Posts tagged " Twitter "

Four ways to avoid being a victim of Russian cyberwarfare

January 22nd, 2018 Posted by News No Comment yet

Russian cyberwarfare is the new threat to the nation, according to Nick Carter, the head of the British army, which means that the new frontline is, well, you. So it’s now more than just simple self-care to be smart about your online security – it’s your patriotic duty.

Update your devices – and upgrade the ones you can’t

Some of the most damaging cyber-attacks in recent years haven’t come through elite hackers crafting one-of-a-kind viruses to break into secure government devices, but from exploiting the old and out-of-date hardware that normal people use every day.

Take the Mirai botnet: a swarm of millions of hacked devices, it was used to overload servers by bombarding them with traffic requests. But the basic elements of the botnet were simple, cheap, “internet of things” devices such as security cameras or smart lightbulbs, which had glaring security flaws that no one ever bothered to fix.

Don’t be a John Podesta

“Fancy Bear” is the organisation behind the hacking of Hillary Clinton’s campaign chairman, John Podesta. He fell prey to a phishing campaign, well-executed but simplistic, that allowed the attackers to download – and leak – every email he had sent or received.

At its heart, the hack used a fake warning from Google, asking Podesta to click a link and log in to respond to a security alert. After an aide mistakenly told him the link looked legitimate (he meant to type “illegitimate”), he did – but the link didn’t go to Google, and so he ended up sharing his username and password with the attackers.

The easy-to-say, hard-to-do advice is “always make sure links are from who they say they are”. A more useful recommendation may be to join the 10% who have “two-factor authentication” turned on their email.

Avoid paying the ransom

The WannaCry ransomware attack has been credibly linked to North Korea, which has apparently been stepping up its use of cybercrime as a method of fundraising – a technological improvement from recent history, when the nation was one of the largest forgers of US currency.

Keeping a backup of your critical data is a good idea anyway (who knows when a stray cup of coffee will fry your treasured photos?), but it is twice as useful if you can avoid paying a bitcoin ransom to a pariah state.

Think twice before retweeting and sharing

According to new figures from Twitter, more than 50,000 accounts on the site were created for the express purpose of spreading Russian misinformation during the US election. Of course, the point of the misinformation accounts was to blend in with conventional US political activists, so … maybe just log off altogether?

Thanks to Alex Hern at The Guardian for this article.

What to do if your business Social Media account is hacked

August 16th, 2017 Posted by Uncategorized No Comment yet

Even if you’re embarrassed, it’s important to let people know that you’ve been hacked – and most importantly, set up your accounts and educate staff to avoid it happening again.

If a business’s social media accounts are hacked, it can be hugely detrimental to its reputation and relationship with the public.

Here, security experts and social media professionals share advice on how to handle a hack and restore your company’s image.

Change passwords on all accounts

First, determine whether you’re still able to log into the hacked account.

“If you can log in, change the passwords on all your social media accounts – not just the ones that have been hacked,” advises Romain Ouzeau, chief executive of Iconosquare, an Instagram analytics company. “As some social media platforms offer the ability to log in via other sites and services [Tweetdeck, for example], you may be compromised on additional networks.”

As a general rule, Rob Brown, vice president of the Chartered
Institute of Public Relations
 (CIPR), advocates the use of a different password for each social media platform. “Update passwords every two months, choosing longer passwords that contain different characters, and use two-step verification if a social media service offers it,”
he says.

If you’re not able to log in, head straight to the social media company’s contact pages and tell the relevant team that you’ve been hacked.

Clean up the mess

If you’ve been hacked, there’s a chance that communications will have been sent from your account by the offender.

“If this happens, take a screen grab of the content before removing it,” says Lee Campbell, cyber computing lecturer at the University of Gloucestershire. “Then report the breach to the social media provider.

“If the compromised social media account includes content of a threatening, or abusive nature, report it to the police via Action Fraud, the UK’s national fraud and cyber crime reporting centre.”

Communicate and take control

Even if you’re embarrassed, it’s important to let people know that you’ve been hacked.

“Post an update from the reclaimed hacked account, stating what has happened and that unauthorised changes and/or communications may have occurred,” says Blaise Grimes-Viort, chief services officer for social media business, The Social Element.

“If any private or direct messages have been sent, contact those who received them directly to tell them what happened and that they shouldn’t click on any of the links that were sent.”

It’s also worth checking to see which third-party apps (auto post tools, for example) are connected to your social media profile. Review the list and delete any that you no longer use. If you keep seeing unwanted content posted through your account, you may want to revoke access for all third-party apps.

Prevention is the best plan

“If you have a response plan in place before an attack happens it means there are clear actions for employees to take – this helps members of staff act quickly and can help with damage limitation” recommends Microcomms in-house Cyber Security expert Richard Howard.

“The majority of cyber attacks are caused by human error – deliberate or not – so employee training and communication is vital and should also cover advice on spotting suspicious activity, such as phishing emails.”

There are also some simple things that you, as a business owner, can do to improve security across your network. Use the latest antivirus software, run frequent scans for malware (malicious software) and perform a regular off-site backup of your systems.

You can manually adjust the settings on your [social media] account profile pages, restricting who can see your posts, photos and user profile. Also, tighten access to your mobile devices by setting a pin number of at least six digits on each.

Microcomms carry out cyber security health checks, staff training and will provide advice and recommendations to keep your business well protected from attack.