Cyber security threats to be on the look out for in 2016
The email highlighted several cyber security threats to be on the look out for in 2016.
From this email I have distilled the following FOUR threats to be especially on the look out for, and added some tips of my own for fellow JOOMLERS.
The four threats are:
- Social Engineering
- Zero Day Exploits
Almost any kind of malicious software threats, including trojan horses, adware, scareware, spyware. How long have you got?
Tip for JOOMLERS
Consider switching from WINDOWS and MAC to LINUX.
It's open source just like your Joomla! CMS.
If Linux is good enough for the server hosting most of the world's websites, mustn't it be good enough for your desktop?
We think so!
Malware with the following modus operandi:
- encrypt your data,
- freeze it so you can’t access it,
- and then demand money for a decryption key.
Example recently in the news: Cryptolocker.
Tip for JOOMLERS
If you insist on using WINDOWS and MAC rather than switch to LINUX, at least protect yourself.
We recommend Malwarebytes for those not yet ready to make the leap to Linux.
It is highly likely that if your website gets hacked it will be because your computer was hacked first!
Malwarebytes has a well-earned reputation for sniffing out malware missed by others.
Social engineering might better be called what it is, psychological manipulation.
Examples include phishing, pretexting and baiting scams.
Phishing scams impersonate legitimate emails to try and get you to click on links. Click on a link and you will be taken to a fake website that either asks you for personal details, or deploys malware (example: ransomware) or worse, both.
Pretexting scams involve attackers convincing you (the victim) that they’re a trusted source and need you to confirm certain details to confirm your identity. You wouldn't fall for this one would you? Mmmm.
Baiting scams are where attackers try and get you to download something like a film or music file and guess who falls victim to this kind of attack? Anyone streaming or downloading from illegal sites but also Joomlers looking for 3rd party extensions!
JOOMLERS especially be on your guard!
NEVER download a 3rd party extension for Joomla! except via a link listed in the official Joomla! Extension Directory.
Zero Day Exploits
A Zero Day (0-day) Exploit occurs when the bad guys find a weakness in an application which the developer (community) hasn’t yet created a patch for, probably because no-one even knew there was a need!
The risk of zero day exploits is always going to exist because of their very nature.
Once a zero day exploit has been discovered by the good guys it can be patched.
JOOMLERS take note!
Keep your Joomla! CMS and its extensions up to date. Failure to act on every update ASAP after release increases the risk of your website falling victim to a 0-day exploit.
This happened to millions of Joomla! CMS users in 2015.
Thank you UK Fast
This article was prompted by a recent post in the UK Fast Blog.
WYNCHCO Joomla! CMS Support
We coach, help and support managers with responsibility for Joomla! websites in organisations across Cheshire, Manchester, Merseyside, North West England & the UK.