Nearly half of UK firms hit by cyber phishing attacks

Nearly  half of UK businesses have been compromised in the past two years using phishing attacks, despite high levels of cyber awareness and training.

Nearly  half of UK businesses have been compromised in the past two years using phishing attacks, despite high levels of cyber awareness and training.

Phishing attacks aimed at stealing legitimate user credentials have been used in the past 24 months to compromise 45% of UK organisations, according to research on behalf of cyber security firm Sophos.

Just over half (54%) of more than 900 IT directors polled in Western Europe said they had identified instances of employees replying to unsolicited emails or clicking on links contained within them, revealed a poll conducted by Sapio Research.

The study revealed that larger businesses are most likely to have been compromised by phishing attacks, despite also being most likely to conduct phishing and cyber threat awareness training.

Although businesses in the UK fell victim to phishing attacks at a similar rate to those in France (49%) and the Netherlands (44%), those in Ireland performed significantly better. Just 25% of Irish respondents said they had fallen victim to phishing in the past two years.

Across all respondents, 56% of companies employing between 500 and 750 people were identified as phishing victims in the past two years, while two-thirds (65%) had identified instances of employees replying to unsolicited emails or clicking on links contained within them.

By comparison, just 25% firms with fewer than 250 people and 36% of organisations with between 250 and 499 employees had been compromised by phishing in the same period.

Half of firms with fewer than 250 people offered training to help employees spot attacks, compared with 78% of those with between 500 and 1,000 people. And 79% of UK companies conduct regular cyber threat awareness training already, while 18% said they plan to offer it in the future.

Adam Bradley, UK managing director at Sophos, said criminals are adept at using social engineering to exploit human weakness, so while well-trained employees are an excellent deterrent, even the best user can slip up.

According to Bradley, phishing is one of the most common routes of entry for cyber criminals. As organisations grow, their risk of becoming a victim also increases as they become more lucrative targets and provide hackers with more potential points of failure.

Given the frequency of these attacks, organisations that don’t have basic infrastructure in place to spot people engaging with potentially harmful emails and whether their systems are compromised are likely to encounter some really significant problems.

Organisations should block malicious links, attachments and imposters before they reach users’ inboxes, said Bradley, and use the latest cyber security tools to stop ransomware and other advanced threats from running on devices even if a user clicks a malicious link or opens an infected attachment.

If you want to save yourself stress, money and a damaged reputation from a cyber incident – for a cyber security incident prevention, protection and training please ring us now on 03333 393 139 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139

Businesses warned to prepare for cyber security extortion campaigns

Directors, lawyers and doctors are the top extortion targets of cyber criminals, researchers tracking  sextortion attempts reveals.

Directors, lawyers and doctors are the top extortion targets of cyber criminals, researchers tracking  sextortion attempts reveals.

Cyber criminal groups are promising rewards of £276,300 a year on average to accomplices who help them target high-worth individuals with extortion scams research reports.

The reward promises are even higher for accomplices with network management, penetration testing and programming skills, according to researchers at risk protection firm Digital Shadows.

One threat actor, the report said, was offering £600,000 a year, with add-ons and a final salary after the second year of £840,000.

The main method of cyber security extortion where criminals deem potential victims to be particularly vulnerable is so-called “sextortion”.

Digital Shadows tracked a sample of sextortion campaigns and found that from July 2018 to February 2019 over 89,000 unique recipients faced around 792,000 extortion attempts.

An analysis of bitcoin wallets associated with these scams found that sextortionists could be reaping an average of £414 per victim.

The campaigns follow a similar pattern, the researcher found, in which the extortionist provides the target with a known password as “proof” of compromise, then claims to have video footage of the victim watching adult content online, and finally urges them to pay a ransom to a specified bitcoin address.

However, the researchers said other campaigns can be even more sinister, with one spam campaign from December 2018 claiming that recipients will be “killed” if they did not pay.

Extortion is in part being fuelled by the number of ready made extortion materials readily available on criminal forums, the researchers said, adding that these are lowering the barriers to entry for wannabe criminals with sensitive corporate documents, intellectual property and extortion manuals being sold on by more experienced criminals to service aspiring extortionists for less than £10.

In one example, seen by Digital Shadows, the guide specifically focuses on a sextortion tactic whereby the threat actor begins an online relationship with a married man and then threatens to reveal details of the affair to his partner unless a ransom is paid.

The guide claims this extortion method is the easiest for “novice”’ threat actors to start with, suggesting they could earn between £230 and £380 per extortion attempt. Dedicated subsections exist on criminal forums for this type of dating scam.

Even greater levels of sophistication could be around the corner, the researchers warn, if so-called “crowd-funding” schemes take off.

In April 2018, threat actor “thedarkoverlord” stole documents belonging to the insurance provider, Hiscox, including files related to the 9/11 attacks in the US. The threat actor hoped to play on the public’s appetite for 9/11-related controversy and encourages people to raise funds to view the documents. Currently this campaign has amassed around £8,904.

Crowdfunding models such as this, the researchers said, allow extortionists to raise funds from the general public rather than relying on victims giving in to ransom demands. Organisations dealing with inflammatory or sensational information should therefore consider how they would respond if an attacker opts for this course of action, they said.

If you want to save yourself stress, money and a damaged reputation from a cyber incident – for a cyber security incident prevention, protection and training please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139

GCHQ warns of cyber security scams on Black Friday

GCHQ has issued an warning of cyber security scams on Black Friday.

GCHQ has issued an warning of cyber security scams on Black Friday.

Black Friday sales could be targeted as easy pickings for cyber-crime, according to Cheltenham-based GCHQ.

The National Cyber Security Centre, part of GCHQ, is advising shoppers of the risk of online threats. It is the first such official cyber security warning in the run up to Christmas.

GCHQ wants to start a “national cyber-chat” today (Black Friday), when billions are spent online. Known for working in secret, the agency wants to be open and engage with the public over the seriousness of the threat.

The National Cyber Security Centre has tackled more than 550 significant cyber incidents over the past year, and has taken down almost 140,000 “phishing” websites.

The National Cyber Security Centre (NCSC) is giving tips for shoppers to avoid cyber-crime – and for the first time it will be publishing answers to questions from the public on Twitter.

The agency recently warned of a serious and sustained threat from elite hackers in other countries, which could include the theft of millions from retailers and attacks on the financial networks the shops depend on.

The British Retail Consortium is backing the calls for better cyber security during the Christmas shopping season, and retailers continue to invest heavily in protecting themselves against cyber-threats.

The National Cyber Security Centre’s advice to reduce the risk of cyber crime is:

  • Install the latest software and app updates
  • Type in a shop’s website address rather than clicking on links in emails
  • Choose strong and separate passwords for accounts
  • Keep an eye on bank accounts for unrecognised payments
  • Avoid over-sharing unnecessary information with shops, even if they ask
  • Make sure all your home gadgets are secure

If you want to save yourself stress, money and a damaged reputation from a cyber incident – for a cyber security incident prevention, protection and training please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139

Fifth of businesses would pay ransoms rather than in security

One fifth of UK business executives from non-IT functions would pay hackers’ ransom demands to cut costs rather than invest in information security.

One fifth of UK business executives from non-IT functions would pay hackers’ ransom demands to cut costs rather than invest in information security.

According to the latest report commissioned by NTT Security they say that businesses are still making the same mistakes, failing to make any progress in crucial areas such as cyber security awareness and preparedness

The report shows that a further 30% in the UK are not sure whether they would pay or not, suggesting that only about half are prepared to invest in security to proactively protect the business.

This means many businesses are still stuck in a reactive mindset when it comes to cyber security.

The findings are particularly concerning, the report said, given the growth in ransomware, as identified in NTT Security’s Global Threat Intelligence Report (GTIR), published in April. According to the GTIR, ransomware attacks surged by 350% in 2017, accounting for 29% of all attacks in Europre, the Middle East and Africa and 7% of malware attacks worldwide.

Levels of confidence about being vulnerable to attack also seem unrealistic, according to the report, with 41% of respondents in the UK claiming that their organisation has not been affected by a data breach.

More realistically, 10% of UK respondents expect to suffer a breach, but nearly one-third (31%) do not expect to suffer a breach at all.

More worrying, the report said, is the 22% of UK respondents who are not sure whether they have suffered a breach or not.

Given that just 4% of respondents in the UK see poor information security as the single greatest risk to their business, this is unsurprising, the report said. Only 14% regard Brexit as the single greatest business risk; the list of concerns was topped by competitors taking market share (24%) and budget cuts (18%).

When considering the impact of a breach, UK respondents are most concerned about what a data breach will do to their image, with almost three-quarters (73%) concerned about loss of customer confidence and damage to reputation (69%), which are the highest figures among the countries polled.

The estimated loss in terms of revenue is 9.72% (compared with 10.29% globally, up from 9.95% in 2017). .

The report found there is no clear consensus on who is responsible for day-to-day security, with 19% of UK respondents saying the CIO is responsible, compared with 21% who said the CEO, 18% the CISO and 17% the IT director.

A key area of concern, according to the report, is whether there are regular boardroom discussions about security, with 84% of UK respondents agreeing that preventing a security attack should be a regular item on the board’s agenda. Yet only about half (53%) admit that it is and a quarter do not know.

With a lack of cohesion at the top, organisations are still struggling to secure their most important digital assets, the report said.

So if you want to save yourself stress, money and a damaged reputation from a phising data cyber incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139

UK small business cyber security spend low despite breaches

The UK is the most breached country in Europe, but business’ IT cyber security spend remains low compared with other countries in the region, a report reveals

UK small business cyber security spend low despite breaches

More than a third of UK businesses reported cyber security attacks in the past year, which was higher than any other country in Europe, according to the European edition of the 2018 Thales data threat report.

However, despite a 24% increase in the number of attacks compared with the previous year, UK firms claimed to feel less vulnerable to data threats, compared with those across Germany, Sweden and the Netherlands, and consequently invested less in cyber security.

While more organisations across Sweden (78%) and the Netherlands (74%) admitted to being breached in the past, compared with just 67% of organisations in the UK, the report said it was a different story in the past 12 months.

Thales data shows that while 37% of businesses across the UK were breached, the figures were lower for Germany (33%), Sweden (30%) and the Netherlands (27%).

Despite the rise in attacks, just 31% of UK organisations said they feel “very” or “extremely” vulnerable to data threats, leaving the majority (69%) feeling “somewhat” or “not at all” vulnerable. Businesses across Sweden claimed to feel the most vulnerable (49%), followed by the Netherlands (47%) and Germany (36%).

Although 69% of UK organisations reported an overall increase in their IT security spending, with 15% saying it was much higher’ than the previous year, the report said the increase is still less than spend in Sweden, where 75% of businesses have upped their budgets to offset threats, and Germany where 76% have increased their IT security budgets.

While 72% of organisations polled have dedicated more money to IT security, UK businesses appeared to still fall short compared with their European counterparts, with 39% of Swedish respondents saying their budget was “much higher” than the previous year and an additional 36% claiming it was ‘somewhat higher’, and spending said to be “a lot more” by 29% of firms in the Netherlands and 24% in France.

The report also reveals that despite the two year bedding in period allowed for compliance with the EU’s General Data Protection Regulation (GDPR), 49% of companies in Sweden failed data security audits in the past year, followed by the Netherlands (38%), Germany (33%) and the UK (19%).

Aside from the UK, all other European countries showed decline in their efforts to meet compliance, which the report said was “worrying” in the light of the fact that there are so many changes to standards and regulations. Despite this drop, respondents across the board all cited compliance as being effective when it comes to preventing data breaches.

So if you want to save yourself stress, money and a damaged reputation from a phising data cyber incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139

Digital identity needs to be cyber security priority in 2018

Protecting digital identities and protecting employees are key cyber security challenges for 2018.

Protecting digital identities and protecting employees are key cyber security challenges for 2018

The issues of protecting digital identity, gaining data visibility and protecting employees are key cyber security challenges for 2018 according to the cyber security 2018 predictions report by security firm FireEye.

“The idea that you can get someone’s date of birth, and their Social Security number and steal their identity and do fraudulent tax refunds, or try to get a loan or credit card – that has to change,” FireEye said.

“This has to happen. Otherwise, every five months, we’re going to have another huge data breach,” they warned.

In addition to the imperative of finding a better way to manage identity, RedEye said it was also important to find a way of dealing with international privacy.

On the topic of nation state actors in the cyber realm, RedEye considers Iran the most interesting country to watch, rather than Russia, China or North Korea.

RedEye said while Iran started “acting at scale” in 2017, the extent of that activity was not really known. “We don’t know if we are seeing 5% of Iran’s activities, or 90% – although I’m guessing it’s closer to 5% – but they’re operating at a scale where, for the first time in my career, It feels to me that the majority of the actors we’re responding to right now are hosted in Iran, and they are state sponsored,” they said.

On the topic of cloud security, RedEye claimed better visibility was of paramount importance. I know that a lot of people are depending on the cloud, and we need visibility.

“Many of these cloud providers are providing it, but we don’t always have security operations that can take advantage of that visibility and see what’s happening,” he said.

An area many companies are still overlooking, RedEye said, is protecting employees from cyber attack.

He said companies needed to consider whether hackers could access corporate accounts through hacking employees’ private accounts, or if they could make it appear as though they have hacked the enterprise.

“There are hackers out there who will hack an employee at a company, and they will post any document they can get, and they will say they hacked the company even if they haven’t. It’s a reputational thing – while it’s hard to gauge the public response to these types of incidents, right now many companies are being deemed irresponsible or negligent or compromised when they are none of those things,” he said.

RedEye said all security professionals should be thinking about what employees are doing when they go home, how they can be secured, how they can be helped, what policies are needed and how those policies could be enforced.

They advised that all organisations moving into the cloud should know everything that is going on.

While there are bound to be new, interesting attacks in 2018, organisations should be preparing for modified versions of current attacks

“For instance, do you have places where documents are getting uploaded and then going into your back office? That’s a good place to ensure there is some high-grade detection, beyond an antivirus scanner. Because you essentially have unauthenticated input going directly into the key parts of your organisation.”

So if you want to save yourself stress, money and a damaged reputation from a data incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139

Ransomware up nearly 2,000% in two years as cyber mafia hit business

Cyber attacks on businesses in 2017 grew in frequency, sophistication and malice – a report on the new age of organised cyber crime finds.

Cyber attacks on businesses in 2017 grew in frequency, sophistication and malice - a report on the new age of organised cyber crime finds.

The new generation of cyber criminals increasingly resembles traditional mafia organisations, requiring a new approach to dealing with it, according to a report by security firm Malwarebytes.

Cyber criminals have the same professional organisation as mafia gangs of the 1930s, but they also share a willingness to intimidate and paralyse victims, the report shows.

Malwarebytes’ analysis also shows that, in spite of acknowledging the severe reputational and financial risks of cyber crime, many business leaders greatly underestimate their vulnerability to such attacks.

The report calls for businesses and consumers to fight back by acting as “vigilantes” through greater collective awareness, knowledge sharing and proactive defenses. This includes a shift from shaming businesses that have been hacked to engaging with them and working together to fix the problem.

Businesses must also heighten their awareness of cyber crime, and take a realistic view towards the likelihood of attack.

The vast impacts of these attacks, the report said, mean that cyber crime must be elevated from a tech issue to a business-critical consideration.

Malwarebytes’ data demonstrates the urgent need for such a shift in approach by highlighting the capacity of these fast-maturing gangs to inflict greater damage on businesses.

The new cyber mafia, the report said, is accelerating the volume of attacks, with the average monthly volume of attacks in 2017, up 23% compared with 2016. In the UK, the report said 28% of businesses had experienced a “serious” cyber attack in the past 12 months.

Ransomware attacks detected by Malwarebytes show that the number of attacks in 2017 from January to October was 62% greater than the total for 2016.

In addition, detections are up 1,989% since 2015, reaching hundreds of thousands of detections in September 2017, compared with fewer than 16,000 in September 2015. In 2017, ransomware detections rose from 90,351 in January to 333,871 in October.

“The new mafia, identified by our report, is characterised by the emergence of four distinct groups of cyber criminals: traditional gangs, state-sponsored attackers, ideological hackers and hackers-for-hire,” said Marcin Kleczynski, CEO of Malwarebytes.

Malwarebytes argues that the growth of cyber crime and a lack of clarity over how best to police it is damaging victim confidence, with those affected by cyber crime often too embarrassed to speak out.

This is true for consumers and businesses alike, the report said, and can have dangerous ramifications as firms bury their heads in the sand instead of working to reduce future incidents.

The report suggests that the answer lies in engaging and educating the C-suite so that CEOs are as likely as IT departments to recognise the signs of an attack and be able to respond appropriately.

“CEOs will soon have little choice but to elevate cyber crime from a technology issue to a business-critical consideration,” he said.

“Rather than sit back and minimise the blow from cyber crime, individuals and businesses must take the same actions that previous generations of vigilantes once did against the fearsome syndicates of their day: fight back,” the report said.

So if you want to save yourself stress, money and a damaged reputation from a data incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139