Target Spear Phishing
Cyber Security Guidelines
Insider Security Threats
Today’s approach to
In 2015, the industry saw a record total of nine major breaches, with an estimated advised exposure of identities jumping to 429 million. While this number is worrying, it hides a bigger concern where companies choose not to reveal the full extent of their data breaches due to reputational damage. On examination of recent security
Alerts have shown that Microsoft 365 cloud can be hit by ransomware and point of sales systems can be targeted with success in leisure and travel industries. Free Wi-Fi, although counted as a benefit when visiting your
It is worth remembering that cybercrime in all its forms is a business
One the biggest threats today and the most common is related to the malicious
Due to the complexity and high success rate of these emails, companies tend to employ external white hat phishing services to train their employees on the dangers and the correct diagnosis of received attack emails. Although it should be remembered that a complex spear phishing attack email can fool even the smartest of IT professionals, additional safeguards relating to money transfers and documentation release should be observed.
Following on from this is the insider threat to any client’s infrastructure, reports show that
Ransomware, the extremely profitable type of virus attack, continues to ensnare company users and expand to any
The problem starts when a victim clicks on an infected advertisement, email, or attachment, or visits an infected website. Once the victim’s device has infected with the ransomware variant, the victim’s files become encrypted with no way to un-encrypt them unless payment is made. In most cases, once the victim pays a ransom fee, they regain access to the files that were encrypted. But this doesn’t ensure you from re-encryption at a later date. The virus becomes particularly effective due to many users failing on three crucial areas;
Though this is not to say completion of the above entirely
The use of bitcoin for ransomware demand payment is commonly used due to its easy use, allowing fast payment whilst being publicly available,
Expanding upon on the free Wifi threat that is growing in today’s industry of unprotected Wifi networks, particularly in public places, are most certainly a threat. This is due to users connecting to a network without knowing who else is on the network. “Free Wifi” provided by cafes, restaurants, etc. serve as excellent places for cybercrime where attackers can be harvesting user passwords with the user never knowing a breach has occurred. The attacker has various options open to them although the more popular attack method to perform is the ‘Man in the Middle’ attack which employs a technic known as ARP Cache Poisoning. Once addressed the attacker can read all plaintext passwords, including unsecured email (Email without TLS protocol use), unencrypted
Reputational cost of cybercrime has a deep impact on all companies and thus true figures of damage costs and known breaches are impossible to advise. Companies, where possible will hide a breach due to knowing that publication of it will impact on their financial wellbeing. But it should be pointed out that cybercrime goes beyond finances and intellectual property. A recent survey showed that 50% of the consumers indicated that a cybersecurity breach would prevent them from using a company again. While companies fear reputation damage, there still has been little work to quantify it. Companies suffer reduced valuation after public reporting of being hacked, usually in the form of a drop in stock prices. These losses can be significant as shown by the TalkTalk and Sony breaches. Indeed, stock prices usually do recover over time, though recovery of stock prices may not be so quick if investors decide that there has been significant damage to a company’s intellectual property portfolio or sees a significant outflow of customers as a result.
The most typical spoofed phishing emails we are currently seeing is an attacker impersonating an executive/CEO asking someone in accounts to perform a wire transfer or alternatively requesting they open a web link attachment. An example of an email could look like this:
From: Rudy Bosive (CEO) <firstname.lastname@example.org>
To: Claire Amtir (Senior Accounts) <claire@@bankofengland.com >
Subject: Can you make this wire transfer for me?
We just closed on an acquisition of a new service but we’re trying to keep it quiet. Could you wire over £50,000 to them? The account number is below and we need to get this taken care of urgently today.
Sent from Outlook for iPhone
Although spoofing has been around for some time, its evolution and prevalence
It is important to understand that traditional security doesn’t stop these attacks because they are so cleverly customised, as a
The human element is incredibly important and as such many companies now are adopting employee phishing testing programs or implementing additional
Remember… the people perpetrating these frauds frequently research employees’ responsibilities so they know who to target, and often gather information to try to make the wire transfer request as believable as possible. For example, they may research the executive’s schedule using public information or by making inquiries of the executive’s assistant with the goal of sending the fraudulent emails when the executive is out of town and cannot be easily reached for verification.
This guide will talk through how and why to ensure you have cyber security in place, as well as helping those with security already in place to ensure it remains up-to-date.
WHY DOES IT MATTER?
Cyber Attacks usually have one of 4 main functions.
The more devices that are connected to the internet leads to
WHAT CAN I DO?
So now we know
Ensure there is an agenda point on each Board Agenda and each Senior Management team agenda to review and report on the Cyber Security Status.
This is critical as it proves the decision makers and key stakeholders understand and
If this item is not on the agenda, get it on there and employ an expert to explain the threats in the context of your business.
Do not assume your current IT team are experts.
Use your Cyber Security expert to run workshops to interview the IT team from CIO down to find out what they know and then produce a
Implement the recommendations
This is critical as Cyber Security reports often look like they were written by a purveyor of Doom
As long as you require
Cyber threats are changing daily and your protection software will help to ensure devices are protected if they are kept up to date. What is really important is to ensure that
Cyber Attacks: £600k- £1,15m is the average cost of a security breach. Who’s Attacking you?
Cyber Attacks are on the rise. A successful business works on the basis of revenue growth and loss prevention. It isn’t only large companies who are at risk. Small and medium-sized businesses are severely affected if one of these requirements suffer. Data loss, business
Security controls applied at each stage of an attack shown in this
This infographic shared by the UK
Cyber Attacks – Reducing the impact
Even with all the precautions and steps in place to minimise this risk, it is still possible for a business to be hit by an attack. To reduce the dramatic impact of this, it is paramount that such situations are handled appropriately and quickly.
To ensure you have protection in place and a contingency plan, that works for your business, speak to CRIBB on 0800 9 101 101.
Businesses today are placing themselves in the firing line as they face the biggest challenge of cyber security. The recent cases of a data breach at Verizon and internal hacking at Expedia, outline how important cyber security is to business. Such cyber attacks pose a silent threat for a company with a damage potential running into billions, besides killing investor confidence and denting brand image.
In order to safeguard the business network, you must first understand what – and where – the biggest risks are.
According to the IBM 2016 Cyber security Intelligence Index, 60% of security incidents were carried out by insiders, either with malicious intent or carelessness. EY’s Global Information Security Survey discovered that 56% of organizations consider employees the most likely source of a cyber attack.
So your employees may be the biggest cyber security threat – the Trojan horse within. How do your employees compromise business security?
The 2017 Insider Threat Report cites inadvertent data breaches as topping the list of insider threats (71 %), followed by negligent data (68 %) and malicious data breaches (61 %). This is just the tip of the iceberg, as the “insider” is none other than your employee with physical or remote access to the company assets. He or she has insights into your business vulnerabilities and access to “insider-only” data. The average employee is also known to circumvent access controls, typically unconcerned with potential consequences of his actions.
The internal threat ecosystem affecting your business security
With businesses deploying most of their operations to the cloud and operating in an “always connected” environment, there is need to look at the threat ecosystems within the organization.
1. The BYOD culture
The adoption of bring-your-own-device (BYOD) practices, and proliferate use of mobile devices for access to business information, are the greatest security risks. Loss of devices, use of unsecured devices, and rampant sharing of unencrypted data put the business network at risk of cyber attacks.
2. Threats of Shadow IT
Even as security controls are deployed for known assets, the challenge of “Shadow IT” is a growing threat from within. The risks of non-approved SaaS and IaaS applications can put your data at risk, as they are outside the purview of network controls.
3. Unapproved / unsecured downloads
Downloading and file sharing is an everyday practice, that nevertheless exposes the system to malwares and hacks. An employee who downloads MP3 files on his device, or uses a peer-to-peer platform may unknowingly share company information.
4. Unsecure IoT
The increase in connected devices gives more entry points to hackers and cyber criminals. The IoT architecture’s sensor nodes and system network layer are vulnerable attack points.
5. Unprotected unpatched devices
Devices in use by your employees may not have firewalls or anti-virus programs installed. Unpatched and outdated software are also additional security holes.
6. Risks of unauthorized access and authentication
Unauthorized access to business data and lapses in the authentication process are some of the most common security breaches.
7. Illegal/unethical activities
If your employee or vendor with authorized access has mal intentions, he can indulge in the most unimaginable scenarios of data theft, data breach or damage.
8. The menace of social engineering
From email attachments and web links loaded with Trojans, to phishing and manipulated disclosure of passwords and sensitive information, this is the most dangerous, yet overlooked menace within an organization.
Types of insider risks
Security risks from insider behavior stem from accidents, negligence or malicious intent.
Accidental – The Verizon’s 2016 Data Breach Incident Report cites 30% of security incidents as accidental. When employees are not in the know of cyber security best practices, they may unwittingly put your business at risk by say, clicking on a malicious link, or as in Verizon, incorrectly setting the cloud storage to allow external access!
So an e-mail from what looked like the CEO, asking to pay £25,000 in a specified bank account, may be phishing, and the employee who opens the email may unknowingly cause a security risk.
Negligent – These are the insider threats that arise when your employees circumvent policies in place. For instance, your employees may be using unsecure public cloud applications for file sharing, opening you up to cybersecurity risks.
Malicious – Espionage, financial gain, or revenge are the prime factors responsible for deliberate malicious attempts at compromising business security. Unlike accidental and negligent risks, malicious insider threats are unexpected and yet, the most potent.
No room for complacency
Insider threats can remain undetected for years, as was found in the Expedia case, and very often hard to prove. Business leader and the C-suite executive thus need to have an internal cybersecurity strategy that minimizes risks of insider threats.
Have a Security Policy in place
Making cybersecurity a KPI ensures an employee-vested interest in data protection and security.
Strengthen your network access security protocols
A strong identity and access management (IAM) strategy reduces cyber risk by limiting employee access, adopting a strong authentication approach, and controlling privileges across the IT network.
Hack-proof / patch your connected devices
IAM strategies must also address the growing trend of personal and connected devices, by ensuring security compliance.
Minimize vulnerabilities of shadow IT
Implementing a fluid combination of technologies and practices can help cut down the risks of shadow IT.
As much of insider threats come from lack of knowledge or a laid back approach to business networks, you must ensure effective training and awareness among your employees to ensure healthy practices.
With more and more cases of insider threats being discovered, businesses must understand the nature of threat perception from within. As a business leader, you cannot afford to be passive. Adoption of a robust cybersecurity strategy and a practice of internal security audits can help you reduce vulnerabilities and forestall network breaches.