Don’t Click This Button”, how many of you would click that button? Just to see what was on the other side?
In case you’re wondering, a Minneapolis underground music website actually had a button like that. On the other side of that click was a simple page that said “You’ve been added to the list”.
So the hacker playbook says lull people into clicking on stuff they always click on or trust, or pique their curiosity, but slip a little bug to them along the way.
Almost sounds like a thrilling spy novel doesn’t it?
One piece of advice: Be aware, don’t just click OK.
Another piece of advice: Consult a professional IT company like Computer Wrangler who can advise you and even train your staff in secure computing.