The National Cyber Security Centre officially opens for business

By Cyber SecurityNo Comments

The Queen officially opened the National Cyber Security Centre (NCSC) yesterday- the single, central body for cyber security at a national level.

The Queen officially opened the National Cyber Security Centre (NCSC) yesterdayThe NCSC is core to the government’s National Cyber Security Strategy, which was unveiled on 1 October 2016.

Staff in Victoria, central London, will be joined by experts from GCHQ and the private sector to help identify threats.

At the time, Chancellor of the Exchequer Philip Hammond said: “The new National Cyber Security Centre will provide a hub of world-class, user-friendly expertise for businesses and individuals, as well as rapid response to major incidents.”

Hammond said the government’s 2015 Strategic Defence and Security Review classified cyber as a Tier One threat to the UK, and outlined the actions the government needed to take to secure the country.

According to the National Cyber Security 2016-2021 report, NCSC’s role will be to manage national cyber incidents, provide an authoritative voice and centre of expertise on cyber security, and deliver tailored support and advice to government departments, the devolved administrations, regulators and businesses.

“The NCSC will analyse, detect and understand cyber threats, and will also provide its cyber security expertise to support the government’s efforts to foster innovation, support a thriving cyber security industry, and stimulate the development of cyber security skills,” the report said.

There were 188 cyber attacks classed by the NCSC as Category Two or Three during the last three months.

And even though the UK has not experienced a Category One attack – the highest level, an example of which would have been the theft of confidential details of millions of Americans from the Office of Personnel Management – there is no air of complacency at the NCSC’s new headquarters.

Ciaran Martin, the centre’s chief executive, said “We have had significant losses of personal data, significant intrusions by hostile state actors, significant reconnaissance against critical national infrastructure – and our job is to make sure we deal with it in the most effective way possible.”

As well as protecting against and responding to high-end attacks on government and business, the NCSC also aims to protect the economy and wider society.

The UK is one of the most digitally dependent economies, with the digital sector estimated to be worth over £118 billion per year – which means the country has much to lose.

It is not just a crippling cyber-attack on infrastructure that could turn out the lights which worries officials, but also a loss of confidence in the digital economy from consumers and businesses, as a result of criminals exploiting online vulnerabilities.

A sustained effort was required by government and private sector working together to make the UK the hardest possible target, officials say.

Russia has been the focus of recent concern, following claims it used cyber-attacks to interfere with the recent US presidential election.

“I think there has been a significant change in the Russian approach to cyber-attacks and the willingness to carry it out, and clearly that’s something we need to be prepared to deal with,” Mr Martin said.

Kreb’s Immutable Truths About Data Breaches

By Cyber SecurityNo Comments

Cyber 139 have been following Brian Kreb’s writings for a while and his Dilbert style post below caught our imagination:

Cyber 139 have been following Brian Kreb's writings for a while and his Dilbert style post below caught our imagination:

I’ve had several requests for a fresh blog post: A list of immutable truths about data breaches, cybersecurity and the consequences of inaction.

“There are some fairly simple, immutable truths that each of us should keep in mind, truths that apply equally to political parties, organizations and corporations alike:

-If you connect it to the Internet, someone will try to hack it.

-If what you put on the Internet has value, someone will invest time and effort to steal it.

-Even if what is stolen does not have immediate value to the thief, he can easily find buyers for it.

-The price he secures for it will almost certainly be a tiny slice of its true worth to the victim.

-Organizations and individuals unwilling to spend a small fraction of what those assets are worth to secure them against cybercrooks can expect to eventually be relieved of said assets.”

They may not be complete, but as a set of truisms these tenets probably will age pretty well. After all, taken as a whole they are practically a model Cybercriminal Code of Ethics, or a cybercrook’s social contract.

Nevertheless, these tenets might be even more powerful if uttered in the voice of the crook himself. That may be more in keeping with the theme of this blog overall, which seeks to explain cybersecurity and cybercrime concepts through the lens of the malicious attacker (often this is a purely economic perspective).

So let’s rifle through this ne’er-do-well’s bag of tricks, tools and tells. Let us borrow from his literary perspective. I imagine a Cybercriminal Code of Ethics might go something like this (again, in the voice of a seasoned crook):

-If you hook it up to the Internet, we’re gonna hack at it.

-If what you put on the Internet is worth anything, one of us is gonna try to steal it.

-Even if we can’t use what we stole, it’s no big deal. There’s no hurry to sell it. Also, we know people.

-We can’t promise to get top dollar for what we took from you, but hey — it’s a buyer’s market. Be glad we didn’t just publish it all online.

-If you can’t or won’t invest a fraction of what your stuff is worth to protect it from the likes of us, don’t worry: You’re our favorite type of customer!

From: https://krebsonsecurity.com/2017/01/krebss-immutable-truths-about-data-breaches/

Hackers follow the money too

By Cyber SecurityNo Comments

Deepthroat suggested during the Watergate investigations to “follow the money”- for Nixon then, read hackers now.

Deepthroat suggested during the Watergate investigations to follow the money- for Nixon then, read hackers now.Now hackers are going after law firms for exactly the same reason. This month, US prosecutors charged three Chinese traders with securities fraud, saying they had made more than $4m trading on information allegedly stolen from two of the US’s best known law firms.

Though prosecutors did not identify the firms, the descriptions of them and the work they had done match Cravath, Swaine & Moore and Weil, Gotshal, two firms routinely hired by Fortune 500 companies to help run their big deals. Both firms have declined to comment.

Though prosecutors did not identify the firms, the descriptions of them and the work they had done match Cravath, Swaine & Moore and Weil, Gotshal, two firms routinely hired by Fortune 500 companies to help run their big deals. Both firms have declined to comment.

The US Securities and Exchange Commission said the hackers targeted seven firms known for their mergers and acquisitions work, hitting them with more than 100,000 attacks over a three-month period. They then struck gold with two

They then struck gold with two organisations. After installing malware on each law firm’s computer network, they gained access to their IT departments and from there broke into the files and emails of senior M&A lawyers. They ended up stealing nearly 60 gigabytes of data related to at least 10 potential deals.

In several cases, the information bore fruit — the hackers gained early word of Pitney Bowes’ 2015 offer for ecommerce group Borderfree and Intel’s 2015 purchase of Altera, and were able to trade ahead of them.

“This case of cyber meets securities fraud should serve as a wake-up call for law firms around the world: you are and will be targets of cyber hacking because you have information valuable to would-be criminals,” said Preet Bharara, the US attorney for Manhattan.

Other professional services firms should take note- your reputation and organisation are at risk from hackers.

This is not the first time the industry has been hit by hackers who specialise in what is becoming known as “outsider trading”. Last year federal prosecutors charged nine people in the US and Ukraine with trading ahead of earnings press releases that had been provided to Marketwired, PR Newswire and Business Wire. That case inspired other Ukraine-based hackers to try their luck with law firms, according to intelligence firm Flashpoint, which put out a warning in March.

Accounting firms that provide tax advice on mergers, boutique advisory firms, and consultants who weigh in on synergies and downsizing plans are almost certainly on the criminals’ hit list. Retailers, telecoms groups and internet companies, including Target, TalkTalk and Yahoo, have already had to pay the price for weak defences.

But in some ways, they got off easy. Most of the stolen passwords were old and the account details rarely included immediately usable information. At most, the hacks involved theft of credit card numbers, which come with fraud defences. So customers have rarely felt much need to hold hacked companies accountable. Yahoo, for example, seems to have suffered very little drop off in customer loyalty after announcing the first of two giant hacks, although the jury is still out after the second one.

Professional services firms will not be so lucky. Banks and companies pay extremely high prices for outside advice. They expect professionalism and confidentiality in return. Getting hacked by a bunch of Chinese traders is hardly a strong recommendation of either.

Faced with a choice of five law firms that invested in cyber defences that were strong enough to withstand a pointed attack, and two who did not, which would you choose?

So if you want to save yourself stress, money and a damaged reputation from a cyber incident please ring us now on 01242 521967 or email safe@cyber139.com or complete the form on our contact page NOWContact Cyber 139From: https://www.ft.com/content/f52f6fee-ccf4-11e6-864f-20dcb35cede2

Glos Police warn cyber crime is more dangerous than streets at midnight

By Cyber SecurityNo Comments

Gloucestershire Police said in Dec 2016 that within our county 54 % of all reported crime was cyber related.

Glos Police warns cyber crime is more dangerous than streets at midnight.In other words, you have a much higher chance of being mugged online in your home or work place than you do wandering around any of our high streets at midnight at the weekend.

According to the latest report by the Office of National Statistics (ONS), there were 5.8 million incidents of cyber crime and fraud in the 12 months up to March 2016, affecting one in 10 people in England and Wales.

The Federation of Small Businesses (FSB) found last month that small firms are unfairly carrying the cost of cyber crime in an increasingly vulnerable digital economy being collectively attacked seven million times per year, costing the UK economy an estimated £5.26 billion.

Despite the vast majority of small firms (93%) taking steps to protect their business from digital threats, two thirds (66%) have been a victim of cyber crime in the last two years. Over that period, those affected have been victims on four occasions on average, costing each business almost £3000 in total.

The types of cyber crime most commonly affecting small businesses are phishing emails (49%), spear phishing emails (37%), and malware attacks (29%).

Small firms are also concerned about hacking and fraud when the card is not present, with the average information breach setting them back 2.2 days.

However just a quarter of smaller businesses (24%) have a strict password policy, but only four per cent have a written plan of what to do if attacked online, and just two per cent have a recognised security standard such as ISO27001 or the Government’s Cyber Essentials scheme.

So if you want to save yourself stress, money and a damaged reputation from a cyber incident please ring us now on 01242 521967 or email safe@cyber139.com or complete the form on our contact page NOWContact Cyber 139

Cyber 139 wishes you a secure and prosperous New Year

By Cyber SecurityNo Comments

Cyber 139 wishes you a secure and prosperous New Year for 2017.

Cheltenham based cyber security and protection firm Cyber 139 wishes you a secure and prosperous New Year for 2017.

Cheltenham based cyber security and protection firm Cyber 139 wishes you a secure and prosperous New Year for 2017.

Overall 24% of ALL businesses surveyed in 2016 had had one or more cyber security breaches in the past 12 months- so please don’t let you be a victim in 2017.

So if you want to save yourself stress, money and a damaged reputation from a cyber incident please ring us now on 01242 521967 or email safe@cyber139.com or complete the form on our contact page NOWContact Cyber 139

Cyber crime costs small businesses the most

By Cyber SecurityNo Comments

New research has found that cyber crime is disproportionately effecting small businesses the most.

New research has found that cyber crime is disproportinately effecting small businesses the most.

The Federation of Small Businesses (FSB) has found that small firms are unfairly carrying the cost of cyber crime in an increasingly vulnerable digital economy.

The report Cyber Crime: How to protect small firms in the digital economy suggests smaller firms are collectively attacked seven million times per year, costing the UK economy an estimated £5.26 billion.

Despite the vast majority of small firms (93%) taking steps to protect their business from digital threats, two thirds (66%) have been a victim of cyber crime in the last two years. Over that period, those affected have been victims on four occasions on average, costing each business almost £3000 in total.

Cyber crime costs small businesses disproportionately more than big businesses when adjusted for organisational size.

Currently the responsibility largely falls on small businesses to protect themselves. FSB is calling for more support to be given to those smaller firms least able to bear the burden of the increasing global cyber threat.

Almost all (99%) of the UK’s 5.4 million small firms rate the internet as being highly important to their business, with two in three (66%) offering, or planning to offer, goods and services online. Without intervention, the growing sophistication of cyber attacks could stifle small business growth and in the worst cases close them down.

Mike Cherry, FSB National Chairman, said: “The digital economy is vital to small businesses – presenting a huge opportunity to reach new markets and customers – but these benefits are matched by the risk of opportunities for criminals to attack businesses.

“Small firms take their cyber security responsibility very seriously but often they are the least able to bear the cost of doing so. Smaller businesses have limited resources, time and expertise to deal with ever-evolving and increasing digital attacks. We’re calling on Government, larger businesses, individuals and providers to take part in a joint effort to tackle cyber crime and improve business resilience.”

The types of cyber crime most commonly affecting small businesses are phishing emails (49%), spear phishing emails (37%), and malware attacks (29%).

Small firms are also concerned about hacking and fraud when the card is not present, with the average information breach setting them back 2.2 days.

To combat this, four in five small firms (80%) use computer securing software, and well over half (53%) perform regular updates of their IT systems.

The FSB report also found room for small firms to improve security.

Currently just a quarter of smaller businesses (24%) have a strict password policy, four per cent have a written plan of what to do if attacked online, and just two per cent have a recognised security standard such as ISO27001 or the Government’s Cyber Essentials scheme.

Mike Cherry added: “Small firms are understandably focussed on building their businesses and creating the jobs which drive economic growth. The vulnerabilities of the digital world affects everyone and the responsibility for improving resilience should not be left to the group with least resource to do something about it.