Category: Business Advice

Categories
Business Advice Cyber Attack Cyber Attack Preparation Cyber Security

Preparedness for Cyberattacks

Preparedness for cyberattacks should consist of prevention (secure procedures and systems) and a plan for what happens if, a successful attack occurs.

UK Government Communications Headquarters (GCHQ) cyber security guidance recommends that organisations:

• Establish an incident response and disaster recovery capability that addresses the full range of incidents that can occur.

• Test incident management plans regularly (GCHQ: Cyber security guidance for businesses).

The internal and external consultants that should form the response team are dealt with further below. Organisations should prepare and circulate contact details of who to contact internally in the event of an attack.

The contact details of trusted external advisers – such as Cyber Security Helpdesk Limited! – in respect of IT, legal and PR matters (we can assist with all of the above!) who are likely to form part of the response team should similarly be kept and updated in a form which can be accessed and circulated following discovery of a breach.

Where incident response policies and procedures are documented, they should be available in formats that would not be inaccessible due to the attack (for example, policies may be inaccessible if encrypted by a virus on a compromised shared drive).

In assessing risks, consider the extent to which the operation of each aspect of the business would be affected by different forms of attack and prepare accordingly.

According to insurance industry surveys, take-up of cyber insurance remains low, with only around 10% of large businesses having any form of cyber insurance. Policies may cover loss and damage to digital assets, organisation interruption, notification expenses, theft of money or assets and even reputational damage.

In the absence of a cyber-specific policy, a comprehensive crime insurance policy or other, more general insurance policy may also cover cybercrime, but this should be confirmed in advance.

 

Categories
Business Advice Cyber Insurance Cyber Security Cyber Security Training Cybercrime Information Security Legal Sector Professional Practices

Legal Profession: Firms turning to cyber insurance as scammer attacks continue to rise

The proportion of law firms targeted by scammers has risen sharply over the last year, especially among larger firms, as has the number of practices taking out cyber-insurance, according to new research from the Law Society.

The Law Society Survey of 601 sole practitioners and firms with between two and 25 partners was commissioned for its annual review of the previous indemnity insurance round.

26% of firms said they were targeted by scammers in the previous year. This figure increases as firms got larger, to 50% of firms with 5-10 partners (Up from 34% in 2016) and 64% of firms with 11-25 partners (Up from 44%  in 2016).

Most common forms of scam were spam emails/phishing. Others included: Malware/computer viruses, cyber attacks, telephone calls/vishing and invoice fraud.

The two main responses were taking internal activity (such as increased cyber security training and additional checks, balances and reminders) and updating existing security systems.

Firms contacted the police in 19% of all cases.

Approximately 42% of firms surveyed with 5-10 and 11-25 partners now have cyber insurance in place – and almost all of the others have at least considered it – although the figures fall for smaller firms.

We are interested in hearing from you about your Cyber insurance experience… Are you looking to take out Cyber Insurance for your business? Or if you already have cyber insurance, has your experience been a positive of negative one?

Categories
Business Advice Cyber Security Cyber Security Training Information Security Tips & Tricks

Quick Passwords Advice

It can be difficult to think of something consisting of at least eight (or more) characters, with upper and lower case letters, numbers and symbols (the best password structure), that you’ll remember. Password fatigue can be a real problem and can lead to the situation where you’ll settle for something that’s easy to remember, but easy to guess too.

Do not fall into this trap!

The recent cyber-attack on Parliament will have seen a number staff wish that they’d put a little more effort into their password selection. Through a procedure no more complex than testing for frequently used passwords, hackers were able to access up to 90 staff email accounts, leading to officials disabling remote access to emails by MPs, peers and their staff.

Such means of accessing data is both amongst the most straightforward and the most commonplace. Staff emails are deemed the weak point of many businesses’ cyber defences. Indeed (alarmingly!) of 781 UK businesses who reported a data breach over the last 12 months, 72% of the identified breaches were targeted against employees’ emails.

Please see the diagram from the Department of Culture Media & Sport, Cyber Security Breaches Survey, Main Report, April 2017

If a third party was able to access your systems, the impact could be devastating and longstanding, damaging profits and confidence in your Business.

Weak passwords are also inexcusable in the eyes of the Information Commissioners Office (responsible for data protection) and regulators take a dim view of these too.

 

So the moral of the story is that if you or your colleagues have a weak password, change them immediately.

Whilst we can assist with general cyber enquiries and responding to cyber attacks and and data hacks, we unfortunately cannot advise you on which passwords to use 🙂

We can, however, advise you not to do THIS

Categories
Business Advice Cyber Security Tips & Tricks

Cyber crime Warning for SMEs

Small businesses are being urged to take steps to protect themselves from the threat of cybercrime after hackers targeted the NHS earlier this month, compromising its highly sensitive computer systems through a Ransomeware attack on 12 May 2017.

The “Wannacry” ransomeware attack was a worldwide cyberattack by the WannaCry ransomware cryptoworm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency. Hackers were effectively threatening to delete files unless a ransom was paid.

Research from the Federation for Small Business (FSB) claims 7 million cybercrimes are committed against SMEs in the UK every year, equating to more than 19,000 a day.

FSB figures show the average cybercrime incident costs a small company £3,000 and takes 2.2 days to recover from.

Mike Cherry, FSB chairman, said:

“We are urging all small businesses to take steps to reduce the risk of an attack.

“Businesses should immediately check for updates to their operating systems and anti-malware software and download them where needed.

“We advise small firms to make sure their data is backed up – if the worst happens, data cannot then be held to ransom.”

What is ransomware?

Ransomware is a type of malicious software designed to block access to your computer system until an amount of money is paid.

It often arrives in the form or a phishing email, otherwise known as spam, or a fake software update.

Like other computer viruses, it usually finds its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it.

Security experts warn that ransomware is the fastest growing form of computer virus, which threatens to delete your files unless you pay the blackmail.

Protecting your business

Small businesses are particularly vulnerable to cyber-attacks, but what can you do to protect your company from the growing threat of ransomware?

The National Cyber Security Council recommends your company takes the following steps:

  • do not open suspicious-looking email attachments or hyperlinks from unknown contacts
  • applying patches for Microsoft Windows will protect against ransomware
  • ensure antivirus products are up-to-date and scans your software regularly
  • use network segregation techniques to minimise the chance of compromise.

What to do if your computer is infected

If you believe your business has been compromised by ransomware, the National Crime Agency advises:

  • do not to pay the ransom as you don’t know the hackers will clear your system of the virus
  • back up your files regularly as this will be the only way to access your data
  • if you have been the victim of online fraud, report it at: www.actionfraud.police.uk

How Can Cyber Security Helpdesk Help You?

We are the UK’s number 1 National Multi-Disciplinary Cyber and Data Breach Incident Response Service; enabling UK Businesses to deal with Cyber breaches, properly and promptly.

SUPPORT – Our support teams work around the clock for our clients and are available 24/7/365.

SPEED – Our First Response team ensures every cyber incident receives a rapid service time without compromising quality.

CONFIDENTIALITY – Every enquiry is dealt with on a confidential basis by our professional team using secure technology.

EXPERT – IT, Data Protection, Legal, Communications experts adopt a meticulous and systematic approach to each incident.

OUR GOAL is your Business Continuity.

If you have suffered a Cyber or Data Breach, contact Cyber Security Helpdesk now.

[fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”][fusion_button link=”https://www.cybersecurityhelpdesk.co.uk/contact/” color=”default” size=”” stretch=”” type=”” shape=”” target=”_blank” title=”CONTACT CYBER SECURITY HELPDESK NOW” gradient_colors=”|” gradient_hover_colors=”|” accent_color=”” accent_hover_color=”” bevel_color=”” border_width=”1px” icon=”” icon_divider=”yes” icon_position=”left” modal=”” animation_type=”0″ animation_direction=”down” animation_speed=”0.1″ animation_offset=”” alignment=”left” class=”” id=””]CONTACT US NOW[/fusion_button][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

Categories
Business Advice Cyber Insurance Cyber Security Cybercrime Legal Sector Professional Practices UK News

Legal Profession: Beware of ‘Friday afternoon fraud’ risk

Over the past year, we have noticed a rise in the number of law firms being tricked into giving bank details to fraudsters in so-called ‘Friday afternoon scams’.

The Solicitors Regulatory Authority) confirms that it is a growing problem and itself continues to receive regular reports of scammers stealing from firms despite repeated warnings to professionals not to disclose sensitive details.

Criminals tend to target conveyancing firms with large amounts of money in client accounts and are increasingly sophisticated in how they persuade people to release information.

Instances of so-called ‘Friday afternoon fraud’ are of huge to concern to solicitors and their insurers and with the average house price nearing the £300,000 mark, it is easy to see why such frauds have such a potential impact on a firm’s claims’ record.

These “Friday Afternoon Frauds” appear to follow a particular pattern. They are calculated and highly sophisticated, employing legal industry experience, banking industry experience, (usually) a well financed setup (taking place in what appears to be a call centre established for this purpose), psychology of the firm’s staff and a discreet knowledge of a specific firm’s financial or client details.

They typically take place on a Friday afternoon (hence the name!), starting with a telephone call to the firm’s accounts department or FD, purporting to be from the fraud unit of its own bank. The caller is able to provide (apparently by hacking the firm’s online banking access) details of the genuine transactions made that day, thereby giving the impression of legitimacy. This is also known as a “Vishing” scam. The fraudster will claim that suspicious transactions have been made from the account and that it has been frozen, and will offer the firm assistance with any urgent payments that it needs to make in the meantime. The firm will be required to provide its online bank details, which the caller then quickly uses to defraud the firm with individual payments typically being for slightly less than £100,000, to avoid detection for as long as possible, and where multiple payments are made they will be for differing amounts, in order to avoid raising the bank’s suspicion.

Once each payment is made it is quickly transferred to other accounts and often moved out of the jurisdiction. As these payments are usually made on a Friday afternoon and may not be discovered until the following Monday, catching the criminals by chasing the flow of funds can be next to impossible as they will have long since been dissipated. Many scams also occur either side of the Christmas break, taking advantage of the holiday period.

Other examples of online fraud committed against law firms is “Phishing” scams where a fraudster may hack into a client’s email account or that of another third party involved in the transaction such as a mortgage broker and direct a solicitor or client to transfer proceeds from their sale to a different bank account or a solicitor’s own email account or server may be hacked or impersonated so clients are directed to send monies to accounts other than the solicitor’s client account. The hacking can occur from something as simple as a predictible password being used by a firm employee, lack of robust authentication to log in to a firm’s systems or Malware (malicious software) being unwittingly downloaded from e.g. an unsolicited email communications giving the perpetrators the ability to intercept communications and attempt to hijack money from client accounts.

The SRA has confirmed that law firms and clients have being the victims of scams and schemes totalling millions.

We would advise firms to take the following basic precautions:

  1. Never reveal banking security information over the telephone, even if the caller appears to be genuine and to have knowledge of your account. Independently validate callers by contacting somebody they already know at the bank, preferably using a separate telephone line, for example a mobile. (There have been examples of scammers keeping the line open to intercept any follow-on call to check.)
  2. Employing two-factor authentication on any remote access availability and ensure all user passwords are both sufficiently difficult to predict and are changed regularly.
  3. Always confirm bank details with clients by telephone or in person.
  4. Ensure that all Cyber or Data Warnings to clients are prominently displayed on ALL email correspondence, paper correspondence and repeated by telephone during the course of a matter.
  5. Circulate this advice to all staff, so they are aware of the issue. Ensure staff understand these risks and have undergone cyber and data security training.
  6. Respond swiftly. If you suspect or become aware that you have been a victim of such fraud, contact your bank and broker or insurer as soon as possible. The quicker action is taken, the greater the chances of recovering the money taken.

The potential losses (and consequentially the financial, reputational and regulatory impact on the firm) are significant and a number of firms have already been affected, so management and staff should be advised to remain vigilant.

Should you require any assistance with Cyber or Data breaches, contact us to discuss our incident response service. As one of the UK’s leading integrated incident response service providers, we can advise on technical, legal, regulatory and reputational matters.

Categories
Business Advice Cyber Security Cyber Security Regulation Data Protection

Cyber security in critical national infrastructure

Regulators across the world are focusing on the cyber security threats on critical national infrastructure.

Roads, rail, port operations, telecoms, utility networks are some of the infrastructure networks and assets that governments classify as critical infrastructure and which have the potential to be affected by new regulation.

The threat of cyber attacks continues to increase and is an area in which an infrastructure owner, operator or investor must address to ensure you are protected, both from the threat of cyber attacks and from the regulatory developments.

Cyber Security Helpdesk can assist in discussing and implementing key steps to take and best practices to follow in order to minimise the risk of cyber attacks as well as ensuring clients meet the regulatory developments in the UK.

At Cyber Security Helpdesk, our specialist teams offer a multi-disciplinary approach to advice on cyber and data protection issues, including compliance with relevant regulatory regimes and dealing with cyber incidents.

We would be happy to discuss with you how this may affect your business.

Categories
Business Advice Cyber Security Cyber Security Recruitment Cyber Security Training Information Security Infosec

Cyber Security Guidance For Businesses: Home and mobile working

Assess the risks to all types of mobile working (including remote working where the device connects to the corporate network infrastructure) and develop appropriate security policies. Train mobile users on the secure use of their mobile devices for locations they will be working from. Apply the secure baseline build to all types of mobile device used. Protect data-at-rest using encryption (if the device supports it) and protect data-in-transit using an appropriately configured Virtual Private Network (VPN).