Stay Alert to COVID-19 Phishing Scams

Phishing scams globally related to COVID-19 are on the rise. Whilst we work from home, juggling work and home priorities is stressful and hackers are taking advantage of our increase level of anxiety.

We’re looking for information and reassurance and are falling foul of phishing messages about PPE or even treatments and cures, or even pretending to be from health agencies and offering the latest statistics and safety measures.

Phishing is when scammers try to trick you into opening a malicious attachment, or clicking on a link in an email with intention of infecting your device or stealing your data.

  • 93% of phishing emails involve ransomware
  • 91% of cyberattacks start with phishing

So, if you receive a message you were not expecting, maybe with an incredible offer:

  1. Pause
  2. Think
  3. DO NOT CLICK

In addition, remember the following rules:

  • Never give away personal or financial information in any form or website unless YOU have initiated the request.
  • For up-to-date COVID-19 information use only reputable sources, such as gov.uk or local government websites, HMRC or the NHS. Bookmark useful websites to ensure you are always visiting the correct sites and subscribe to their newsletters.

Uncertainty makes us more vulnerable to scams, so Stay Alert. Yes – follow health and social distancing advice but also:

  • Protect your computers
  • Protect your data
  • Stay Alert to phishing

Make sure you and your staff are aware of the increased risk of phishing during COVID-19.

David Hewett
Managing Director
iTeam Solutions Ltd

(Source of data – IBM Cyber Security Intelligence, Microsoft and Verizon)

Covid-19 Briefing 5.10.20 and Cyber Security

What the Foreign Secretary’s Covid-19 Briefing Said About Cyber Security 

If you are as obsessed as I am about the daily Covid-19 briefings from Number 10, you’d have heard the Foreign Secretary, Dominic Raab, make specific reference to cyber security on Tuesday 5th May. As this is something in the briefings that I actually understand (for once!) I thought I would take the opportunity to discuss it. 

If you would like to read the transcript of what he said in its entirety, you can find it on the government website by searching for “Foreign Secretary’s statement on coronavirus (COVID-19): 5 May 2020”. 

Mr Raab confirmed that the government is aware that cyber criminals are targeting individuals, businesses, and other organisations by deploying Covid-19 related scams and phishing emails. He referred to ‘advanced persistent threats. These are networks of hackers using sophisticated techniques who are not specifically looking for short term gain, but instead infiltrating computer networks slowly over a long period of time. Social engineering is used in most APT attacks, a term given to when people are conned into giving out important and private information such as passwords and bank details. 

Though it is unlikely that a small business will be an initial target of a world-renowned APT, the same methods are often used by all hackers to steal passwords, data or money from individuals, businesses and organisations of all sizes and it is important to know their methods and be aware that you could be at risk. As Mr Raab went on to say, making sure people are aware of cyber threats, the steps necessary to protect themselves or mitigate the harm that could be brought against them are the most important measures that can be taken against any cyber threat.  

He announced that the UK National Cyber Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency have published a joint warning about APTs to potential targets, specifically a warning to healthcare organisations to ensure that everyone is using a secure password, and this makes reference to ‘password spraying’ attacks where access to a large number of accounts is tried using commonly used passwords. 

It is acknowledged that cyber criminals are seeking to exploit the Covid-19 pandemic through malicious cyber activity, targeting healthcare bodies, pharmaceutical companies, research organisations, and local government and whatever the objective this activity will continue and evolve over the next few months. Although Mr Raab said that the current attacks are ‘designed to steal bulk personal data’ and are often linked with other state actorsthis does not mean that only the NHS or the government are at risk or that individuals or smaller organisations are immune. 

Mr Raab recommended that everyone takes a look at the National Cyber Security Centre (NCSC) website for practical advice to safeguard against cyber-attacks – for example the use of passwords and guidance on trusted sources of online information relating to Covid-19. There is a very good section specifically for small businesses that he didn’t mention that I would highly recommend. 

He concluded that the UK will ‘counter those who conduct cyber-attacks, work with international partners on response to cyber threats and ‘deter the gangs and the arms of state who lie behind them. Hopefully he and GCHQ will continue to do that very much behind the scenes, and we’ll never know what really goes on in that regard. 

In conclusion, the Foreign Secretary’s briefing was probably aimed at reassuring the public that major healthcare organisations and government agencies were being given special attention during the current upturn in Covid-19 related cyber attacks, but individuals and smaller business should also take note as much of the advice is relevant to them as well. 

David Hewett
Managing Director
iTeam Solutions Ltd. 

Zoom Security Concerns

Zoom is a video conferencing platform that has seen a huge increase in use during the Working From Home pandemic that has swept the globe for some reason over the last few weeks. The main reason it is so popular is that it is extremely easy to use and it ‘just works’.

Zoom has its HQ in USA but was, and still is, developed in China.

You may have seen in the media articles claiming that Zoom is not secure. Security experts have concerns that the encryption built-in to Zoom is not as strong as the company claims and that there are privacy problems.

A report published on Friday 3rd April by Canadian security experts Citizen Lab goes into some detail about the problems. It’s not all about Zoombombing (more on that later) but that the security of the platform doesn’t conform to the current standards in that it is not designed using security best practices and Zoom’s own claims of how secure it is are exaggerated.

You can read the report here – https://citizenlab.ca/2020/04/move-fast-roll-your-own-crypto-a-quick-look-at-the-confidentiality-of-zoom-meetings/

The conclusion of the experts at Citizen Lab is that they would discourage the use of Zoom for the following:

  • Governments worried about espionage
  • Businesses concerned about cybercrime and industrial espionage
  • Healthcare providers handling sensitive patient information
  • Activists, lawyers, and journalists working on sensitive topics

I would agree that if you fall into any of the above categories, do not use Zoom.

If you need an alternative use Teams which is designed specifically for business use and developed and owned wholly by US company Microsoft. Most people who use Office365 already have Teams included in their subscription.

Zoom does have some features you can use to improve security and the company has promised to work on it further. You may have heard of Zoombombing. This is where someone simply guesses the meeting code and joins your meeting by chance. You can stop this by requiring a password to join (set this up when you create the meeting – people joining with a link will not need to enter the password but those joining by typing the meeting ID in manually (or guessing it) will be prompted for a password), or by locking the meeting once it is underway to stop anyone else joining (the host can go to the participants list > More > Lock meeting).

For straightforward ease of use and for (the new) normal day-to-day conversations Zoom is good enough and you can consider the claims about lack of security to apply only to those of you working as spies.

David Hewett – Managing Director – iTeam Solutions Ltd

Data breaches are expensive, make sure your team are Cyber-aware.

Data breaches are expensive, make sure your team are Cyber-aware.

In 2018, data breaches cost UK businesses an average of £6.4 million.
Human error, 
in the meantime, accounted between 60% and 90% of them.
Those facts alone are usually enough to 
persuade people security awareness training is very important.
Usually….

As a Managed Service Provider, we can only advise our Client base of the advantages of why they need to introduce Security Awareness Training, sooner rather than later.

 

1. Dodge Data breaches and Cyber Attacks

Commencing with the most plausible, security awareness training helps counter business destroying data breaches.

The exact number of breaches security awareness training prevents is impossible to count. In an ideal world, we’d be able to run a controlled trial in which the exact same people working for the exact same company were divided in half: a control & a test group. The latter would be given training, the former would not. The two could then be compared to see the variation in security knowledge.

Such a situation is not quite achievable – but that doesn’t mean advanced security awareness training providers are unable to explain the ROI of security awareness software. Although an imperfect measure, it’s possible to measure the incidence and prevalence of breaches pre & post-awareness campaigns and use the resulting metrics to glean an indication of ROI.

This is your first line of security. If someone wants to access your device, they will first need to break this barrier. This is not an easy task and can serve as a deterrent against theft. Some device manufacturers have an option to automatically wipe your device after a few unsuccessful attempts at your passcode or pin; so, even if your phone is stolen, your data cannot be accessed. For this reason, you should consider mobile device management for your users.

2. To influence company culture in security methods

A culture of security has long been the motherboard for chief information security officers. Equally, such a culture is seen to be very challenging to achieve.

With the aid of security awareness training, some are heading in the right path to gain this dependable stronghold reputation.

By keeping an eye on indicators of culture, advanced security awareness training platforms can help security specialists monitor, nurture and develop a culture of security – making their people a proactive defence against threats.

3. To make technological defences stronger & more intelligent

Technological defences are, clearly, an important weapon in avoiding data breaches. But technological defences require input from people. Firewalls need to be turned onto maximum security. Security warnings need to be acknowledged. The software needs to be constantly updated and observed.

Few businesses today would wish of running without technological defences. And yet, without security awareness training, technological defences are not used anywhere near their full potential.

To make matters harsher, attackers today rarely bother attempting to penetrate businesses through purely technological means. Today’s attackers typically prefer to target people, who are sceptical but suffer from accidental clicking with lack of awareness of the destruction an email can do.

 

Want to get the best solution for your business?

At iTeam, we take a security-first approach to technology – ensuring our client’s systems are best protected.

If you have any concerns, questions or simply want to explore how to better secure your business, please do get in touch with the team for a FREE demonstration, consultation to explore how exposed your business might actually be and identify actions to take.

To book a consultation or to arrange a further discussion, please get in touch via our form below, call 03330 507 690 or email Chris on cwatson@iteam.co.uk.

Cyber Criminals will target your Servers, it’s where the private data is.

Cyber Criminals will target your Servers, it’s where the private data is.

Just over 37% of cyber-attacks are identified directly on your IT servers, making them the most likely place to distinguish an attack within your organisation. That’s one of the most concerning stats taken from a recent survey from around 3000 IT managers around the globe.

 

Why are servers so tempting for Cyber Attackers?

1. Servers are very high in value

Servers very often contain an organisation’s most valuable data. For example, personally identifiable information such as employee and customer records could be stolen if they’re not professionally secured on the server.

Regulations, such as the strongly introduced GDPR that protects EU citizens’ data, encourages significant fines for non-compliance. Attackers know this knowledge and will threaten to publish sensitive client data if their costly demands are not met in due course.

2. Server downtime is remarkably costly
Servers are the IT motherboard of most Enterprises and are crucial to their day-to-day functioning. Unforeseen downtime can seriously impact productivity by denying access to important files or communication tools such as Microsoft Teams. Ransomware attacks can cause businesses to grind to a standstill unless a costly ransom is paid.

Instances, where a Business is reliant on servers for commercial function downtime, can be very severe.

3. Servers are a perfect place to start an assault
Servers are normally strongly connected to an organisation’s network. They are also online and operating every day of the year, which makes them an ideal platform for launching further attacks and looking for weak spots to exploit across the entire network. If you can’t identify a server that’s being held hostage, the gates to your IT stronghold could be wide open to threats from all over the world.

So what can be done in order to secure your important servers? The answer is in the right combination of advanced protection, visibility with powerful tools like Endpoint Detection and Response and server-specific features such as File Integrity Monitoring.

 

Want to get the best solution for your business?

At iTeam, we take a security-first approach to technology – ensuring our client’s systems are best protected.

If you have any concerns, questions or simply want to explore how to better secure your business, please do get in touch with the team for a FREE demonstration, consultation to explore how exposed your business might actually be and identify actions to take.

To book a consultation or to arrange a further discussion, please get in touch via our form below, call 03330 507 690 or email Chris on cwatson@iteam.co.uk.

Become GDPR compliant, before they issue you with a nasty fine.

Become GDPR compliant, before they issue you with a nasty fine.

In current months as you’re almost definitely aware, both British Airways & Marriott Hotels have hit the headlines due to tremendous GDPR fines – £183 million for British Airways and £99.2 million for Marriott.

The penalties show that the General Data Protection Regulation has given enforcers like the UK’s Information Commissioner’s Office, some significant tools to work with. BA’s fine is almost 400 times larger than the ICO’s previous record fine – a worthless $645,000 penalty handed to Facebook for the Cambridge Analytica scandal.

With these new punishments in strong action, we very much recommend you make sure you’ve lessened your risk of being next in the firing line.

GDPR is centered on protecting European Union citizens and it applies to anyone who holds personal data on an EU citizen, wherever you are located. Marriott, a U.S. organisation, is a prime case in point.

Here are five best rules we advise all businesses stick to, in order to decrease the risk of an irreversible GDPR fine:

  1. Update every day, patch constantly. Diminish the risk of a cyber-attack by fixing issues that can be used to gain entry to your systems illegally. There is no boundary, so everything matters: patch everything you can get hold of.
  2. Safeguard private data that’s in the cloud. Treat the cloud like any other network you own – close un-needed ports and services, encrypt data and ensure you have proper access controls in place. And do it on all your locations, including QA and development.
  3. Limit access to personal data. Lessen your exposure by collecting and retaining only the information you need and making sure only people with access to it are the people who need it to do their jobs. Not everyone needs admittance.
  4. Train your business. Ensure that everyone who might come in to contact with personal data knows how they need to handle it – this is a GDPR obligation. Whether they’re involved with computers or not, everyone requires training.
  5. Document and prove data protection activities. Be able to show that you have thought about data protection deeply and have taken sensible precautions to secure personally identifiable information.

 

Want to get the best solution for your business?

At iTeam, we take a security-first approach to technology – ensuring our client’s systems are best protected.

If you have any concerns, questions or simply want to explore how to better secure your business, please do get in touch with the team for a FREE demonstration, consultation to explore how exposed your business might actually be and identify actions to take.

To book a consultation or to arrange a further discussion, please get in touch via our form below, call 03330 507 690 or email Chris on cwatson@iteam.co.uk.