A learning experience from Forbes hacking

The world’s best information-sharing website Forbes.com is now on the list of successfully infiltrated websites by list Syrian Electronic Army – The #SEA. They are successfully able to get access to Forbes’ email and publishing systems, download email addresses and hashed passwords of millions of users, and post article rights.

As we can see such a big name is now on the list of hacked websites, then how small businesses can survive over on internet. It is very shocking for all of us how recently hackers have done very remarkable hacking of the world’s well-known brands like Microsoft, Skype, the Twitter account of Times Magazine, and CNN. Below is the main security ignorance, which played a main part in different cyber attacks.

Respond to Phishing mail: Phishing is a serious concern for the whole cyber world as it lures users to click on email links, which directs him/her to another page where the attacker swipes the details of the user. Sometimes such suspicious links ask users for private login details and after getting login details attacker can again attack the server or system. It is sensible to avoid such spam links, especially in organizations that seem ripe fruits for cyber culprits.

Respond to the fake login page: When a user innocently enters his or her login details in a fake login page, resulting in a phishing attack. An attacker can take the user to another web page to make a phishing attack in real. An attacker can perform an attack called cross-site request forgery to hack the browser. After hijacking the browser attacker can install malicious software to steal the information from the website. In this case, it is sensible to look for webpage security and authenticity before submitting the login credentials. Many websites have SSL security on their login page to ensure users about website authenticity.
Fake Login Page - Phishing

Lack of Security monitoring: It is very essential to monitor for any suspicious activity of the server or network system. Security monitoring includes the collection, analysis, and escalation of warning samples and indications. It alerts the organization immediately and the organization can avert
further potential destruction. Accomplish inspection of daily IT security risks.

Educate employees: The biggest concern is the lack of security knowledge and its measures. Organizations should provide enough security knowledge to their employees, which must cover the organization’s security policy, immediate action against suspicious activity, policy about sharing details web surfing guidelines, etc.

Other Recommendations: Besides the above security measures organization can take the below security measures.
  • Install essential tools to check the ability of your web server against DOS or DDOS attacks.
  • Install a phishing detection tool on your server.
  • Keep a data backup tool that regularly takes data backups.
  • Secure your website with SSL protocol.
  • Install anti-phishing and antivirus tool that regularly scans the server for any vulnerability.

Cybercrime is evolving drastically around us. Whether you are a large organization or a small business, security precautions can make a big difference. A single click in today’s world can welcome a major cyber attack. It is better to take precautions rather than suffer.


The Post was actually written by Sara Wright - An Internet Marketing Expert at ClickSSL.com

Follow her on Google+, Facebook, Follow ClickSSL.

Read Also
Post a Comment