Nearly half of UK firms hit by cyber phishing attacks

Nearly  half of UK businesses have been compromised in the past two years using phishing attacks, despite high levels of cyber awareness and training.

Nearly  half of UK businesses have been compromised in the past two years using phishing attacks, despite high levels of cyber awareness and training.

Phishing attacks aimed at stealing legitimate user credentials have been used in the past 24 months to compromise 45% of UK organisations, according to research on behalf of cyber security firm Sophos.

Just over half (54%) of more than 900 IT directors polled in Western Europe said they had identified instances of employees replying to unsolicited emails or clicking on links contained within them, revealed a poll conducted by Sapio Research.

The study revealed that larger businesses are most likely to have been compromised by phishing attacks, despite also being most likely to conduct phishing and cyber threat awareness training.

Although businesses in the UK fell victim to phishing attacks at a similar rate to those in France (49%) and the Netherlands (44%), those in Ireland performed significantly better. Just 25% of Irish respondents said they had fallen victim to phishing in the past two years.

Across all respondents, 56% of companies employing between 500 and 750 people were identified as phishing victims in the past two years, while two-thirds (65%) had identified instances of employees replying to unsolicited emails or clicking on links contained within them.

By comparison, just 25% firms with fewer than 250 people and 36% of organisations with between 250 and 499 employees had been compromised by phishing in the same period.

Half of firms with fewer than 250 people offered training to help employees spot attacks, compared with 78% of those with between 500 and 1,000 people. And 79% of UK companies conduct regular cyber threat awareness training already, while 18% said they plan to offer it in the future.

Adam Bradley, UK managing director at Sophos, said criminals are adept at using social engineering to exploit human weakness, so while well-trained employees are an excellent deterrent, even the best user can slip up.

According to Bradley, phishing is one of the most common routes of entry for cyber criminals. As organisations grow, their risk of becoming a victim also increases as they become more lucrative targets and provide hackers with more potential points of failure.

Given the frequency of these attacks, organisations that don’t have basic infrastructure in place to spot people engaging with potentially harmful emails and whether their systems are compromised are likely to encounter some really significant problems.

Organisations should block malicious links, attachments and imposters before they reach users’ inboxes, said Bradley, and use the latest cyber security tools to stop ransomware and other advanced threats from running on devices even if a user clicks a malicious link or opens an infected attachment.

If you want to save yourself stress, money and a damaged reputation from a cyber incident – for a cyber security incident prevention, protection and training please ring us now on 03333 393 139 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139

LORCA identifies top priorities for cyber security innovation

The top priorities for cyber security innovation are identity management, patch management and configuration management.

The top priorities for cyber security innovation are identity management, patch management and configuration management.

“These are basic components of cyber security, but failure to do them well is still responsible for the bulk of cyber attacks that we are seeing.”said the new LORCA CEO  Hannigan

Identity is one area where the UK is particularly strong, with some great companies focused on it, he said, particularly in the academic “pre-company” sector, where universities are doing some “really innovative things” around identity management and authentication.

“Identity is key to cyber security, and if we can get a product out there that beats others, the sky is the limit, especially for the export market, and it will be about who gets there first with a viable solution,” he said.

Hannigan believes the internet of things (IoT) and cloud computing are two more areas where cyber security entrepreneurs should be focusing their efforts.

He said cloud computing is “problematic” because it makes it harder for companies to understand what the perimeters of their networks are.

“Even for those companies that have worked out what their cyber security policy is and managed the risks, suddenly to do all their processing and storage in the cloud complicates that,” said Hannigan. “It is not terminal, but it means they need to rethink their risks and mitigations.”

He advised organisations to look at the guidance on security in the cloud from the National Cyber Security Centre (NCSC).

IoT is ripe for innovation

The IoT is “ripe for innovation”, said Hannigan, because it is unlikely that regulation or government guidelines will address the immediate risks.

“It is going to be a long time before security by default is achieved, so in the meantime we need to find ways to mitigate potential disasters, with billions of devices connecting to the internet,” he said.

In terms of going to market, Hannigan advises cyber security entrepreneurs to spend some time considering things from the customer’s perspective.

“In the UK, companies are more likely to be conservative in their cyber security investments and stick with well-established suppliers than countries like the US and Israel, so startups need to take that into consideration,” he said.

Hannigan believes Lorca has a role to play here in helping startups to think through how their technology will integrate with existing IT environments, making it as easy as possible with minimal disruption.

Time and skills required by businesses

Although businesses do not necessarily need to spend a fortune on cyber security, it does require some time and sometimes skills that may be lacking in-house, said Hannigan.

“I do have sympathy for small businesses, but many are doing more than they used to in the past and are using things like Cyber Essentials and the small business guide because they are seeing how cyber attacks are affecting companies or because their insurance companies have told them to,” he said.

Hannigan believes there is a need for effective managed security services for small and medium-sized businesses. “A regular complaint I get is that managed security services suppliers are not really appropriate for small businesses and aren’t necessarily that effective, so there is a challenge there to the industry to come up with managed security services that really work and that don’t just dump the problem back onto the client, but actually do something about it,” he said.

Fifth of businesses would pay ransoms rather than in security

One fifth of UK business executives from non-IT functions would pay hackers’ ransom demands to cut costs rather than invest in information security.

One fifth of UK business executives from non-IT functions would pay hackers’ ransom demands to cut costs rather than invest in information security.

According to the latest report commissioned by NTT Security they say that businesses are still making the same mistakes, failing to make any progress in crucial areas such as cyber security awareness and preparedness

The report shows that a further 30% in the UK are not sure whether they would pay or not, suggesting that only about half are prepared to invest in security to proactively protect the business.

This means many businesses are still stuck in a reactive mindset when it comes to cyber security.

The findings are particularly concerning, the report said, given the growth in ransomware, as identified in NTT Security’s Global Threat Intelligence Report (GTIR), published in April. According to the GTIR, ransomware attacks surged by 350% in 2017, accounting for 29% of all attacks in Europre, the Middle East and Africa and 7% of malware attacks worldwide.

Levels of confidence about being vulnerable to attack also seem unrealistic, according to the report, with 41% of respondents in the UK claiming that their organisation has not been affected by a data breach.

More realistically, 10% of UK respondents expect to suffer a breach, but nearly one-third (31%) do not expect to suffer a breach at all.

More worrying, the report said, is the 22% of UK respondents who are not sure whether they have suffered a breach or not.

Given that just 4% of respondents in the UK see poor information security as the single greatest risk to their business, this is unsurprising, the report said. Only 14% regard Brexit as the single greatest business risk; the list of concerns was topped by competitors taking market share (24%) and budget cuts (18%).

When considering the impact of a breach, UK respondents are most concerned about what a data breach will do to their image, with almost three-quarters (73%) concerned about loss of customer confidence and damage to reputation (69%), which are the highest figures among the countries polled.

The estimated loss in terms of revenue is 9.72% (compared with 10.29% globally, up from 9.95% in 2017). .

The report found there is no clear consensus on who is responsible for day-to-day security, with 19% of UK respondents saying the CIO is responsible, compared with 21% who said the CEO, 18% the CISO and 17% the IT director.

A key area of concern, according to the report, is whether there are regular boardroom discussions about security, with 84% of UK respondents agreeing that preventing a security attack should be a regular item on the board’s agenda. Yet only about half (53%) admit that it is and a quarter do not know.

With a lack of cohesion at the top, organisations are still struggling to secure their most important digital assets, the report said.

So if you want to save yourself stress, money and a damaged reputation from a phising data cyber incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139

UK small business cyber security spend low despite breaches

The UK is the most breached country in Europe, but business’ IT cyber security spend remains low compared with other countries in the region, a report reveals

UK small business cyber security spend low despite breaches

More than a third of UK businesses reported cyber security attacks in the past year, which was higher than any other country in Europe, according to the European edition of the 2018 Thales data threat report.

However, despite a 24% increase in the number of attacks compared with the previous year, UK firms claimed to feel less vulnerable to data threats, compared with those across Germany, Sweden and the Netherlands, and consequently invested less in cyber security.

While more organisations across Sweden (78%) and the Netherlands (74%) admitted to being breached in the past, compared with just 67% of organisations in the UK, the report said it was a different story in the past 12 months.

Thales data shows that while 37% of businesses across the UK were breached, the figures were lower for Germany (33%), Sweden (30%) and the Netherlands (27%).

Despite the rise in attacks, just 31% of UK organisations said they feel “very” or “extremely” vulnerable to data threats, leaving the majority (69%) feeling “somewhat” or “not at all” vulnerable. Businesses across Sweden claimed to feel the most vulnerable (49%), followed by the Netherlands (47%) and Germany (36%).

Although 69% of UK organisations reported an overall increase in their IT security spending, with 15% saying it was much higher’ than the previous year, the report said the increase is still less than spend in Sweden, where 75% of businesses have upped their budgets to offset threats, and Germany where 76% have increased their IT security budgets.

While 72% of organisations polled have dedicated more money to IT security, UK businesses appeared to still fall short compared with their European counterparts, with 39% of Swedish respondents saying their budget was “much higher” than the previous year and an additional 36% claiming it was ‘somewhat higher’, and spending said to be “a lot more” by 29% of firms in the Netherlands and 24% in France.

The report also reveals that despite the two year bedding in period allowed for compliance with the EU’s General Data Protection Regulation (GDPR), 49% of companies in Sweden failed data security audits in the past year, followed by the Netherlands (38%), Germany (33%) and the UK (19%).

Aside from the UK, all other European countries showed decline in their efforts to meet compliance, which the report said was “worrying” in the light of the fact that there are so many changes to standards and regulations. Despite this drop, respondents across the board all cited compliance as being effective when it comes to preventing data breaches.

So if you want to save yourself stress, money and a damaged reputation from a phising data cyber incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139

Digital identity needs to be cyber security priority in 2018

Protecting digital identities and protecting employees are key cyber security challenges for 2018.

Protecting digital identities and protecting employees are key cyber security challenges for 2018

The issues of protecting digital identity, gaining data visibility and protecting employees are key cyber security challenges for 2018 according to the cyber security 2018 predictions report by security firm FireEye.

“The idea that you can get someone’s date of birth, and their Social Security number and steal their identity and do fraudulent tax refunds, or try to get a loan or credit card – that has to change,” FireEye said.

“This has to happen. Otherwise, every five months, we’re going to have another huge data breach,” they warned.

In addition to the imperative of finding a better way to manage identity, RedEye said it was also important to find a way of dealing with international privacy.

On the topic of nation state actors in the cyber realm, RedEye considers Iran the most interesting country to watch, rather than Russia, China or North Korea.

RedEye said while Iran started “acting at scale” in 2017, the extent of that activity was not really known. “We don’t know if we are seeing 5% of Iran’s activities, or 90% – although I’m guessing it’s closer to 5% – but they’re operating at a scale where, for the first time in my career, It feels to me that the majority of the actors we’re responding to right now are hosted in Iran, and they are state sponsored,” they said.

On the topic of cloud security, RedEye claimed better visibility was of paramount importance. I know that a lot of people are depending on the cloud, and we need visibility.

“Many of these cloud providers are providing it, but we don’t always have security operations that can take advantage of that visibility and see what’s happening,” he said.

An area many companies are still overlooking, RedEye said, is protecting employees from cyber attack.

He said companies needed to consider whether hackers could access corporate accounts through hacking employees’ private accounts, or if they could make it appear as though they have hacked the enterprise.

“There are hackers out there who will hack an employee at a company, and they will post any document they can get, and they will say they hacked the company even if they haven’t. It’s a reputational thing – while it’s hard to gauge the public response to these types of incidents, right now many companies are being deemed irresponsible or negligent or compromised when they are none of those things,” he said.

RedEye said all security professionals should be thinking about what employees are doing when they go home, how they can be secured, how they can be helped, what policies are needed and how those policies could be enforced.

They advised that all organisations moving into the cloud should know everything that is going on.

While there are bound to be new, interesting attacks in 2018, organisations should be preparing for modified versions of current attacks

“For instance, do you have places where documents are getting uploaded and then going into your back office? That’s a good place to ensure there is some high-grade detection, beyond an antivirus scanner. Because you essentially have unauthenticated input going directly into the key parts of your organisation.”

So if you want to save yourself stress, money and a damaged reputation from a data incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139

Ransomware up nearly 2,000% in two years as cyber mafia hit business

Cyber attacks on businesses in 2017 grew in frequency, sophistication and malice – a report on the new age of organised cyber crime finds.

Cyber attacks on businesses in 2017 grew in frequency, sophistication and malice - a report on the new age of organised cyber crime finds.

The new generation of cyber criminals increasingly resembles traditional mafia organisations, requiring a new approach to dealing with it, according to a report by security firm Malwarebytes.

Cyber criminals have the same professional organisation as mafia gangs of the 1930s, but they also share a willingness to intimidate and paralyse victims, the report shows.

Malwarebytes’ analysis also shows that, in spite of acknowledging the severe reputational and financial risks of cyber crime, many business leaders greatly underestimate their vulnerability to such attacks.

The report calls for businesses and consumers to fight back by acting as “vigilantes” through greater collective awareness, knowledge sharing and proactive defenses. This includes a shift from shaming businesses that have been hacked to engaging with them and working together to fix the problem.

Businesses must also heighten their awareness of cyber crime, and take a realistic view towards the likelihood of attack.

The vast impacts of these attacks, the report said, mean that cyber crime must be elevated from a tech issue to a business-critical consideration.

Malwarebytes’ data demonstrates the urgent need for such a shift in approach by highlighting the capacity of these fast-maturing gangs to inflict greater damage on businesses.

The new cyber mafia, the report said, is accelerating the volume of attacks, with the average monthly volume of attacks in 2017, up 23% compared with 2016. In the UK, the report said 28% of businesses had experienced a “serious” cyber attack in the past 12 months.

Ransomware attacks detected by Malwarebytes show that the number of attacks in 2017 from January to October was 62% greater than the total for 2016.

In addition, detections are up 1,989% since 2015, reaching hundreds of thousands of detections in September 2017, compared with fewer than 16,000 in September 2015. In 2017, ransomware detections rose from 90,351 in January to 333,871 in October.

“The new mafia, identified by our report, is characterised by the emergence of four distinct groups of cyber criminals: traditional gangs, state-sponsored attackers, ideological hackers and hackers-for-hire,” said Marcin Kleczynski, CEO of Malwarebytes.

Malwarebytes argues that the growth of cyber crime and a lack of clarity over how best to police it is damaging victim confidence, with those affected by cyber crime often too embarrassed to speak out.

This is true for consumers and businesses alike, the report said, and can have dangerous ramifications as firms bury their heads in the sand instead of working to reduce future incidents.

The report suggests that the answer lies in engaging and educating the C-suite so that CEOs are as likely as IT departments to recognise the signs of an attack and be able to respond appropriately.

“CEOs will soon have little choice but to elevate cyber crime from a technology issue to a business-critical consideration,” he said.

“Rather than sit back and minimise the blow from cyber crime, individuals and businesses must take the same actions that previous generations of vigilantes once did against the fearsome syndicates of their day: fight back,” the report said.

So if you want to save yourself stress, money and a damaged reputation from a data incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139

Small businesses cyber success is balance of user experience, privacy and security

Small businesses need to balance user experience, privacy and security to achieve overall cyber success.

Small businesses need to balance user experience, privacy and security to achieve overall cyber success.

A change in approach will help businesses achieve the right balance between user experience, privacy and security more easily, says Martin Kuppinger, principal analyst at KuppingerCole.

“Most businesses are making the fundamental mistake of thinking inside-out, but by thinking outside-in, they will automatically put the consumer first,” he told Consumer Identity World Europe 2017 in Paris.

This means instead of thinking about what suits the business, the business looks at what will best suit its customers, what works best for customers and taking customer preferences into account.

“Most businesses need to switch from the approach where they are telling consumers what they want them to do, to making it clear they are willing to do things the way the consumer wants,” said Kuppinger.

“We do what you want, needs to be the message, because this is the best way to ensure that consumers will want to do the most with them,” he said.

In the light of the European Union’s (EU’s) General Data Protection Regulation (GDPR), Kuppinger said it is now even more important to get the balance right.

From a consumer perspective, this means ensuring that services and interactions with suppliers need to be simple, and as frictionless and transparent as possible.

“Aside from GDPR requirements, consumers are generally more willing to share data if the reward is clear and they know that organisations use their data only for the purpose it was originally collected for,” said Kuppinger.

From a business perspective, it is therefore important to ensure that there is a standard approach to customer data throughout the organisation and that personal data is collected only when necessary.

“They need to be clear about what they are collecting, what purpose they are collecting the data, and they must provide processes for consumers to withdraw consent if they wish.”

However, done correctly, collecting and managing consumer information can improve the customer experience, said John Tolbert, lead analyst at KuppingerCole.

“Consumer identity management can also enable new business models, such as freemium models where basic services are provided free with the option of upgrading to paid services or shared revenue models,” he said.

Tolbert also emphasised the importance of making it clear to consumers what they will get in exchange for agreeing to allow businesses to collect and user their data.

“Again, getting the balance right is important because the more data you collect the more friction you add, so collect just enough information to be useful to keep friction to a minimum,” he said.

Tolbert said it is always important to be explicit about information is being collected, collect only what is necessary, and reduce friction by avoiding pop-ups that continually ask for more data.

“Fine-tune how you interrupt visitors to your site, be conservative in the information you collect and always ensure you have good consent management processes to collect and store consent,” he said.

So if you want to save yourself stress, money and a damaged reputation from a data incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139