Cybercrime dangers are many, complex and ever-changing. Hardly a day goes by without another news report of a data breach or other cyber-related scam or theft. Cyber criminals have considerable resources and expertise, and can cause significant damage to their targets. Cyber criminals specifically target law firms as law firms regularly have funds in their trust accounts and client data that is often very valuable. LAWPRO encourages all law firms to make dedicated and ongoing efforts to identify and understand their potential cybercrime vulnerabilities, and to take steps to reduce their exposure to cyber-related dangers. This article, from the December 2013 issue of LAWPRO Magazine, reviews the specific cybercrime dangers law firms need to be concerned about, and how they can mitigate their risks.

Changing the default settings for the hardware and software used in your office is another critical step in safeguarding the security of your data and protecting yourself from cybercrime. This is probably the most technical of the steps outlined in this article and you may need expert help.

Every computer operating system, program, and app, and every piece of hardware has certain preset or default settings. These are necessary to make them operate out of the box in a consistent manner that the vendor and user will expect.

However, these default settings are common knowledge (and if you don’t know them, you can find them with Google in about five seconds), and hackers can use them to compromise a network, computer or other device. For example, if the administrator account on a computer is named “Administrator” (it frequently is), a cyber criminal only has to work on figuring out the password to hack into a system or device. If you change the name of the Administrator account to something different, your computer is much safer as the hacker has to work much harder to figure out both the name of the administrator account and its password.

You can make your systems much safer by changing the following key default settings:

  • administrator account names
  • server names
  • nework or workgroup names
  • ports (change to non-standard ports and close standard portsthat you don’t use)
  • standard share names
Categories: Fraud Prevention