At First Internet we have had to deal with security issues from time-to-time. We take the protection of our clients data very seriously and always endeavour to keep it as safe as possible, but that doesn’t mean we don’t face complications. Knowing this and being capable of reacting accordingly is what is important.
Several months ago we assisted a client in recovering from an infected WordPress blog, which had been subject to a very intricate attack, spanning 2 continents and 3 countries. In tandem with our hosting providers we managed to wheedle out the malicious code, which was no more than 20 characters long, in 1 of more than a hundred files. The weakness that opened the door to this attack? An overly simple, easy to guess, username and password combination. No matter what precautions are undertaken, they can all be bypassed by not adhering to security protocols, the most basic of which is maintaining adequately complex login details.
More recently we, along with the rest of the world, had to deal with the Heartbleed vulnerability. This was an error in the code that protects secure online transactions on systems using a certain set of software. Software that was and is still very common throughout the world, albeit patched (updated with a fix) for the Heartbleed vulnerability. In a similar fashion to the WordPress attack, we liaised with our hosting providers to get all our affected clients protected in the shortest time-frame possible. In this instance the gadget failed, but responding appropriately in a timely manner negated any possible negative affect.
Although First Internet remains unaffected by the Cryptolocker malware, it still appears on our radar as we remain aware of security concerns that at least have the potential to affect us. Cryptolocker targeted Windows systems and held unsuspecting victims files literally to ransom, by locking access until the perpetrator was paid. This particular malware has hopefully taken it’s last victim now that the author has been identified. Everyone using a computer should know basic defence against this sort of attack; keep things updated, run a malware scanner and don’t download suspicious files. There is a vast amount of software out there to help keep you protected, but true safety relies on remaining aware of the issues and knowing how to react.
For safety is not a gadget but a state of mind. ~Eleanor Everet