Cyber security seems to be a hot topic at the moment. Recent statistics show that 1 in 22 adults in the UK have been a victim of cyber fraud. Worryingly only 4% of UK SME’s have insurance in place to cover against cyber fraud and 80% of UK SME’s don’t have an effective data protection solution in place. The annual cost of cybercrime to British businesses is now an astonishing £34bn. With this in mind I thought it may be helpful to highlight some of the most prevalent cyber security threats and what can be done to prevent them.
• Limited security expertise and education
A high percentage of incidents are caused by negligence from employees. In most cases these incidents wouldn’t occur if the employees were well trained on cyber security. Over 90% of businesses still don’t provide enough (or any) training on cyber security. As new more sophisticated threats constantly emerge training should be conducted on a quarterly basis as a minimum.
• Poor configuration
Inexperienced or underfunded SMEs often install routers, switches, and other networking gear without involving anyone who understands the security ramifications of each device. In this scenario, an amateur networking guy is just happy to get everything successfully sending data traffic back and forth. It doesn’t occur to him that he should change the manufacturer’s default username and password login credentials. Where budget allows it’s a good idea to hire a consultant to ensure everything is configured correctly. For smaller budgets as a minimum we’d recommend performing automated vulnerability audit scans as part of your regular network maintenance routine.
• External Wifi networks
Hotel networks and public wifi hotspots are notoriously poor at blocking viruses, spyware and malware. Attackers often leave a keylogger in public areas to see what falls into their net and laptops which don’t have up to date personal firewall software, anti-virus and anti-spyware can be easily compromised. We’d recommend a strict company policy is in place that workers never alter or turn off defences without authorisation from you or an IT manager. Software is available to ensure this can’t be done by a user without administrator privileges. Another threat is attackers can put up an unsecured wireless access point showing itself as ‘Free public wifi’. With a packet sniffer enabled if your employee logs into this an attacker can potentially see everything the employee types, including logins, leaving you wide open to a data compromise. We’d recommend users always connect with encrypted connections. If they connect via a VPN this encrypts the data stream so even if an attacker is capturing the data, what they’re receiving is gibberish.
• Storage media exposure
Backup storage media is often completely unprotected from attack. As a result, numerous security breaches have involved the theft of database backup disks and tapes. Furthermore, failure to audit and monitor the activities of administrators who have low-level access to sensitive information can put your data at risk. Taking the appropriate measures to protect backup copies of sensitive data and monitor your most highly privileged users is not only a data security best practice, but also mandated by many regulations.
• Malicious Email
Millions of malicious emails are sent every day with intent to damage your business. They’re usually sent in a HTML format which links to a site containing viruses, malware and spyware. One wrong click can trigger a drive-by download and as attackers are becoming more sophisticated in their methods, malicious emails are becoming more difficult to spot. We’d recommend you implement an outbound web proxy.
You can set up your LAN so that all HTTP requests and responses redirect to a web proxy server, which provides a single choke-point where all Web traffic can be monitored for appropriateness. The web proxy won’t catch an inbound malicious email, but if a user on your network clicks a link in that HTML email, that will generate a web request that the proxy can catch. If the user’s HTTP request never gets to the attacker’s booby-trapped web site, your user does not become the victim. We can provide a managed anti-spam service which has in the last 2 years blocked 100% of viruses attempting to pass through our mail system and 98% of unwanted spam messages. If you have any queries or concerns about how secure your business is against cyber threats please don’t hesitate to contact us.