FEATURE: MONITORING
Fortinet offers essential
cyber-safety tips amid
escalating cyber-attacks
Never click on an attachment or web link
in an email from someone you don’t
know, that you didn’t request, or that
does not seem legitimate.
A quick way to check the validity of an
email is to simply look at the address of
the sender (you can do that by double
clicking on the name of the sender or
by hitting reply.) Does the email match
the organisation? Is it long, from a
different organisation or location from
what you expected, or does it include a
strings of letters or numbers? If so, you
can safely delete it.
Anthony Giandomenico, senior security strategist/researcher, Fortinet
F
ortinet, which offers network
protection from email spam,
malware, and zero-hour attacks,
has warned Middle East businesses to
brace themselves for escalating cyber-
attacks. Fortinet’s latest Global Threat
Landscape Report reveals 90% of
organisations recorded attacks targeting
system and device vulnerabilities that
were at least three years old, even
though updates and patches had long
been available.
Even worse, about 60% of organisations
reported successful attacks that had
targeted vulnerabilities that were 10 or
more years old.
“We are now living in a digital world,
and cybercrime is part of that new
reality,” says Anthony Giandomenico,
www.intelligentcio.com
senior security strategist/researcher,
Fortinet. “We have all learned to lock
our cars, deadbolt our doors, look both
ways before crossing the street, and
avoid dark alleyways at night. It’s
time to develop the same good habits
as we navigate through our digital
environment.”
Fortinet offers the following cyber-
safety tips:
Inspect email. The most common way
to get users to load malicious software
or malware onto their systems is
through an email attachment. Known
as phishing, these attacks often claim
that the file attached to your email is a
receipt or bill for a fictitious transaction,
a fake document that needs immediate
attention, or a message from a friend.
Scrutinise transactions. Banks will never
initiate a request to verify an account or
provide login credentials. Such requests,
either online or via email, can safely be
deleted. Should one receive an email
or a browser page with a link attached,
look at the URL before clicking. Hover
over the link and look at the address
that appears. It should start with a real
address, such as “www.(yourbank).com”.
The address should also be short. To
remove doubts log into the site directly
rather than use the link provided, or call
your financial institution to ensure the
request is legitimate.
Update devices. Write down the names
of the manufacturers and model
numbers of all your devices in the
business and list all the software running
on these systems. Once you have a
complete inventory, search for known
vulnerabilities or patches, and make
sure these devices and applications are
running the latest patches and current
versions of their operating systems,
firmware, or software. If a device or
application is no longer supported by the
manufacturer, it’s best to replace it. n
INTELLIGENTCIO
19