Cyber Security with Humzah Khaial

Cyber Security has been the most requested seminar after How to Survive an Audit (which took place in the spring of 2019). Humzah Khaial kindly gave a seminar on the tactics used by hackers and preventative measures against their attacks to the group gathered at our Oakville location on December 5, 2019.

Even though it can be a scary topic, it is important to educate ourselves not only about ways to prevent attacks but also how hackers try to infiltrate our systems. If we know their methods, it’s easier to recognize their tactics. 

One of the main targets for hackers is small businesses because they’re lucrative. They have money and sensitive information, but they’re small, so they don’t have a dedicated security department, making them easier to hack into.

What to look for

Attachments in emails can look legitimate. But if after clicking on the attachment, it asks you to change something to your system, don’t. If you do, it gives access to the hacker.

How do you know the email is fake? Hover over the “From” address. Microsoft Office and Outlook 365 now give you the full address when you hover. This is to help you identify senders. If you don’t recognize the sender, don’t click.

Another technique hackers use is grammar and spelling mistakes. They want to filter out anyone who is paying attention. They want victims who aren’t paying attention because those people may not remember what exactly they clicked on or allowed onto their computer.

If the email contains an image of text instead of just plain text, this could be hackers trying to get around your detection software. Software can read text easily, but it cannot read images.

Prevention

The best way is a combination defence. Use as many methods as possible to foil hackers.

When on a public network, use a VPN, a Virtual Private Network. It acts as a tunnel between your device and the public network, preventing any would-be hackers from easily accessing your device and any passwords you may enter while on that public network.

Constantly back up your work. This will protect your information no matter what happens.

Don’t use the same password for everything and use a combination of symbols, letters and numbers. Try not to put passwords on sticky notes. They can get lost easily.

Use two-factor authentication. It’s a password and a code sent to your phone, extra security to verify it is you who is accessing the account. 

Update all operating systems on a regular basis.

Employees are your first line of defence. It’s important to train them in security awareness and prevention. 

Risk Management

Going forward, we need to: prevent, protect, educate. It’s a continuous and changing process. The technological landscape is constantly changing and we need to keep up to date with it.

As the head of your business, you set the tone for your organization. Preventive, protective and educational measures starts at the top. It starts with you. 

At Wolf Law Chambers we strive to host seminars that are relevant to the challenges legal practitioners are facing today. Let us know if there is a topic or challenge you want to learn more about.