Tag: Cyber Security

Categories
Cyber Security Incident Response Internet of Things Motor Industry

Key principles of Vehicle Cyber Security for Connected and Automated Vehicles

As vehicles get smarter, cyber security in the automotive industry is becoming an increasing concern. Whether we’re turning cars into wifi connected hotspots or equipping them with millions of lines of code to create fully autonomous vehicles, cars are more vulnerable than ever to hacking and data theft.

The Department for Transport and Centre for the Protection of National Infrastructure have issued joint guidance setting out how the automotive sector can make sure cyber security is properly considered at every level, from designers and engineers, through to suppliers and senior level executives.

The key principles of vehicle cyber security for connected and automated vehicles – some of which apply to many other businesses and industries – include: that security risks are assessed and managed appropriately and proportionately, including those specific to the supply chain; that the security of all software is managed throughout its lifetime; and that the storage and transmission of data is secure and can be controlled.

The eight principles are:

Principle 1 – organisational security is owned, governed and promoted at board level

Principle 2 – security risks are assessed and managed appropriately and proportionately, including those specific to the supply chain

Principle 3 – organisations need product aftercare and incident response to ensure systems are secure over their lifetime

Principle 4 – all organisations, including sub-contractors, suppliers and potential 3rd parties, work together to enhance the security of the system

Principle 5 – systems are designed using a defence-in-depth approach

Principle 6 – the security of all software is managed throughout its lifetime

Principle 7 – the storage and transmission of data is secure and can be controlled

Principle 8 – the system is designed to be resilient to attacks and respond appropriately when its defences or sensors fail

From an incident response perspective, principles 3.1 to 3.4 are particularly pertinent and relevant to Cyber Security Helpdesk’s work responding to Cyber and Data breaches.

Principle 3.1 – Organisations plan for how to maintain security over the lifetime of their systems, including any necessary after-sales support services.

Principle 3.2 – Incident response plans are in place. Organisations plan for how to respond to potential compromise of safety critical assets, non-safety critical assets, and system malfunctions, and how to return affected systems to a safe and secure state.

Principle 3.3 – There is an active programme in place to identify critical vulnerabilities and appropriate systems in place to mitigate them in a proportionate manner.

Principle 3.4 – Organisations ensure their systems are able to support data forensics and the recovery of forensically robust, uniquely identifiable data. This may be used to identify the cause of any cyber, or other, incident.

The full text can be found at this URL: https://www.gov.uk/government/publications/principles-of-cyber-security-for-connected-and-automated-vehicles/the-key-principles-of-vehicle-cyber-security-for-connected-and-automated-vehicles

Categories
Cyber Security Cyber Security in Scotland Cybercrime

Almost 60% of Scottish Councils Hit by Cyber Attacks

An investigation by The Scotsman revelaed that almost 60 per cent of Scottish councils and more than half of Scotland’s health boards have been targeted by cyber criminals since 2014, a Scotsman investigation has revealed. Nine universities and numerous government bodies have also been hit during the last three years, the investigation found.

Some local authorities reported being bombarded with thousands of spam emails and receiving ransom demands to decrypt data.

Freedom of Information requests showed 19 of Scotland’s 32 councils experienced either attempted or successful attacks since 2014.

Ransomware attacks were reported by 14 local authorities, sometimes on multiple occasions.

Four councils refused to reveal any information, with two fearing doing so would leave them vulnerable to future attacks.

Of the incidents logged by 19 councils, only nine authorities reported any of them to police, although no data was stolen or lost.

The investigation revealed Scottish local authorities were subject to more than 50 notable incidents in the past three financial years with Aberdeen City Council one of the hardest hit (2014 and 2017, it suffered 12 successful cyber attacks, including six ransomware incidents, having its webpage defaced and recording more than 15 million attempts, including intrusion threats, spam, web risks and viruses, in the last eight months of 2016).

Other Statistics:

  • Highland Council targeted 953 times (including two partially-successful ransomware attacks)
  • East Lothian Council received more than 415,000 unsuccessful spam emails
  • Perth and Kinross Council reported blocking an average of 1.2 million spam emails every month
  • Falkirk, Glasgow City, North Ayrshire and Dumfries and Galloway councils refused to disclose any details
  • Dundee City Council was on the receiving end of three ransomware attacks
  • North Lanarkshire Council had two malware incidents in 2015 and three ransomware in 2016
  • Edinburgh City Council reported nine incidents, including malware preventing access to systems, a sustained denial of service (ddos) attack, and malware being installed and copied
  • 11 of Scotland’s health boards were affected by the WannaCry attack in May which affected the NHS network across the UK
  • NHS Fife logged 693 attempted malware attacks
  • NHS Lanarkshire reported 51 attempted or successful attacks and NHS Greater Glasgow
  • NHS Clyde was subject to four cyber breaches in 2016, where files became inaccessible after being encrypted by ransomware. In all cases, data was recovered and the ransom was not paid
  • NHS Tayside reported up to 7,000 attempts every month including ransomware
  • Dumfries and Galloway, Shetland and the Borders health boards said they had no attempted cyber attacks. No board reported losing data.

In the overwhelming majority of cases the breach affected limited areas of the public body’s network, with swift action taken to contain and repair systems and no patient data lost or compromised. The fact that a wide range of measures are taken to ensure basic security standards are met means that losses and fallout are mitigated.

A spokesman for local authority umbrella body Cosla said: “We fully recognise how important our cyber security is and we are doing everything we can to safeguard councils against such attacks.

Detective Inspector Eamonn Keane from Police Scotland’s cyber crime unit, added: “Cyber crime has witnessed significant growth. The cyber threat to Scotland is indicative of that local, national and international threat applicable to all regions in the UK. We always encourage anyone who thinks they’ve been a victim of cybercrime to come forward and report it to police.”

We at Cyber Security Helpdesk would always agree with this best practice advice. We would also suggest that following a Cyber Attack the appropriate personnel and partners are enlisted to (a) fight the attack, (b) repair systems, (c) ensure that business continues as normal.

Categories
Business Advice Cyber Security Cyber Security Training Information Security Tips & Tricks

Quick Passwords Advice

It can be difficult to think of something consisting of at least eight (or more) characters, with upper and lower case letters, numbers and symbols (the best password structure), that you’ll remember. Password fatigue can be a real problem and can lead to the situation where you’ll settle for something that’s easy to remember, but easy to guess too.

Do not fall into this trap!

The recent cyber-attack on Parliament will have seen a number staff wish that they’d put a little more effort into their password selection. Through a procedure no more complex than testing for frequently used passwords, hackers were able to access up to 90 staff email accounts, leading to officials disabling remote access to emails by MPs, peers and their staff.

Such means of accessing data is both amongst the most straightforward and the most commonplace. Staff emails are deemed the weak point of many businesses’ cyber defences. Indeed (alarmingly!) of 781 UK businesses who reported a data breach over the last 12 months, 72% of the identified breaches were targeted against employees’ emails.

Please see the diagram from the Department of Culture Media & Sport, Cyber Security Breaches Survey, Main Report, April 2017

If a third party was able to access your systems, the impact could be devastating and longstanding, damaging profits and confidence in your Business.

Weak passwords are also inexcusable in the eyes of the Information Commissioners Office (responsible for data protection) and regulators take a dim view of these too.

 

So the moral of the story is that if you or your colleagues have a weak password, change them immediately.

Whilst we can assist with general cyber enquiries and responding to cyber attacks and and data hacks, we unfortunately cannot advise you on which passwords to use 🙂

We can, however, advise you not to do THIS

Categories
Business Advice Cyber Security Tips & Tricks

Cyber crime Warning for SMEs

Small businesses are being urged to take steps to protect themselves from the threat of cybercrime after hackers targeted the NHS earlier this month, compromising its highly sensitive computer systems through a Ransomeware attack on 12 May 2017.

The “Wannacry” ransomeware attack was a worldwide cyberattack by the WannaCry ransomware cryptoworm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency. Hackers were effectively threatening to delete files unless a ransom was paid.

Research from the Federation for Small Business (FSB) claims 7 million cybercrimes are committed against SMEs in the UK every year, equating to more than 19,000 a day.

FSB figures show the average cybercrime incident costs a small company £3,000 and takes 2.2 days to recover from.

Mike Cherry, FSB chairman, said:

“We are urging all small businesses to take steps to reduce the risk of an attack.

“Businesses should immediately check for updates to their operating systems and anti-malware software and download them where needed.

“We advise small firms to make sure their data is backed up – if the worst happens, data cannot then be held to ransom.”

What is ransomware?

Ransomware is a type of malicious software designed to block access to your computer system until an amount of money is paid.

It often arrives in the form or a phishing email, otherwise known as spam, or a fake software update.

Like other computer viruses, it usually finds its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it.

Security experts warn that ransomware is the fastest growing form of computer virus, which threatens to delete your files unless you pay the blackmail.

Protecting your business

Small businesses are particularly vulnerable to cyber-attacks, but what can you do to protect your company from the growing threat of ransomware?

The National Cyber Security Council recommends your company takes the following steps:

  • do not open suspicious-looking email attachments or hyperlinks from unknown contacts
  • applying patches for Microsoft Windows will protect against ransomware
  • ensure antivirus products are up-to-date and scans your software regularly
  • use network segregation techniques to minimise the chance of compromise.

What to do if your computer is infected

If you believe your business has been compromised by ransomware, the National Crime Agency advises:

  • do not to pay the ransom as you don’t know the hackers will clear your system of the virus
  • back up your files regularly as this will be the only way to access your data
  • if you have been the victim of online fraud, report it at: www.actionfraud.police.uk

How Can Cyber Security Helpdesk Help You?

We are the UK’s number 1 National Multi-Disciplinary Cyber and Data Breach Incident Response Service; enabling UK Businesses to deal with Cyber breaches, properly and promptly.

SUPPORT – Our support teams work around the clock for our clients and are available 24/7/365.

SPEED – Our First Response team ensures every cyber incident receives a rapid service time without compromising quality.

CONFIDENTIALITY – Every enquiry is dealt with on a confidential basis by our professional team using secure technology.

EXPERT – IT, Data Protection, Legal, Communications experts adopt a meticulous and systematic approach to each incident.

OUR GOAL is your Business Continuity.

If you have suffered a Cyber or Data Breach, contact Cyber Security Helpdesk now.

[fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”][fusion_button link=”https://www.cybersecurityhelpdesk.co.uk/contact/” color=”default” size=”” stretch=”” type=”” shape=”” target=”_blank” title=”CONTACT CYBER SECURITY HELPDESK NOW” gradient_colors=”|” gradient_hover_colors=”|” accent_color=”” accent_hover_color=”” bevel_color=”” border_width=”1px” icon=”” icon_divider=”yes” icon_position=”left” modal=”” animation_type=”0″ animation_direction=”down” animation_speed=”0.1″ animation_offset=”” alignment=”left” class=”” id=””]CONTACT US NOW[/fusion_button][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

Categories
Cyber Security Cyber Security Training Information Security UK News

Nearly 500 law firms targeted by fraudsters in new email scam

The Law Society Gazette published a report confirming that fraudsters have attempted to infiltrate the IT systems of hundreds of firms.

In an update published by the Solicitors Regulation Authority, the regulator said it has seen increasing reports of attempted cyber-crime and warned solicitors to be wary of falling victim.

Firms have reported being sent emails saying their services are required: after they respond, the scammers send attachments or links to websites.

These attachments and links might contain malware which allows the perpetrators to control or undermine IT systems.

The SRA said some of the emails relate to a property sale and are sent from a ‘Margaret’ or ‘Mary Smollins’. The email [email protected] has been used to send rogue messages.

The SRA said: ‘While genuine potential clients might indeed send information in this way, law firms should be wary of the risks of malware infecting their IT systems, and take action appropriate to their business.’

Once malware is on a system, it can record everything typed over a long period to obtain passwords or financial details, copy or modify data on the system, and allow hackers to get into the firm’s network.

Firms are advised to use cloud-based computing for storing, accessing and processing information and to inform the police and SRA immediately if they have been contacted via these emails.

Other steps can include keeping software up to date, using an anti-virus system and using encryption on mobile devices. Files should also be backed up on a regular basis including at least one back-up that is not directly and regularly connected to the main systems.

In 2016 the SRA had reports of around £7m of client money being lost to cyber-crime. Almost half of all cyber attacks are aimed at small businesses.

IF YOUR FIRM HAS BEEN TARGETED IN A PHISHING OR SPOOFING ATTEMPT, OR WORSE STILL, HAS BEEN A VICTIM OF CYBER CRIME, CONTACT CYBER SECURITY HELPDESK LTD TODAY TO DISCUSS HOW WE CAN WORK TO MITIGATE THE DAMAGE CAUSED AND RESOLVE THE PROBLEM EFFICIENTLY

Categories
Cyber Security Cyber Security Training Infosec

Hackers ‘can bypass cyber security defences within 12 hours’

Nearly nine in ten hackers say they can break through any cyber security defences they target within 12 hours of launching an attack, according to a new report by Nuix.

The Nuix report found that 88 per cent of attackers were confident they could bypass protections on systems they turn their attention to in half a day.  81 per cent of the professional hackers and penetration testers surveyed at DEFCON said they could identify and take valuable data from their target system within another 12 hours.

But the damage could be even greater for companies targeted by attackers, as most breaches stay undiscovered for hundreds of days, giving cyber criminals plenty of opportunity.

“Data breaches take an average of 250 to 300 days to detect – if they’re detected at all,” said Chris Pogue, chief information security officer at Nuix. “But most attackers tell us they can break in and steal the target data within 24 hours. Organisations need to get much better at detecting and remediating breaches using a combination of people and technology.”

According to the report, hackers are almost never slowed down by measures like firewalls and anti-virus solutions, but endpoint security technologies presented more of an obstacle.  This is because more than half of those questioned change their methods with every target, meaning defences based on known files and attacks are less effective.

A third of the hackers surveyed said organisations never detected their activities.

These findings come just a few months after another report found that half of IT professionals are more concerned about.  73 per cent said they were most concerned about malware installed by careless employees, while 66 per cent were worried about stolen or compromised credentials and 65 per cent were concerned about stolen data.

For more from the report, see the Nuix website.

This Nuix report further underscores the importance of not only having an incident response or business continuity plan following a Cyber Attack, but to ensure that any such plan is implemented properly, quickly and efficiently.

CONTACT CYBER SECURITY HELPDESK TO TALK TO ONE OF OUR CYBER INCIDENT RESPONSE TEAM ABOUT HOW WE CAN HELP YOUR BUSINESS.

Categories
Cyber Security Manchester Cyber Security News UK News

Cyber Security News In The Manchester Region

Cyber attacks cost Manchester economy £41 million, according to a study carried out by Alto digital, aimed at discovering how far UK businesses have developed in terms of office security.

Almost 62% of businesses in the city have been targeted by hackers in the last 12 months.

The study revealed that firms are seriously compromising their confidential data, unknowlingly committing security violations because of a lack of training and knowledge of their IT systems and document security.

It was calculated that these hacks equated to down time equivalent to five to seven days per annum for UK business, with 69% of staff members affected.

An analysis of Manchester’s most common cyber security risks are:
· Companies not having a firewall (up to 36% from 24% in 2013)
· Failing to change old passwords (up to 55% from 32% in 2013)
· Not protecting data stored on printers or photocopiers at all (82%)

The primary reason for IT hacks on Manchester’s businesses in 2016 was phishing emails – when fraudsters attempt to obtain sensitive information for malicious reasons.

Targets include professional services firms such as accountants, mortgage brokers and law firms.

23% of those questioned have also experienced a hack via their telecoms systems, with the most common methods being via remote voice mail access (41%), remote programming (49%) and IP phones (36%).

Sensitive Data Collection and Processsing

When it comes to scanning or photocopying documents, 51% of Manchester’s businesses admit to regularly processing highly confidential documents such as birth certificates (42%), client confidential documents (29%) and even company insurance documents (18%), yet an overwhelming 69% are unaware that a photocopier will store every single document that it scans – a serious hacking risk when connected to a company network.

When asked about the barriers to investing in a sophisticated security strategy, 52% of companies said it’s too expensive (48% in 2013), 59% stated that it’s too time consuming (23% in 2013) and 62% even mentioned that it’s just too confusing (32% in 2013).

It’s not all bad news though, only 24% of UK employees admitted that there’s a lack of concern at management level to invest in a reliable security infrastructure – a large reduction from 2013, when it was a more significant 36%.

Even more positive is the result that an impressive 80% of IT Directors questioned revealed that they always wipe their internal hard drive before getting rid of obsolete printers, a 27% increase from 2013.

Whilst it is clearly important to focus on training and proactive cyber security and data security policies aimed at prevention, the number of phishing or spoofing attempts on Manchester businesses, which are becoming more sophisticated, it is also important to have a trusted Cyber Security Incident Response team who can ensure that any cyber incident is managed properly and professionally with the minimum of downtime and loss to the business.

Categories
Cyber Security

Ransomeware in Professional Practices

Lawyers and law firms have increasingly become targets of deadly Ransomware attacks.

The level of attention of this type of threat worldwide has risen dramatically.

When we use the term “attention”, we mean unwarranted attention because the problem is really simple to solve. And while normally there are no silver bullets for fixing information security problems, there is a silver bullet against Ransomware.

The simple answer to completely immunizing yourself and your firm from Ransomware infections is to have a great information backup process in place. If the information backup at your firm or your laptop is done in the right way, you never lose that information.

So even if you do get infected by Ransomware that encrypts your critical files and asks you to pay up if you want the decryption key, you can have the last laugh. All you’ll need to do in such an event is restore all your information from a clean backup. And it’s much better than paying the ransom because if you go that route there is always the risk of “remains” left behind from the Ransomware attack that might leave a door open for the attackers to come back for “another sip”.

We strongly recommend that you have an experienced cyber security expert perform an independent review of your firm’s backup processes so that you have the right process in place to completely kill the so-called “threat” of Ransomware attacks.

If you have any questions or need guidance or support in performing a Backup Process Review, feel free to get in touch to discuss cyber security recruitment, training and best practices for your business.

CONTACT US TODAY