[BreachExchange] Getting cyber security right

Audrey McNeil audrey at riskbasedsecurity.com
Tue Feb 20 18:46:33 EST 2018


Cyber-attacks have become unavoidable. A 2017 report1 conducted by the UK
Government found that just under half (46 per cent) of all UK businesses
detected at least one cyber-attack of some sort within the last 12 months -
a figure which rises to two-thirds among medium firms (66 per cent) and 68
per cent among large-sized firms.

Even more worryingly, the report found that of these businesses that
detected an attack, 37 per cent said they experienced breaches on a monthly
basis, while well over one in 10 (13 per cent) said that they were
suffering from attacks every single day.

Not only are these attacks becoming a more persistent threat to businesses,
but there’s also an increased awareness of them among the general public.
Almost every day we read stories in newspapers and on websites about
companies that have suffered serious consequences for not taking cyber
security seriously enough.

In April of last year, the payday loan company Wonga was subjected to a
significant online data breach2 that saw the personal information of around
270,000 customers compromised. Immediately after the attack, the brand’s
‘buzz score’3 (a measurement used to determine the general public
perception of brands) fell from minus 13 - a less than desirable score to
begin with - to minus 24, its lowest score in years.

This indicates a serious dent in its reputation, and that’s before you even
start to consider what becomes of all the personal customer data that is
now out of their control.

There’s a reason why - despite the widespread awareness around cyber
security - cyber attacks are still so effective: as businesses improve
their security measures, hackers continue to stay one step ahead. Attacks
are always increasing their sophistication, and there are now dozens of
different ways that hackers can attempt to get their hands on the data they

One of the most popular tactics used by online criminals is what’s known as
‘malware’, which also covers the likes of viruses and ransomware. Malware
is essentially a malicious link or item that might appear in the form of a
curious-looking pop-up screen in your internet browser or an attachment
within your emails, and is designed to mislead the user into thinking it is
genuine. Once the user is fooled and clicks on the malicious item in
question, the hacker has successfully gained access to the IT system and is
able to wreak havoc in any way they see fit.

Another popular method is a ‘distributed denial of service (DDoS) attack’,
which involves flooding a server with so much website traffic that it is no
longer able to cope and crashes under the strain. Once a DDoS attack has
taken place, users will no longer be able to access the affected websites
until the issue has been resolved.

Although this method doesn’t enable hackers to access any internal IT
systems, it still has serious consequences for the victim in terms of lost
revenue and website traffic, and is also commonly used as a tactic to
distract businesses while a more serious attack takes place.

Then there’s a ‘password attack’, which is as self-explanatory as it
sounds. While the first two methods lean towards the more technical end of
the cyber-attack spectrum, a password attack simply involves a hacker
trying to gain access to a system or platform by cracking a user’s password.

While there is software that hackers use to try and successfully crack
passwords, it is often the case that these passwords are accidentally
exposed online and then leaked across the internet (such as the above Wonga
case, for instance), which gives criminals free rein to do as they wish.

This might involve stealing and leaking personal data, planting malicious
lines of code or software inside the system or changing the log-in
credentials so that regular users are no longer able to gain access.

This is to name but a few of the different cyber-attack methods that keep
IT managers awake at night. The threat is immense, and while the fight to
eliminate it entirely is futile, there are measures that businesses can
take to ensure that they remain sufficiently protected at all times.

However, before these measures are put in place, it is imperative that
businesses adopt a proactive approach towards cyber security. It wasn’t too
long ago that many could afford to sit back and wait for an attack to
present itself before considering how to deal with it, but that simply
isn’t possible now: the threat is too great and the consequences too severe.

Instead, all businesses - no matter their size or sector - need to
transition from an ‘if’ to a ‘when’ mindset, which involves proper
preparation and comprehensive planning for all potential scenarios.

Reassuringly, we are already seeing a notable change in attitude. The same
2017 government report found that almost three-quarters of UK businesses
consider cyber security to be a very high priority for their senior
management teams, and three in five (58 per cent) have already sought
information, advice or guidance from IT experts regarding the specific
threats they face.

One of the most effective ways for businesses to implement this proactive
approach into their day-to-day operations is through a cyber security
strategy - a comprehensive set of best practices that covers every
eventuality and is distributed to all employees across the company, raising
awareness of the issue and the correct steps that should be followed in the
event of an attack.

However, for these strategies to be truly beneficial, each one needs to be
specifically tailored to the nature and needs of the business it intends to
protect; simply taking someone else’s strategy and swapping the names
around will not yield any positive results. Instead, businesses need to ask
themselves several questions.

Firstly, does it have employees that are regularly working outside of the
office, and if so, what security risks might this present?

Secondly, what back-up processes are in place and how could they be

Thirdly, how often is the business asking employees to change their
passwords to prevent password attacks? There are obviously many more areas
that should be covered as part of a full cyber security strategy, but
answering these three questions alone could help to significantly
strengthen existing defences.

Even for those who are fully aware of the cyber threat and ready to put
together a cyber security strategy, it can often be an intimidating process
to get started with, either due to the sheer scale of the task or because
of a lack of IT knowledge. As a result, many turn to specialist IT
providers for guidance and advice on the specific types of attack they
should be looking out for and how they can most effectively mitigate the
associated risks. By working with the right IT provider, businesses can
also benefit from an increased agility in responding to any attacks.

Certain IT providers can also help businesses in keeping all their
IT-related data in one safe and secure location. This means that instead of
rooting through numerous folders and picking up separate data files along
the way, the relevant individuals can find everything they need as quickly
as possible, which could prove to be the difference between staying
protected and falling prey to a fatal attack.

As the cyber threat continues to grow and catch unsuspecting businesses by
surprise, there’s never been a better time to start strengthening your
defences than now. While the threat can’t be put to bed entirely, there are
numerous ways of effectively fighting back and showing hackers who’s really
in control.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180220/f9b68eaa/attachment.html>

More information about the BreachExchange mailing list