Cybersecurity specialists at CyberFlow often advise using password managers to stay safe online, among other precautions. However, many people believe that using this tool is enough and they do not need anything else. As the unfortunate tale of a software engineer working for one of the biggest entertainment companies shows, password managers do not protect against hackers.

A Scenario Worthy of a Horror Film

The unravelling of the engineer’s life started innocuously with downloading a free AI tool on his home computer. This was the same computer where the engineer had the password manager installed. Here, he stored passwords for all his logins, including for Slack, email and other software tools he used at work.

The AI tool contained an infostealer that gained access to the master password and the session cookies. Thus, the hackers had access to data on the engineer’s home computer and work laptop.

Within a few months, he saw all his online accounts compromised and lost his job after a forensic investigation discovered unacceptable browsing habits attributed to the engineer.

What went wrong? The software engineer was aware of cybersecurity risks. He relied on employer-provided cybersecurity tools. Yet, hackers managed to gain access to sensitive data and publish them on a forum,

Lessons from This Hacking Story

The only mistake the software engineer admitted to was not using multifactor authentication for the password manager. But the best cybersecurity programs can keep you one step ahead of hackers even in this situation.

What really made the engineer’s situation worse was the fact that stolen session cookies gave hackers access to his work computer. Here is why cybersecurity in business and personal life is important:

1. Quickly Identifying and Isolating the Compromised Area

When you use advanced cybersecurity services, every device, system and user is covered. These professional tools identify the point of penetration very quickly and the CyberFlow team starts working immediately to isolate it from the rest of the network.

In this example, it would have been a matter of completely severing the link between the infected home computer and the work computer.

2. Enforcing Multifactor Authentication Everywhere

One of the benefits of cybersecurity provided by professionals is the enforcing of uniform policies for the entire staff – from the CEO to the most junior position. A network is safe as long as everyone follows the rules.

And one of the basic rules is using multifactor authentication for every login – no exception. In the engineer’s case, MFA was not used for the password manager. This mistake gave the hackers access to the entire database of logins – from work to banking and healthcare applications.

3. Preventing the Downloading and Installing of Unsafe Software

Cybersecurity tools can be configured to prevent users from downloading and installing software without their IT manager’s approval. They can also scan and flag unsafe installers, so that they do not end up on company or personal computers.

Hackers often lure their victims with free software, apps and games. However, there is always a poisoned apple in their too-good-to-be-true offer. These freebies are usually loaded with malware that can either steal data or encrypt it (ransomware).

4. Finding Vulnerabilities in the Systems and Users Before Hackers Do

Through ethical hacking, the CyberFlow team can find out if your systems are vulnerable to hacking and patch the issues. They can also identify users who are not aware of cybersecurity risks and are likely to click on phishing emails or download free apps bundled with malware.

By giving them specific cybersecurity awareness training, we can eliminate this vulnerability and empower your entire team to be accountable for their actions online.

Choose the Best Cybersecurity for Business with CyberFlow!

One simple mistake can lead to incalculable damages to your business. When it comes to using cybersecurity tools, you cannot leave your IT network unprotected just because you apply a few best practices.

You need a comprehensive approach – the CyberFlow approach. We will ensure that all your devices and systems are protected and that your employees follow the protocols we designate to minimise risks. Contact us today to build your effective defence against hackers!