Posts

Using SMS to prevent Cybercrime

2017 was the year ransomware hit the headlines hard and it seems the threat is also prevalent in 2018.

Security chiefs and CIOs need to be mindful of the risk surrounding their IT systems and data and take a proactive approach to IT security. While we consider today’s attacks, the cyber criminals are 10 steps ahead planning the attacks of the future.

So what are the security threats of 2019 that IT professionals should be paying particular attention to?

We’re only human

Ransomware exploits vulnerabilities and in today’s business environments, these vulnerabilities often occur as a result of human error. For many organisations, the risk of attack lies with a lack of education among employees about how to manage any information they receive and how this information is collected.

The widespread practice of using e-mail in our personal and work lives has made it the instrument of choice for malware attackers. This is because there is an attitude of complacency with regards to receiving e-mails; the sheer volume we receive and send can blind us to the threat of malicious embedded links or attachments that may come from a seemingly innocuous or familiar source.  The same is also true of malicious web pages in browsers, as we saw with the recent Coinhive attack.

Safer business communications

If businesses continue to use mature applications like e-mail to share information and data, then we can expect more businesses to be exploited by Ransomware in the future.

Since e-mails are a top target for malware attacks, we recommend that businesses employ instant messaging tools for business communication. SMS technologies like this are particularly effective against ransomware as they limit what your systems can be exposed to, reducing the risk of attack.

Rectifying a problem after it has struck in not an effective solution.  We must remain proactive and keep cyber crime at bay.

eSpida Limited partners with world leading technical brands such as ForcepointHuawei Enterprise and WatchGuard to provide best in class IT consultancy and IT security solutions.

Our webinar brings you an update on IT security.

With cybercrime on the rise, keeping your security strategy up to date is imperative to the protection of your organisation. And with the General Data Protection Regulation (GDPR) May 2018 deadline looming, data security is now critical to legal compliance.

Watch our webinar with our resident IT security expert, Nigel Crockford to learn:

  • The changing landscape of IT security
  • The security challenges facing your organisation and its leadership team
  • GDPR and the practical implications for business
  • How to build robust security strategy to meet tomorrow’s threat

For more information about data security and how we can help you to protect your business, please get in touch on 0344 880 6145 or email info@espida.co.uk

 

protect against cybercrime

The May 2017 ransomware attack on the NHS crippled 47 trusts across England and Scotland. At least 6,900 appointments were cancelled and seven A&E departments were forced to turn ambulances away. This demonstrates the significant damage that cyber-attacks can cause. Here, Nigel Crockford, business development manager of IT consultancy eSpida, discusses what businesses must consider to protect themselves in 2018’s IT landscape.

 Back in 1995, when Bill Gates set up Windows 95, there were very few IT applications and, according to www.internetlivestats.com, only 0.8 per cent of the world’s population had internet access at home. Therefore, the risk of cyber-attacks was relatively low.

Since then, the IT landscape has changed dramatically. It was estimated by www.internetlivestats.com that in 2016, 46.1 per cent of the world’s population had internet access at home — a huge increase since 1995. A single device is now capable of processing an extraordinary number of applications and cloud technology means data can be easily shared between devices. These technological advancements have considerably increased the risk of cyber-attacks.

There are things that every business must do to protect its employees, customers and stakeholders from the potentially damaging effects of attacks such as the ransomware attack on the NHS.

Everybody is a security officer

The task of ensuring cyber security in a business can no longer fall to one or two security officers. Everybody must have an awareness of the potential threats, how to protect against them and how to respond in the case of a security breach.

The cyber-security of a business increases considerably if everybody takes simple but effective protective measures. These measures must include installing antivirus software, keeping all software updated, identifying suspicious popups and regularly changing passwords. Common sense is the first line of defence.

Comply with GDPR

In May 2018, the new general data protection regulations (GDPR) will enforce new mandatory requirements for businesses. In essence, you will need to know exactly where all data is stored, how it is held and how it can be accessed.

By complying with these regulations, you will be helping to keep your business’s data and IT systems safe from cyber-crime.

Have a strategy in place

The key to dealing with cyber-crime is to protect, detect and respond. Once an attacker has access to data, it’s extremely difficult to retrieve it. Therefore, prevention is better than cure.

Regardless of how well you protect your business, cyber-attacks may still occur, so everybody must know the signs. According to a 2017 cyber security breaches survey from the Government’s department for digital, culture, media and sport, 46 per cent of organisations had experienced a cyber-attack in the past twelve months. However, many others may have been attacked but did not realise.

To make sure you detect any cyber-attacks that you may fall victim to, look out for unusual password activity notifications, slow network speed and suspicious e-mails or popups — all of which could indicate a breach.

Businesses must also be prepared to respond to a cyber-attack. As of May 2018, the GDPR will state that a cyber breach must be reported in 72 hours. Failure to comply could result in a fine of up to €20 million or four per cent of your business’s global turnover. In addition to reporting the attack, the breach should be contained by shutting down all IT equipment and assess all systems that could have been compromised.

The May 2017 attack was the largest cyber-attack the NHS has ever fallen victim to. NHS England stated that no patient data was compromised and the staff response was commendable. However, this attack may potentially have been avoided if the NHS had been more diligent in its cyber protection measures.

If you are worried about your current security set up and need some advice, contact eSpida today on 0344 880 6145 or email info@espida.co.uk