Local businesses have been hacked and their customer, business and confidential data has been jeopardised and their email systems taken over and compromised.
This is a serious message to businesses on the Island to harken to the advice we have been imparting over this last year, had it been followed this would not have happened; this could, and will likely, happen to you, given time.
Fortunately for one business we already had remote access to their systems and PCs and we were able to rescue them; had we not they could have lost everything and lost control of their systems (booking, email, office shares) to the hackers for weeks until the online providers were able to follow their procedures to rectify such a scenario.
Having worked in IT for over 30 years, some of them as a Security Consultant, when I became involved with Island Tech Limited and local IT on Waiheke Island I took it upon myself to perform analysis and review as many local businesses’ networks as possible. What I found frightened me and prompted me to publish articles on Facebook and our website as well as verbal advice and proposals warning everyone of their vulnerabilities. Not a single company I visited was secure from nefarious activities. Some have since come to us, followed our advice and are now safe whilst others put off doing anything and have since suffered from their complacency. Others stated that they have their own mainland-based IT companies with whom they were happy despite the glaring holes in their security. These last have since asked their suppliers to check and rectify any holes, but that leads one to question why did it take Island Tech to prompt what should have been their suppliers’ care of duty from the outset?
1. Bring all your laptops, PCs, devices up to the latest versions (Win 10 etc.)
2. Please take note and implement MFA for your email and office systems, ensure that your staff teams and roles are structured to support it.
3. Move away from Xtra and other POP type email systems and consolidate on M365 or Google.
4. Consolidate on either M365 or Google, don’t use both, or a mixture of multiple systems such as Teams / SharePoint / OneDrive, Dropbox and Google workplace; choose one and use that one only. The more access points you have the more vulnerable you are.
5. Engage experts in Office Apps (Drive, share, email) to rationalise and secure your systems to prevent hacking and trojans / virus attack etc.
6. Have your network checked and secured to prevent visitors and guests from gaining access to your systems and searching for vulnerabilities.
7. Have your network secured to separate guests from your business, prevent gusts from snooping on each other.
Without the above, you are at risk from all types of hacking.
If your email systems are hacked, as were others on the island, the hackers gain access to all of your emails, any data or information in those emails is available to those hackers. The hackers can send emails from your system pretending to be you or your staff; imagine the repercussions of messages being sent from your company by foreign hackers.
Imagine the damage to your reputation that would happen! Imagine the damage to the reputation of the Island!
Imagine if a high-profile customer’s data is stolen through complacency in simple security! The press would have a field day once the source of the problem was identified, and modern data forensics will easily track where a breach occurred.
Isn’t your customers’ and your businesses’ safety worth investing a few nights worth of accommodation income or a few days of revenue?
From what I have seen only at Island Tech have we the experience to do all of this to industry standard level.
Don’t put everyone at risk.
This is not a sales message this is a genuine warning to everyone, please pass this on to everyone you know.
Island Tech
2 Belgium Street Ostend 098705698 support@islandtech.nz
Comments