Let's talk

Fighting the enemy within: how prevention is better than cure in the current cyber crimewave

In an article in the Sunday Times on 12th July, Poppy Gustafsson (CEO and co-founder of cyber-security firm Darktrace), pronounced that lockdown has fuelled a cyber crimewave.

She’s right.  Organisations are far more vulnerable now than they were 6 months ago.  Just about everyone has had to adapt, at speed, to a digital workplace, and the consequences are far wider reaching than a plethora of empty office blocks in town centres and an increase in ASOS’s trading figures!

It’s far more difficult when you have staff working from home to guard against the susceptibility of cyber-attacks.  As Gustafsson stated in the article: “The Covid-19 outbreak has raised the threat of cyber-attacks to critical levels. Remote workers are targeted by increasingly elaborate scams, with hackers preying on their loneliness and desire for information.”

It’s a worrying fact that the biggest increase in cyber-attacks during lockdown has been from the “enemy within”, with cyber-criminals posing as co-workers and sending fake emails with malicious links.  These days it’s significantly more sophisticated than the old “Nigerian prince needing your bank details to gain his inheritance” type scam.  Look at what happened to Twitter last week – a very costly internal breach carried out by tricking or otherwise persuading an employee to provide access – known as a spear-phishing attack.

Social distancing and remote working have exacerbated this “enemy within” type of attack.

zac-durant-LiGTtFoyI2M-unsplash-Fighting the enemy within: how prevention is better than cure in the current cyber crimewave

The speed and circumstances in which the digital workplace transformed for the majority of us mean many organisations are struggling to keep pace and make their infrastructure safe, secure, and reliable enough to handle home working.

Cloud adoption has increased significantly to support remote working, as businesses realised that on-premise servers and systems weren’t set up to allow remote access. This has led to huge pressures on IT teams in terms of ensuring security – often whilst at a distance themselves. These are developments that might have been on an IT roadmap for the future – one that was carefully thought out, but wasn’t necessarily planned for immediate deployment – and certainly not at the speed at which they had to be implemented.

Combine this with the other key IT security challenge being faced during lockdown – the significant increase of not necessarily tech-savvy workers now fending for themselves at home – all juggling emails, MS Teams/Zoom calls, partners, home education, children, pets, etc.; plus the fact you can’t just shout across the office to ask Barbara if she really did send that email with the attachment just now or not, and you suddenly find yourself with a large number of company employees who are more susceptible to clicking on links that may contain malware.

Additionally and perhaps even more worryingly, these days the baddies/hackers/cybercriminals seem to be the innovators – with the agility, innovation, and sense of purpose that most organisations can only dream of.

Gustafsson likens it to the “weaponising of AI” – an arms race between the cyber security specialists and the hackers. Who’s got the strongest mathematical algorithms? Who can innovate fastest in the increasingly sophisticated battle of AI vs AI? It may sound like something out of a work of fiction, but it’s not. It’s a huge threat to all organisations and businesses, particularly utilities, health services and even governments (which is a whole separate paper), but what is clear is that cyber warfare is the new big risk of today.

So what can you do?

With the bad guys constantly adapting and innovating, how do you know what the next attack on your business will be? If it’s not been seen before, how can you identify it (known as a zero day attack)? How can you prepare for the attacks when you don’t know what they are or where they’re coming from or what they’ll look like – because the baddies are always one step ahead?

Well, think back to the old adage, “prevention is better than cure”. Employing new cybersecurity tools after the event is fine but smacks of horses and stable doors. Plus not every business can afford a bank of ex MI5 or MI6 operatives or Cambridge mathematicians to help them develop an arsenal of cyber-security weapons.

Prevention is better than cure

Fortunately it’s not all about the tools. The onus is on businesses to both recognise this and to employ a multi-layered approach, I’d strongly recommend that you:
1. Conduct a full and comprehensive cybersecurity audit – on site in PPE if necessary
2. Protect your end points (i.e. where people can and can’t browse to)
3. Educate and train your users/employees
4. Monitor and cover the basics : Email security, filtering and archiving.


Technology and software to protect and prevent has its role, but education is key!

What’s the betting that many of your staff will have the same password for their Just Eat and Amazon accounts as they do for their O365 account?  How many know or realise how easy it is for one to be compromised?  And if it is then all the other accounts are too, and then how easy it is for the baddies to then get inside your infrastructure – like with the Twitter attack.

These are the ones who are your vulnerable points.   I would recommend, for example, to run a spoof phishing campaign and simulate something that could happen to find out which employees need training and guidance, and then implement that training as a matter of urgency.  I’d also recommend doing this regularly – a bit like fire alarm practice.

Sophos Cybersecurity Evolved logo 72dpi RGB-Managed Services

It’s not all doom and gloom, there are tools out there to help with prevention rather than cure:  Sophos, for example, use AI to look at patterns of behaviour in the coding/algorithms to identify the “suspicion of a something” and then protect against it/stop at source.

MSP’s also play their part.  For example, we offer credential theft monitoring as standard on all our managed services. If you would like to find out more about how Synergi can help your business protect from both the threat within and external threats such as ransomware  then contact me for a quick chat.

Plus if you’re looking to become Cyber Essentials accredited, we can help with this too.  Cyber Essentials is a government-backed industry-supported scheme to help organisation protect themselves against common online threats.

DB3_BWcrop-

David Bradbury

Ask me a question about Cyber Security

If you have a question about your organisation's security, or are interested in a chat about how best to educate your teams, then fill in this form and I'll get back to you.

  • This field is for validation purposes and should be left unchanged.
cyberessentials_certification mark plus_colour-

Cyber Essentials Certified Plus

Untitled design (5)-Manage your business securely with Microsoft

Microsoft Solutions Partner

partner_nintex-

2021

Nintex Partner Award for Customer Success (EMEA)

2020

Nintex Partner Award for Business Transformation

2019

Regional Spotlight Nintex Partner Award

Nintex-Partner-Premier-Horz _CMYK-

UK Nintex Premier Partner

ccs_supplier_logo_original-800x495-left-

Crown Commercial Service

sophos-global-partner-program-gold-

Sophos Gold Partner

Blue Diamond Partner Program Logo JPG-Backup & Disaster Recovery

Datto Blue Diamond Partner

badge-cert-gold-partner-

Yubico Gold Partner

partner-logo-

Cisco Partner

Channel-Partner-Logos_premier-blue-

Mimecast Premier Partner

YES! I want to know more ...

Get in touch with our friendly team of experts. Start your digital transformation journey today.

Call: +44 (0) 191 477 0365

  • This field is for validation purposes and should be left unchanged.