Lincolnshire Police are advising businesses on how to protect themselves from a cyber attack like the one experienced by the county council last week.
IT Systems were swiftly shut down in order to effectively contain the malware (malicious software) attack which was triggered by a link within an email at the council’s offices.
A demand for $500 in Bitcoins (digital currency) was not paid and as a public authority this was never something they were going to do, explains the Lincolnshire police force.
As business at the council now resumes as normal, police forces in the East Midlands are joining together to use this as an opportunity to reinforce their messages on cyber security and advising how you can protect your computer and your business.
Regional Cyber-Crime Protect Officer Detective Sgt Carole Walton said: “Malware is continually evolving, therefore we are all vulnerable to attack. From individuals, to small businesses, to large organisations, we all need to continually refresh our understanding of the current threats in order to protect ourselves. It is estimated that 80 per cent of cyber-attacks could be prevented. We need to arm people with knowledge and encourage vigilance in the fight against this unseen villain.”
Det Sgt Walton continued: “Unfortunately, what happened at Lincolnshire County Council is not uncommon. Far from it. It serves as a reminder that we all need to increase our education and raise our awareness in terms of protecting ourselves and our businesses. We need to exercise the caution we apply in ‘real life’ to protecting ourselves and our data online. We would not put all our valuables in a box and store them in an unlocked shed, we understand how to prevent traditional crime and we now need to apply these principles to everything we do online. Data is a valuable commodity, if you take preventative measures and make it difficult for the intruders you are less likely to be a victim.”
With a large proportion of malware being introduced by email, Det Sgt Walton was keen to conclude with the final message: “Email is a particular tool that fraudsters use as a means of accessing and ‘tricking’ a potential victim. If you follow some very basic rules you will dramatically decrease you chances of become a victim of fraud or malware. Delete spam (spam is irrelevant or unsolicited messages sent over the internet) emails – do not respond or forward them – and never open a link or attachment that you are not sure is genuine. If in any doubt, delete.”
Cyber security guidance for business (10 steps) is available from www.gov.uk.
To use your email safely, follow the tips below from Get Safe Online (www.getsafeonline.org):
Do not open emails which you suspect as being spam.|
Do not forward emails which you suspect as being spam.|
Do not open attachments from unknown sources.|
Do not readily click on links in emails from unknown sources. Instead, roll your mouse pointer over the link to reveal its true destination, displayed in the bottom left corner of your screen. Beware if this is different from what is displayed in the text of the link from the email.|
Do not respond to emails from unknown sources.|
Do not make purchases or charity donations in response to spam email.|
Don’t click on ‘remove’ or reply to unwanted email.|
Check junk mail folders regularly in case a legitimate email gets through by mistake.|
When sending emails to multiple recipients, list their addresses in the ‘BCC’ (blind copy) box instead of in the ‘To’ box. In this way, no recipient will see the names of the others, and if their addresses fall into the wrong hands there will be less chance of you or anybody else receiving phishing or spam emails.|
Similarly, delete all addresses of previous parties in the email string, before forwarding or replying.|
If you are suspicious of an email, you can check if it is on a list of known spam and scam emails that some internet security vendors such as McAfee and Symantec feature on their websites.|
Most Microsoft and other email clients come with spam filtering as standard. Ensure yours is switched on.|
Most spam and junk filters can be set to allow email to be received from trusted sources, and blocked from untrusted sources.|
When choosing a webmail account such as gmail, Hotmail and Yahoo! Mail, make sure you select one that includes spam filtering and that it remains switched on.|
Most internet security packages include spam blocking. Ensure that yours is up to date and has this feature switched on.|
For more detailed information on cyber security, we recommend the following websites:
Get Safe Online (www.getsafeonline.org)
Cyber Streetwise (www.cyberstreetwise.com)