More news & features

Published: May 26, 2017

Cyber-crime and cybersecurity are two of the fastest growing markets in the security sector, with 2.1 million victims reported in the UK, at a cost of £11 billion in 2016. Establishing a safe cyber environment and mitigating the threats in this multi-trillion dollar criminal industry has less to do with computers and more to do to do with employee awareness than many people realise.

Most vulnerabilities are linked to staff members, who inadvertently or accidentally enable attackers to implement tactics, techniques and procedures (TTP) that exploit existing company IT systems in order to profit. Discussed in more depth in a forthcoming article for City Security magazine’s Cyber issue, here Pilgrims Intelligence Analyst, Mike Yeomans, summarises five common threats and key measures for avoiding and reducing these threats in the workplace:

1. Hacking: The practice of gaining unauthorised access to a computer.

What to do: Make it more challenging for attackers to access a machine either locally or remotely, by enabling firewalls using encryption for sensitive data, patching software regularly and establishing a proper password policy.

2. Malware (including ransomware): Malicious software used to enable a hack.

What to do: Prevent and protect against hacks by installing anti-virus programmes and software, maintain regular, secure backups (snapshots, not real-time streams), install software updates and conduct training courses to develop awareness of spear-phishing (see definition under point 4) among staff. In the event of a computer becoming infected, disconnect it from the network immediately (unplug the internet cable or switch off the WiFi), before recording what happened and what was done just prior to the attack, ready to take to IT support and Action Fraud (see below).

Ransomware is a particular form of malware and the same security steps apply for it as any other.

3. Distributed denial-of-service (DDoS) attack: When a computer (typically a website) is sent so many requests that it overloads and crashes, preventing access to genuine users.

What to do: Technical measures are best sought to mitigate such threats (such as implementing a content delivery network), but as these attacks are often complex and offer a low financial reward to attackers, they are more likely to be used by attackers with specific motivations and for short periods of time.

4. Spear Phishing: A targeted attempt by attackers to trick a victim into giving them personal information such as passwords or banking credentials.

What to do: This is the most likely attack encountered and can offer companies the best value for money in their security budget to reduce the risk of becoming victims directly or through their staff. Training employees how to identify and avoid such attacks (by not clicking suspicious links or attachments) is an effective and low-cost measure, which the Bank of England has identified offers demonstrable success.

5. Report it: If the police know what attacks (which are crimes) are ongoing, then they can build a picture of who the attackers are, as well as where and how they operate, to stop further threats from being carried out against the business.

What to do: Filling out an Action Fraud’s brief online form, provides police forces nationally with the information required to effectively tackle cyber-crime, so that threats are neutralised before they can happen again.

A link to the full-length article on this issue will be provided in a future issue of the Beacon.

Pilgrims Group offers consultancy in IT and cybersecurity, tailored to ensure regulatory compliance and using intelligence to address the very latest threats and trends. For more information, contact Mike Yeomans