Cybercrime is increasing across the world and no industry is immune. Some businesses assume that it is only large corporations or those that handle significant sums of money that are targeted, but the reality is that companies of any size can fall victim to cybercrime.
Indeed, freelance photographers and those attached to small photography businesses have found themselves the target of cybercriminals.
Here we take a closer look at ten of the most common cybersecurity challenges that photographers face, as well as what they can do about them.
1. Ransomware
Photographers can be vulnerable to ransomware attacks. These attacks work by getting malicious software onto your computer - this software locks you out of your files and threatens to delete all of the files in a short time period unless a ‘ransom’ is paid to get the material back.
Given that photographers are often extremely reliant on material that they have already captured (for example, wedding photographs) this can make it very difficult for them to refuse to pay the ransom.
Ransomware is growing significantly year on year, spurred on by the fact that individuals usually pay the ransom. Unfortunately in the majority of cases, even those who pay do not get their files back.
2. Theft of photographs
As mentioned above, a photographer’s files are extremely important to them. Losing them not only means losing out on payment from a client, but can also lead to a damaged reputation for not providing what they said they would.
The majority of hackers and cybercriminals are simply looking for the fastest way to make money. If they can’t find a way to profit from a data breach of a photographer’s system, they may well simply delete files.
3. Phishing attacks
Phishing is one of the most common types of cybercrime. It is probably true that everyone has seen a phishing email - they tend to appear to emanate from a legitimate and well-known company and, under various pretences, attempt to get a user to click on a link in order to log into their account.
In reality, the whole email is fake and the link will be to a realistic-looking spoof site that will steal your card details. Both photographers and their clients can be targeted with phishing emails, so it is important not only to keep your guard up but also to let customers know about how you will contact them and what they can do to protect themselves.
4. Ensure equipment sites are legitimate
Unfortunately, many photographers find themselves the victim of scams that have nothing to do with their own website or their personal security. Everyone likes a bargain and finding the equipment you’ve been looking for at a fantastic price can feel like an opportunity that is too good to turn down.
It is extremely important to ensure that when you buy equipment, you’re using a high-quality site that won’t supply counterfeit equipment or simply take your money and run. Meanwhile, reputable sites do everything they can to reassure businesses that they are genuine and ready for their custom. Check to see whether a genuine site has a designated ‘Company Info’ page, commonly detailed in the footer section of a home page, that details both its Trading and Registered Addresses - two legitimate ways to get in contact. You should also check external review sites to check for authenticity.
5. Password cracking
Many photographers store all of their photographs and files in the cloud. This is typically a very safe and secure way to know that your documents are where they need to be, as cloud providers will have their own backups and cybersecurity measures to keep your files secure.
Of course, it is important to recognise that your account is only as secure as your password. This means you need to have a very strong password that cannot be easily cracked by software. The best way to do this is to have a long password that contains no dictionary words. It should also be a combination of upper and lower case letters although with at least one number and at least one symbol (such as the ‘@’ or ‘!’).
6. Stronger security measures needed
Following on from the importance of a strong password, it is also worth looking into stronger security measures such as multi-factor authentication (MFA). This works by requiring more than one way to prove your identity, thereby letting only the relevant people into the systems they should have access to. In MFA, an account might require a password, a PIN, and a text code sent to your phone to verify that it is you trying to gain access.
Most cybersecurity vulnerabilities are created by people rather than systems, so ensuring that photographers are well trained on protecting their data and files against security breaches, privacy, etc is important. Photography courses offer advice on valuable ways to tighten up security processes across various IT devices they rely on for their work.
7. Using a single account
If you are currently using a single account to hold all of your files and data, this can be problematic. Should a cybercriminal gain access to this account, they will consequently have access to all of your data and files. It can be a much smarter idea to have separate accounts with individual logins for each client.
8. Using unknown software
We often don’t think enough about the software that we use. For many of us, finding a piece of software that does what we want is all we need to know. But software that is not patched and updated regularly can have hidden vulnerabilities. This doesn’t mean it is specifically malicious itself, but cybercriminals can exploit the vulnerabilities and take advantage of you.
9. Client personal data loss
Photographers don’t only need to think about the problems that could be associated with losing the photographs that are a major part of their business - because a bigger problem could actually be hiding elsewhere.
As we have seen with the introduction of data protection laws such as Europe’s GDPR, lawmakers are taking the protection of the private data of individuals very seriously. If your photography business suffers a data breach, you could potentially lose private client information which would potentially put you at fault with regard to data protection laws.
Remember that commissions have the power to heavily fine companies that don’t follow guidelines and ensure that their business has powerful cybersecurity in place. There are also strict rules that need to be followed closely in the event of an attack - so it is important for photographers to be aware of where they operate and how data laws affect them.
10. Make sure you backup!
It is true even if you have a cloud provider that promises to back up everything for you. Ultimately, it is important to have your own copy that you can rely on. It never hurts to have an additional backup.
Note: This blog article was written by a guest contributor for the purpose of offering a wider variety of content for our readers. The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of GlobalSign.
