Welcome to this important three-part video series about how to keep your organization’s data safe. In this first video, we show you how easy it is for hackers to break into any computer.
By hackers, we mean people who break into computer systems with malicious intent. Generally, their aim is to steal data, extort money, or cause damage.
They often have little interest in who an individual is or what an organization does. They’re just looking for easy opportunities t0 gain access to computer systems and the data they hold.
How do they do that? Let’s take a look.
I’m going to show you how a hacker might break into a computer system without anyone knowing. In this example, I’ve got a Windows 10 desktop and I use Word. I can open up a Word document to show it’s as you’d expect it to be.
The machine is running Dropbox. You can see all the files are being copied.
I access my email and there’s a message from the IRS. It looks like a standard IRS email and if I hover over the email itself, no alarm bells start ringing in my mind.
I click on the link to open up the guide. Again, the website address looks okay, the site’s secured, and this looks like an actual PDF guide from the IRS.
Essentially, what the hacker has done here is to use a Trojan to gain access to your computer. This is similar to the wooden horse the Greeks hid in to gain entry to the city of Troy, but it’s done digitally and through an application.
By opening the file, I allowed the hacker into the computer system. Now they can roam free, steal files from me, and even take everything from my Dropbox. They can see all my safe passwords. They have access to my microphone and webcam. Worst of all, they can now encrypt all my data, including my Dropbox backup, which means I’ll lose all of my organization’s data. That’s not a great situation to be in.
Let’s go back and see what actually happened, including behind the scenes.
The PDF wasn’t really from the IRS. By opening it, I gave the hacker’s machine a connection to my computer. Then they could launch a clever virus.
On my Windows 10 machine, you can see the system’s been infected. If I try to open the Word document I opened up earlier, I can’t because it’s become encrypted. If I look in Dropbox, which was acting as my backup, I see that all the files have been copied to the cloud and I’ve lost everything.
Essentially, I’ve lost all my organization’s data just by opening up that one bad PDF file.
Cyber-attacks happen all the time. You’ve probably heard of many of the big names that have fallen victim, such as the Colonial Pipeline hack.
However, big businesses are not the biggest target. Organizations like yours are. A small business is successfully hacked every 19 seconds.
Hackers use clever automated software to target all computers, all the time.
A cyber-attack like the one you’ve just seen is devastating. Just one click can cause an organization to lose their payment systems, CRM, emails, general files, accounting software, and core business systems.
—