Hackers, Phishing, and Other Nastiness

Be alert and aware of efforts by hackers to access your office computer systems. Hackers are attempting to gain access to systems around the world. Recent reports indicate that hackers have gained access to email accounts of government officials in systems we would all assume have an elevated level of security.

Be sure that you take all necessary steps to protect your systems. Activate a strong firewall, install anti-virus software on your computers, devices, and hardware. If you can afford it, engage an outside consultant to help install and evaluate the methods you use to protect your systems and the information they contain.

Many hacking incidents are not due to hackers penetrating a firewall; rather, hackers send emails to employees that appear to be legitimate. This is known as phishing. Recipients click on links or attachments in the emails that infect their computer or device. The malware or virus may spread to other PCs and servers to which that computer is connected. “Spear phishing” is a more targeted form of phishing in which the sender poses as a trusted person, such as a family member, and tries to get the recipient to act based upon that trust.

Phishing is based on social engineering, which is psychologically manipulating people into performing actions (ex. clicking on links or attachments, transferring money to hacker-held bank accounts) or divulging confidential information (ex. social security numbers, bank account information). This resource outlines some recommendations that Councils and sessions should share with their employees.