Majority of SME businesses firms unprepared for cyber phishing attacks

57% of SME small businesses are unprepared for a cyber phishing attack, despite the fact that 78% have been hit by a cyber security attack that started that way, a report shows.

57% of SME small businesses are unprepared for a cyber phishing attack, despite the fact that 78% have been hit by a cyber security attack that started that way, a report shows.
Most cyber attacks can be traced back to a phishing email, but more than half of small businesses are unprepared to deal with email-based attacks, research has revealed

Security teams reported that they are struggling to respond to the number of suspicious emails being received, according to the latest European phishing response trends report by phishing defence firm Cofense.

Other key findings of the small business report include that the top security concern is phishing and email-related threats, with 41% of respondents saying their biggest anti-phishing challenge is poorly integrated security systems.

The UK reports the most suspicious emails each week across Europe with 23% reporting more than 500, followed by the Netherlands (22%), France (20%), Germany (18%) and Belgium (16%).

With phishing and email-related threats being the main security concern of the European-based survey respondents, the report said it is critical that businesses have an effective strategy to counter the attack vector, which is fully integrated with broader security solutions.

According to Cofense, it is paramount that phishing simulations are like the real thing and encourage reporting which, in turn, can not only stop a malicious email compromising an enterprise’s network, but can also give the incident response team a head start.

“The analysis of email-based attacks gives us extremely valuable insight into the security posture of European organisations,” said Rohyt Belani, co-founder and CEO of Cofense. “What we’re really looking at here is addressing human susceptibility and building human resiliency to work in concert with technology to combat security threats facing Europe.”

Cyber Security Phishing Dangers

  • More than one million new phishing sites created each month.
  • Phishing is no longer just a consumer problem, say experts. The scams are hurting companies’ reputations and bottom lines.
  • Email is the number one entry point for data breaches, which includes targeted email attacks such as business email compromise and spear phishing.
  • Targeted malware attacks and social engineering schemes such as phishing and whaling pose a growing security threat because cyber criminals are getting help from unwitting users.

Cyber attacks, particularly those on a scale that can siphon billions of euros from the financial system, involve a complex web of both victims and potential access points for cyber criminals to elevate the severity of an attack.

Phishing attacks, despite being among the most well-known cyber security attack vectors, are still consistently fooling companies and private individuals.

Phishing presents such a concern because it is the “spark that ignites a long line of malicious activity, creating a pipeline of infected systems and accessible data for threat actors to leverage in further criminal campaigns.

Small businesses need to engage with stringent educational campaigns around these issues across all levels of the organisation.

So if you want to save yourself stress, money and a damaged reputation from a phising data cyber incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139

Small businesses face unprecedented volume of cyber attacks

Small businesses are facing the highest levels of cyber attacks in both number and sophistication as automated swarm attacks increase.

Small businesses are facing the highest levels of cyber attacks in both number and sophistication as automated swarm attacks increase.

A cyber threat report reveals an average of 274 exploit detections per firm were recorded in the last quarter of 2017, up 82% from the previous quarter, according to Fortinet’s latest global threat landscape report.

The Fortinet report shows that the number of malware families also increased by 25% and unique variants grew by 19%, indicating not only growth in volume, but also an evolution of the malware.

Also, automated and sophisticated “swarm attacks” are accelerating, the report said, making it increasingly difficult for organisations to protect users, applications and devices.

As small businesses become more digital, the report warned that cyber criminals are taking advantage of the expanding attack surface to carry out new disruptive attacks, including swarm-like assaults that target multiple vulnerabilities, devices and access points simultaneously.

The combination of rapid threat development and the increased propagation of new variants is increasingly difficult for many organisations to counter, the report said.

The researchers found that encrypted traffic using HTTPS and SSL (secure sockets layer) grew to a high of 60% of total network traffic, but the report noted that although encryption can help protect data in motion as it moves between core, cloud and endpoint environments, it also represents a real challenge for traditional security technology that has no way of filtering encrypted traffic.

Three of the top 20 attacks identified in the quarter targeted internet of things (IoT) devices and exploit activity quadrupled against devices such as Wi-Fi cameras. None of these detections was associated with a known or named vulnerability, which the report said is one of the troubling aspects of vulnerable IoT devices.

Unlike previous IoT-related attacks, which focused on exploiting a single vulnerability, the report said new IoT botnets such as Reaper and Hajime can target multiple vulnerabilities simultaneously, which is much harder to combat.

The data shows ransomware is still prevalent, with several strains topping the list of malware variants. Locky was the most widespread malware variant and GlobeImposter was second.

The report highlighted an increase in sophisticated industrial malware, with the data showing an uptick in exploit activity against industrial control systems (ICS) and safety instrumental systems (SIS). This suggests these under-the-radar attacks might be climbing higher on attackers’ radar, the report said, citing an attack dubbed Triton, which has the ability to cover its tracks by overwriting the malware itself with garbage data to thwart forensic analysis.

Because these platforms affect vital critical infrastructures, they are enticing for threat actors, the report said, adding that successful attacks can cause significant damage with far-reaching impact.

The report also pointed out that steganography, which embeds malicious code in images, also appears to be resurgent.

The Sundown exploit kit, the report said, uses steganography to steal information, and although it has been around for some time, it was reported by more organisations than any other exploit kit, and was found dropping multiple ransomware variants.

The threat data in the quarter’s report reinforces many of the predictions made by the Fortinet FortiGuard Labs global research team for 2018, which forecast the rise of self-learning hivenets and swarmbots.

The report predicted that the attack surface will continue to expand, while visibility and control over today’s infrastructures diminish. To address the problems of speed and scale by adversaries, the report said organisations need to adopt strategies based on automation and integration.

“Security should operate at digital speeds by automating responses as well as applying intelligence and self-learning so that networks can make effective and autonomous decisions,” the report said.

So if you want to save yourself stress, money and a damaged reputation from a data incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139

 

ICO fines Carphone Warehouse £400K over data loss

Carphone Warehouse has received one of the highest fines by the ICO after putting it’s clients’ personal data at risk.

Carphone Warehouse has received one of the highest fines by the ICO after putting it's clients' personal data at risk.

The UK privacy watchdog – the Information Commissioner’s Office (ICO) warns that more stringent data protection laws will apply from 25 May 2018, with potentially much greater fines.The Information

According to the ICO, the personal data at Carphone Warehouse was exposed in a cyber attack because of the company’s failure to protect the data from unauthorised access.

The compromised customer data included names, addresses, phone numbers, dates of birth, marital status and, for more than 18,000 customers, historical payment card details.

The records for some Carphone Warehouse employees, including name, phone numbers, postcode and car registration, were also exposed.

In determining the monetary penalty, the ICO considered that the personal data involved would significantly affect individuals’ privacy, leaving their data at risk of being misused.

Information Commissioner Elizabeth Denham said that a company as large, well resourced and established as Carphone Warehouse should have been actively assessing its data security systems and ensuring that systems were robust and not vulnerable to such attacks.

“Carphone Warehouse should be at the top of its game when it comes to cyber security, and it is concerning that the systemic failures we found related to rudimentary, commonplace measures,” said Denham.

Following a detailed investigation, the ICO identified multiple inadequacies in Carphone Warehouse’s approach to data security and determined that the company had failed to take adequate steps to protect the personal information.

Using valid login credentials, intruders were able to access the system via an out of date version of WordPress software.

The incident also exposed inadequacies in the organisation’s technical security measures. The ICO said important elements of the software in use on the systems affected were out of date and the company had failed to carry out routine security testing.

The ICO said its investigation had revealed a serious contravention of Principle 7 of the Data Protection Act 1998, which requires appropriate technical and organisational measures to be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

According to Denham, the real victims are customers and employees whose information was open to abuse by the malicious actions of the intruder.

“The law says it is the company’s responsibility to protect customer and employee personal information,” she said. “Outsiders should not be getting to such systems in the first place. Having an effective layered security system will help to mitigate any attack – systems can’t be exploited if intruders can’t get in.

“There will always be attempts to breach organisations’ systems and cyber attacks are becoming more frequent as adversaries become more determined. But companies and public bodies need to take serious steps to protect systems and, most importantly, customers and employees.”

From 25 May this year, the law will get more stringent as the General Data Protection Regulation (GDPR) compliance deadline is reached, the ICO said.

Data protection by design is one of the GDPR’s requirements, the regulator said, and must be in every part of information processing, from the hardware and software to the procedures, guidelines, standards and polices that an organisation has or should have.

Companies and public bodies should ensure strong IT governance and information security measures are in place, tested and refreshed to comply with the provisions of the law, the ICO said.

Failure to comply with the GDPR requirements will put companies at risk of fines of up to €20m or 4% of their global annual turnover.

So if you want to save yourself stress, money and a damaged reputation from a data incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139