Category: Cyber Attack

Categories
Cyber Attack Incident Response

What Should I Do If My Website Is Hacked?

What to do if your website is the victim of a hack?

Ideally, to ensure this doesn’t happen or to mitigate fallout, you should be stopping new malware attacks before they reach your site by:
• Scanning and monitoring your site for malware.
• Fixing existing malware or hack issues fast.

However, the above is a question that we are constantly asked by our clients.

A typical example is where your site has been spammed or a third party has been able to access the files and deposit Malware.

Well, depending on the type of problem and the extent of the damage done, this could be an easy fix by you or your hosting company (who sometimes have a clean up product or service for an additional fee), or you may need to call a specialist response and remediation company such as us here at Cyber Security Helpdesk.

If you are well versed in dealing with the backend of your site and have access to the actual data files and if you know all about FTP (File Transfer Protocol), then you can probably do this yourself and “disinfect” or clean up the corrupt / spam files.

If on the other hand you don’t know your FTP from your DDoS, like most business owners, then you will need to call an IT or Data Security specialist.

Some site owners will not know that their site has been spammed or infected with Malware, until either it is too late and their problem involves their entire IT system which has been accessed through the corrupt site. Others who have a decent hosting service, will be notified by their hosting company – we usually advocate using a reputable hosting company who provide such assistance and who can sort out the problem quickly.

A typical message from a reputable Hosting company will read as follows:

[fusion_imageframe image_id=”2086″ style_type=”none” stylecolor=”” hover_type=”none” bordersize=”” bordercolor=”” borderradius=”” align=”none” lightbox=”no” gallery_id=”” lightbox_image=”” alt=”” link=”” linktarget=”_self” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” class=”” id=”” animation_type=”” animation_direction=”left” animation_speed=”0.3″ animation_offset=””]https://www.cybersecurityhelpdesk.co.uk/wp-content/uploads/2018/04/Screen-Grab-Malware-Message.png[/fusion_imageframe]

Once it is fixed, to prevent future infections, be sure to follow these simple post clean-up instructions:

1) Change all admin passwords associated with the site (FTP, admin panel, cpanel, etc)
2) Be sure to keep all software (plugins, theme, CMS) up to date
3) Run an anti-virus scan on your laptop/workstation
4) Put your website behind a firewall
5) If you have any old/backup versions of the website on the server it’s best to remove them

If your site has been hacked or you are a victim of a Cyber Security Incident and you need a rapid response company, then DON’T DELAY AND CALL US TODAY:

EMERGENCY HOTLINE: 0800-22-CYBER (0800-222-9237)
EMAIL: [email protected]

Categories
Business Advice Cyber Attack Cyber Attack Preparation Cyber Security

Preparedness for Cyberattacks

Preparedness for cyberattacks should consist of prevention (secure procedures and systems) and a plan for what happens if, a successful attack occurs.

UK Government Communications Headquarters (GCHQ) cyber security guidance recommends that organisations:

• Establish an incident response and disaster recovery capability that addresses the full range of incidents that can occur.

• Test incident management plans regularly (GCHQ: Cyber security guidance for businesses).

The internal and external consultants that should form the response team are dealt with further below. Organisations should prepare and circulate contact details of who to contact internally in the event of an attack.

The contact details of trusted external advisers – such as Cyber Security Helpdesk Limited! – in respect of IT, legal and PR matters (we can assist with all of the above!) who are likely to form part of the response team should similarly be kept and updated in a form which can be accessed and circulated following discovery of a breach.

Where incident response policies and procedures are documented, they should be available in formats that would not be inaccessible due to the attack (for example, policies may be inaccessible if encrypted by a virus on a compromised shared drive).

In assessing risks, consider the extent to which the operation of each aspect of the business would be affected by different forms of attack and prepare accordingly.

According to insurance industry surveys, take-up of cyber insurance remains low, with only around 10% of large businesses having any form of cyber insurance. Policies may cover loss and damage to digital assets, organisation interruption, notification expenses, theft of money or assets and even reputational damage.

In the absence of a cyber-specific policy, a comprehensive crime insurance policy or other, more general insurance policy may also cover cybercrime, but this should be confirmed in advance.

 

Categories
Cyber Attack Cyber Security Ransomware

Law Firms and Ransomware

Protecting Your Law Firm from Ransomware

Ransomware attacks occur when cyber criminals hold your data to ransom by encrypting it and demanding money for its decryption / release.

The best example of a Ransomware attack – which is one of the fastest-growing areas of cyber crime – is the WannaCry cyber-attack which devastated the NHS and many other institutions last year.

With Ransomware attacks, there are fewer barriers to entry for budding cyber criminals to try their hand at digital extortion – alarmingly ransomware “toolkits” are readily available on the Darkweb and other dark corners of the internet, making it easy for amateurs to get in on the act and launch their own attacks.

In addition, the increating popularity of “cyber economies” creates a potentially untraceable but lucrative, redeemable commodity.

The number of ransomware attacks on businesses is ever increasing – research by Kaspersky revealed that a business is attacked with ransomware every 40 seconds. Equally concerning is another statistic that 71% of companies targeted by ransomware attacks have been successfully infected.

This can only mean that many firms cyber defence firms and technologies are struggling to keep up with the ever changing threat landscape.

So far as law firms are concerned, the impact of such an attack can be more devastating than to other businesses due to the heavy reliance on data, confidentiality, and the perception of stability which is vital to uphold. The financial, reputational and structural pillars of a law firm are at risk.

A survey conducted by Datto and Timico last year, which included 250 law firms and 750 other UK businesses, revealed that:-

  • More than 25% of law firm victims of ransomware attacks ended up paying cyber criminals £5,000 or more to retrieve their data.
  • A third of ransomware victim law firms lost access to their data for more than a month, while 14% said it was “unrecoverable”.
  • 88% of law firms who were hit by this kind of attack experienced systems downtime of a week or more.
  • 53% estimated it cost their firm between £1,000 – £2,000 a day in lost revenue, due to systems being down. A third of law firms could not estimate the overall cost to their business, describing it as “unquantifiable”.
  • The effects of the attack were almost instant with 68% stating their data systems went from fully functional to essentially useless within seconds or minutes.

For regulated businesses, the stakes are higher. The access to a firm’s confidential client data by an unauthorised outsider poses a significant threat to client confidentiality and therefore SRA compliance and data protection compliance (a problem which will be magnified under the EU GDPR).

Can Ransomware Threats Be Mitigated?

Ransomware can be transmitted in 2 primary ways:

1. Traditionally, via fraudulent emails which relied on untrained, or unsuspecting staff clicking on a malicious link or attachment.

2. More recently, cyber-criminals found a way to breach a security vulnerability in sofware operating systems. The Wannacry outbreak is a perfect example of such an attack using Microsoft’s operating system as an entryway into an organisation’s systems.

Our advice is that in addition to security patching and update policies, staff training, security technologies and company policiessuch as regular (daily!) data backups and emergency protocols, i is vital that law firms have a sound Cyber or Data Incident Response Plan.

If your firm has been a victim of a Ransomware attack, then you will need immediate expert assistance.

CONTACT US TODAY:
[email protected]
0800-22-CYBER (0800 222 9237)