GFAQ-11: What is a cyber attack?

Welcome to the 11th edition of Gary's frequently asked questions. With permission from Gary, we've created a series of answers to some of the most common problems in the IT industry that Gary has asked us for help with over the time we've been his IT consultant. We'll take it from here, thanks, Gary.

“What is a cyber attack?”

A cyber attack can be defined as any offensive manoeuvre that targets computer information systems, infrastructures, networks or personal computer devices. Thanks for that, Wikipedia.

On a simpler note, a cyber attack is an attempt by hackers to damage or destroy a computer network or system. It can be a form of corporate espionage, where the hackers attempt to steal a rival corporation's data, it can be a single person or an organised group who target institutions such as banks to capture your personal finance data, or it could even be another country attempting to infiltrate and disable critical infrastructure.

The WannaCry cyber attack took advantage of key issues in company systems by exploiting security vulnerabilities in Windows that, although most had been patched by Microsoft already, many firms had failed to install the update leaving them open to attack.

Cyber attacks are preventable. With proper infrastructure protection, you can be relatively secure. The key to this is to ensure that all devices, computers, networks, mobile and cloud-based systems used on site are protected with the proper security measures, firewalls and access levels.

As a standard, you should not allow employees to use the network with personal devices such as mobiles or laptops, and only use devices which have been provided by the company on the company network. Your network should also be segmented so that if a breach occurs, a hacker only has access to one part of the network and not the whole.

You can also protect your network by making sure all systems on the network have up-to-date software and security patches, keeping the employee user privileges to a minimum and conducting regular auditing and testing of your security systems.

If this sounds complicated, having a trusted external IT company such as AAG manage your network and provide you with the security levels and protection you need can give you peace of mind.

“Great! When can you get started with this stuff?”

For you Gary? We'll have one of our IT specialists on site within the hour. Now, any more issues give us a call and we'll answer your questions (and many more, we're sure...) next time.

In the meantime, if you or your IT department are looking for assistance with your IT services, consider giving us a call like Gary and outsourcing to one of our experienced IT  consultants. We can even be your IT department if you don't have one. External or on-site, find out what AAG-IT can do for your IT services today on 0114 352 0688.