Australian based Managed IT support offices in Melbourne, Sydney and Brisbane
Powernet Colour a VITG Company POS

How to know which Cybersecurity Threats are #FakeNews

While misrepresenting facts and spreading falsehoods to suit one’s agenda is nothing new (Ramses the Great lied about his grandiose victory in the Battle of Kadesh in the 1200s BCE), the concept of “fake news” has unquestionably reached its zenith in the age of information. This is primarily due to how easy it is for people to spread false news stories via social media without any regard for factual accuracy or personal responsibility. And in addition to purportedly influencing the recent US election, fake news has defined the recent zeitgeist to such an extent that Oxford Dictionaries named “post-truth” its 2016 word of the year.

As with most things in today’s factoid-laden world, fake news comes in many shapes and sizes (often depending on whom you ask). And while it’s often dismissed as merely the unfortunate by-product of partisan political squabbling, fake news can have very real consequences for your organisation more specifically, its cybersecurity.

What does “fake news” have to do with cybersecurity?

There are a three main ways that “fake news” can undermine the cybersecurity of your organisation. First, cybersecurity personnel are at risk of either underestimating or overestimating the severity of a cyber threat when it is poorly described in the media. This is usually a case of non-specialist journalists or bloggers sensationalising a story beyond their intellectual means.

Second, we have malicious “fake news” stories that trick employees into clicking through or downloading malware onto their system and, as a result, into your company network. This is very similar to traditional spam and socially engineered cybercrime, except that it draws unsuspecting victims in with outlandish or politically charged “news” stories.

The last way is through genuine cyberattacks that distract from the cybercriminal’s more nefarious primary efforts. According to Vincent Weafer, vice president of McAfee Labs, “Hackers have been known to launch large-scale decoy attacks to distract and overwhelm a victim, so they can slip in a more subtle and damaging exploit.” DDoS attacks are the most common “fake” threat used to distract from more severe attacks, which often include data theft, ransomware and business process compromise (BPC) attacks. Separating fact from falsehood is crucial for any organisation to maintain the integrity of its network especially when so many business processes rely on the internet and cloud technology.

Here are some tips to minimise the impact of “fake news” cybersecurity threats in your organisation:

1. Scrutinise every information source even those you trust

There’s little point in implementing company-wide security measures if your personal browsing habits go unchecked. Be extra vigilant on the internet and social media, especially when it comes to politically charged content of questionable origin. If it’s not reported elsewhere in a reputable publication, it’s probably not worth the click. Pay extra attention to the source of any news that could impact your cybersecurity policy. Do they know what they’re talking about? Are they sensationalising the story for a few extra clicks? A discerning eye is an invaluable asset. Furthermore, be wary of investing resources into a cybersecurity solution without extensive research and a solid understanding of your actual needs.

2. Educate employees and enforce a company-wide cybersecurity policy

A company’s network is only as secure as the laptop of its least tech-savvy employee. Considering that all it takes is one click to potentially infect the whole network, you need to be able to trust that your employees’ browsing habits are as informed as your own. Hold mandatory security training sessions every few months to ensure everyone knows how to use the network responsibly, and can tell the difference between fact and malicious fiction.

Company policies are also highly effective at educating staff on cybersecurity best-practices. For instance, you can forbid employees from downloading non-work-related attachments, or from using their personal mobile devices on the company network. You should also encourage employees to ask your IT team for help if they’re unsure of the legitimacy of an email or online request especially if it’s asking for their details or for them to reset their password.

3. Invest smartly in cybersecurity measures

Lastly, it’s vital to have the security infrastructure in place to mitigate the potential damage of “fake news” and real security threats. This should include antimalware software on all company devices, as well as endpoint security criteria that ensures every device is secure before connecting to the network. Other measures you can take include removing administrative rights from endpoint users, thereby reducing potential harm from careless employees, and setting up DomainKeys Identified Mail (DKIM), which will provide an additional level of verification for emails received on the network.

As the number of internet-based security threats continues to grow, it’s crucial that you have the right security systems in place to protect your network. To find out how your IT processes measure up, take our free IT health check.

Subscribe to our newsletter for the latest technology tips & tricks.

Recent Articles

Tags

Categories

Search the Powernet blog

How to delete a whole page in Microsoft Word

How to delete a whole page in Microsoft Word

If you want to remove that stubborn blank page at the end of your report or delete a page containing […]

Read more
How to Unsend an Email in Outlook

How to Unsend an Email in Outlook

How to Unsend an Email in Outlook “Have you ever experienced that sinking feeling in your stomach after accidentally sending […]

Read more
Customise Google Chrome with Colours and Themes

Customise Google Chrome with Colours and Themes

We all spend a great deal of time in our internet browser, searching, googling, so it makes sense to not […]

Read more

We are well awarded

Reach our team

We’re always happy to help you find the right solutions to your IT and technology needs. Here are some ways to contact us.

Give us a call

Chat with our team to discover the best IT solutions for your organisation.
1300 892 692

Our locations

Melbourne CBD

Level 15 / 565 Bourke Street, Melbourne VIC 3000

Eastern Melbourne

Level 2 / 74 Doncaster Road, Balwyn North VIC 3104

Geelong Region

East 4/13-35 Mackey Street, North Geelong VIC 3215

Sydney

U18 / 23-31 Bowden Street,
Alexandria NSW 2015
(02) 8214 8855

Brisbane

7/9 Archimedes Place, Murarrie QLD 4172

Send us an enquiry

This field is for validation purposes and should be left unchanged.

cross