Octree Observer

  • What are Your Chances of Suffering a Ransomware Attack — Really?

    by : Octree

    Ransomware has quickly become a top security concern, but does the risk actually merit the hype?

    A big thanks to Jonathan Crowe of Barkly for once again highlighting the growing phenomenon of ransomware. I have witnessed it first hand – it is dangerous and widespread.

    Earlier this month, a post appeared on the Spiceworks IT Community titled, "Have we just been lucky?"

    The question was referring to the fact that, despite all the headlines and widespread attention ransomware has been getting, the poster had yet to experience an infection first-hand. Curious as to whether that might be attributed to the protection they had in place or sheer dumb luck, the poster turned to the Spiceworks community to get more perspectives.

    Were others experiencing ransomware attacks? Was not having experienced an attack really that unique? Was it only a matter of time before their luck ran out?

    Responses to the question varied (they're really worth reading in full). Some IT pros acknowledged they hadn't been hit yet, either, while others reported their organizations had been hit multiple times. The general consensus, however, was that (as with all things security) the best approach was to prepare as if it weren't a matter of IF an attack would happen, but WHEN.

    Especially as long as attacks target the one vulnerability that's never fully under your control — your users.

    Looking beyond the initial "better safe than sorry" lesson, however, I thought this post also tiptoed close to asking another very interesting and valid question:

    How can you determine your risk for ransomware? What are the odds of you suffering an attack?

    1 December 2016 0 Comments Cybercrime
  • Financial, Legal and Public Sector most likely cybercrime targets, but not exclusively!

    by : Octree

    Research shows the most likely victims of attack however do not be fooled into thinking you’re immune.

    As a cyber-security specialist I was recently asked to speak at the UK200Group Annual Conference in Southampton, the UK’s leading association of independent chartered accountants and law firms, representing more than 150,000 UK SMEs.

    I am acutely aware that the financial, legal and public sectors currently attract the most cyber-criminal attention, and for very good reason. However, it would be foolish to believe that those operating in any other vertical are any less susceptible to data breaches. On the contrary, without adopting a pragmatic approach to cyber security it really is a case of when you are compromised, not if.

    The most significant threats today include:

    ransomware - malware that encrypts and threatens to destroy, permanently remove access to, or publicly post data unless a victim makes payment, often increasing as time elapses.

    Phishing and Whaling (AKA CEO Fraud) - A malicious attempt to acquire sensitive information by masquerading as a trustworthy source via email, text, pop-up message, or to coerce an employee into making a money transfer.

    Exploitation of software vulnerabilities - Flaws, glitches, or weaknesses discovered in software.

    And, of course. the insider threat, whether malicious or accidental, which according to research may account for more than 50% of all reported data breaches.
    30 November 2016 0 Comments Cybercrime
  • 26% of British businesses 'have no protection against cyber attacks'

    by : Octree

    Although businesses understand the importance of digital innovation, they aren't prepared for the challenges

    Almost a third of UK businesses are not sufficiently prepared against a cyber attack, research by software and services provider Advanced has revealed.

    Additionally, 46% of companies don't view data security as a priority when deciding which systems and software to adopt when furthering their digital presence.

    “Digital innovation presents a huge opportunity for companies and our economy, but it also goes hand in hand with a need for greater emphasis on cyber security," Tom Thackray, CBI Director for Innovation, said.

    "Cyber resilience is a growing priority for all businesses, and the challenge now is to move from awareness to action. It’s important that businesses in all sectors – from manufacturing to retail – truly understand digital technology’s potential, from the boardroom to the shop or factory floor."

    Advanced questioned more than 1000 professionals across UK businesses in a range of sectors about how ready they were if a cyber attack struck and how their attitude has changed since it was decided the UK would exit the EU.
  • In June, the FBI released stats that showed “business email compromise” (BEC) scams cost businesses $3.1 billion dollars.

    by : Octree

    Also known as CEO Fraud, Whaling, Spear Phishing this threat targets every size business, primarily because of its ease of perpetration.

    Even more troubling, the FBI warned that BEC scams, also known as “CEO fraud” or “Man-in-the-Email” scams, would likely “continue to grow, evolve, and target businesses of all sizes.” The Bureau also mentioned that they’ve seen a 1,300% increase in business email compromise attacks since January 2015.

    What Are Business Email Compromise Attacks?

    A BEC is a form of phishing attack where a cyber criminal impersonates an executive (often the CEO), and attempts to get an employee, customer, or vendor to transfer funds or sensitive information to the phisher.

    Unlike traditional phishing attacks, which target a large number of individuals across a company, BEC attacks are highly focused. Cyber criminals will scrape compromised email inboxes, study recent company news, and research employees on social media sites in order to make these email attacks look as convincing as possible. This high level of targeting helps these email scams to slip through spam filters and evade email whitelisting campaigns. It can also make it much, much harder for employees to recognize the email is not legitimate.

    What Does a BEC Attack Look Like?

    BEC attacks usually begin with a cyber criminal successfully phishing an executive to gain access to their inbox, or emailing employees from a lookalike domain that is one or two letters off to trick them into thinking they received an email from an executive at their company (a tactic often referred to as “spoofing” an email).

  • Lost devices are a leading cause of data breaches

    by : Octree

    For the financial sector lost or stolen mobile devices were the leading cause of data breaches over the last decade.

    An interesting article from SC Magazine that once again highlights the potential data loss through unsecured mobile devices, and particularly within financial services.

    Phishing scams and ransomware attacks may grab the headlines, but for the financial sector lost or stolen mobile devices were the leading cause of data breaches over the last decade.

    A Bitglass report found 25.3 percent of data breaches that have occurred since 2006 were due to malicious actors getting their hands on a corporate mobile device. This is well above the 19.2 percent of breaches that were caused by hacking, the 14.1 percent due to unintended disclosures and the 13.1 percent of incidents caused by company insiders.

    The report does not disclose how many devices are lost, nor how many of those might end up in the hands of a malicious actor, but the fact that many employees have access to key corporate information means any loss can be catastrophic.

  • Five social engineering scams employees still fall for

    by : Octree

    Is your security awareness training letting you down? It certainly seems so. That’s if you are actually delivering any!!!

    My thanks to Stacy Collett at CSO for this remarkable insight into human behaviour. So.....

    You’ve trained them (I doubt it!).

    You’ve deployed simulated phishing tests (Oh no you haven’t!!).

    You’ve reminded your employees countless times with posters and games and emails about avoiding phishing scams (Really? When?).

    Still, they keep falling for the same ploys they’ve been warned about for years. It’s enough to drive security teams to madness.

    According to Verizon’s 2016 Data Breach Investigation Report, 30 percent of phishing messages were opened by their intended target, and about 12 percent of recipients went on to click the malicious attachment or link that enabled the attack to succeed. A year earlier, only 23 percent of users opened the email, which suggests that employees are getting worse at identifying phishing emails -- or the bad guys are finding more creative ways to outsmart users.

  • 2016 – the Year of Ransomware

    by : Octree

    It’s a matter of when, not if, you are breached, and it could be terminal for your data

    It seemed like just another ordinary day for staff at vehicle hire company MNH Platinum. Little did they know that the simple click of an email link was about to threaten their entire business.

    It was early last year when the Blackburn-based firm was the victim of a virus which encrypted over 12,000 files on its company network. A ransom demand followed – the criminals would decrypt the company’s files in exchange for more than £3,000.

    With the virus proving impossible to remove without the loss of crucial company data, the firm had no choice but to pay up.

    “We were completely unprepared for a cyber breach simply due to a lack of awareness of the magnitude an attack of this type could have through mistakenly clicking a link in an email,” says managing director Mark Hindle. “I am thankful that we had a lucky escape, in that I was able to retrieve the documents that are crucial to the running of the business, albeit at a price.”

    Hackers are ahead in the cyberwar – businesses need to wake up
  • FSB: Small businesses hardest hit by cyber crime

    by : Octree

    Small firms in the UK collectively fall victim to cyber crime 7 million times per year, at a cost to the economy of around £5.26 billion.

    According to new analysis from the Federation of Small Businesses (Cyber Resilience: How to Protect Small Firms in the Digital Economy), small firms in the UK collectively fall victim to cyber crime 7 million times per year, at a cost to the economy of around £5.26 billion.

    And even though 93% of small firms have taken steps to protect their business from cyber threats, those measures have proven inadequate: 66% of small businesses have been a victim of cyber crime. These businesses suffer an average of four cyber crimes every two years at a cost of nearly £3,000 – disproportionately more than big businesses when adjusted for organisational size.

    Phishing (49%), spear phishing (37%) and malware (29%) attacks are the most frequently reported methods.

  • The rise and rise of ransomware

    by : Octree

    The relative low cost of ransomware as a business means that criminals can jump in and out of the business. This article looks at why it continues to work

    My thanks to Davey Winder of SC Magazine for this. Frightening stuff.

    Newly published research suggests that the growth in ransomware infrastructure is, frankly, incredible. With old threats being neutralised, and the public becoming increasingly aware of how to mitigate against these attacks, we wonder just how big a threat ransomware really is?

    The latest Infoblox DNS Threat Index for Q1 2016 reports a 3,500 percent increase in ransomware domain creation quarter on quarter from 2015. The relative cost of infrastructure is so low that it completely makes sense from the criminal's point of view, to scale up those activities that prove to have a return on their investment.

    Ransomware has certainly jumped on that commoditisation of cyber-crime wave, and is riding it for all it's worth. And let's not forget that the Infoblox DNS numbers are not the end of all of it. "Ransomware can work perfectly well without needing freshly registered domains," warns Paul Ducklin, senior technologist at Sophos, "if it uses Tor, or a collection of hacked servers on legitimate domains."

    Another factor in the ongoing rise and rise of ransomware is that since "the criminals have typically provided the unlocking keys, mainly due to automation in their tools, people are paying the ransoms".

  • 75% of UK consumers won't do biz with a company that has been hacked

    by : Octree

    Three quarters of UK consumers would stop doing business or cancel memberships with an organisation if it was hacked.

    New research from Centrify discovered that 73 percent of consumers in the UK admit that it has become normal or expected for businesses to be hacked, yet only half feel they are taking enough responsibility for their customer's information security. The survey evaluated responses from 2,400 people across the UK, Germany and the US.

    About two thirds of respondents in each studied country rated organisations as a nine or 10 on a 10-point scale when it comes to how responsible they should be for preventing hacks and securing the personal information of their customers.

    Those that are more than likely to take their business elsewhere following a data breach include individuals who have had their personal information compromised previously in a hack, tech savvy people and those who shop regularly online.
  • Human error causes more data loss than malicious attacks

    by : Octree

    Human error is the main cause of data breaches, according to statistics obtained from the UK’s Information Commissioner’s Office.

    I wanted to share with you this article about data loss due to internal staff error. Frightening stuff!

    Figures obtained by Egress Software Technologies via a Freedom of Information (FOI) request found that human error accounted for almost two-thirds (62%) of the incidents reported to the ICO – far outstripping other causes, such as insecure webpages and hacking, standing at 9% combined.

    The most common type of breach occurred as a result of someone sending data to the wrong person. Data posted or faxed to the wrong recipient accounted for 17% of data breaches, according to ICO information.

    In the 448 incidents of data breach recorded by the UK regulator during the first three months of 2016, most incidents could be attributed to human error according to data released by the regulator. Of the incidents, 74 were recorded as a loss or theft of paperwork and a further 74 were cases where data were posted or faxed to the wrong recipient. In 42 cases, data were emailed to the incorrect recipient. Unencrypted devices were either lost or stolen on 20 occasions, and 24 cases concerned insecure disposal of paperwork.

  • Four rules and five controls to become cyber secure

    by : Octree

    Some simple housekeeping to improve your cyber resilience.

    No matter the size or industry, cyber criminals are not choosy when deciding the target of their attacks – what does matter is the commercial value of the data that companies possess and what the criminals can do with it. From customers’ contact details and sensitive information to credit card and bank account numbers, there is a wide choice for criminals. If you are responsible for your company’s cyber security, follow these four simple rules developed by staysafeonline.org and reduce your company’s chances of falling victim to cyber attacks.

    Identify your business’s ‘crown jewels’
    The first rule is to understand the value of the information you hold, which is different from what you value the most. You might think that customers’ order details are more important than employee contact details, for instance, but what if staff login credentials are stolen in a social engineering attack? You’ll be breached. Have a think about all the information you store and assign a value, from public to confidential to top secret. All information should be considered, including the company’s documentation, and customer and employee details.

    Protect what’s important

    The next step is to secure the most valuable information. You can do that by restricting access to the most important documents and files or using encryption.
  • UK Digital Economy Minister urges businesses to adopt Cyber Essentials to combat malware threats

    by : Octree

    As UK government vows to boost cyber-defences, its own research finds majority of successful attacks could have been prevented by adopting Cyber Essentials.

    Two-thirds of UK firms have been hit by cyber-attacks, according to figures released by the Department for Culture, Media and Sport.

    The Cyber Security Breaches Survey report said that most of the attacks involved viruses, spyware or malware.

    The research also found that a quarter of large enterprise suffer a cyber-breach at least once a month. Only half of all firms have taken any recommended actions to identify and address vulnerabilities. Only a third of firms had formal written cyber-security policies and a scant ten percent had an incident management plan in place.

    It suggested that seven out of ten attacks could have been prevented using the Government's Cyber Essentials scheme.

    Only a fifth of businesses understood the dangers of sharing information with third parties.

  • Ransomware and phishing attacks are up, once again.

    by : Octree

    Verizon's new data breach investigation report shows a perhaps depressing continuation of previous problems, once again, phishing and ransomware attacks are up.

    The report brings together data from 2260 breaches and 100,000 incidents in 82 countries, collecting information from 67 partners.

    "Phishing has continued to trend upward” notes the report, “and is found in the most opportunistic attacks as well as the sophisticated nation state tomfoolery.”

    Phishing and ransomware are two of the most threatening and common intrusion techniques.

    Phishing often comes in the form of an email, compelling the recipient to open an embedded link or attachment. Once that link is opened by the unsuspecting victim, a trap is sprung and malware is downloaded onto the system. It's simple, but incredibly effective.

  • New research reveals 71 percent of UK organisations not cyber-resilient

    by : Octree

    Study of 450 UK IT and security professionals uncovers insufficient planning and lack of clear ownership as major inhibitors to achieving cyber resilience.

    In a new study commissioned by Resilient Systems, information security research firm The Ponemon Institute benchmarked UK organisations' resilience to cyber threats.

    The study titled “The Cyber Resilient Organisation in the United Kingdom: Learning to Thrive against Threats”, is the second report in a series of cyber-resilience studies. It found that 71 percent of UK organisations would rate their cyber-resilience as low, underlining a lack of preparedness to handle cyber-attacks. This is hardly surprising given the blasé attitude I’ve experienced when visiting organisations, and particularly those that should be complying with regulatory mandates. And you may think this is only relevant to big business…………..you’d be very wrong.

    As part of the study, the Ponemon Institute surveyed 450 IT and security executives about their organisations' approaches to becoming more resilient in the face of increasingly problematic and frequent cyber-attacks.
  • What's your approach to cyber-security?

    by : Octree

    Businesses in the UK are at greater risk of cyber-crime than any other country in the world.

    I came across this interesting and rather disconcerting article by Richard Beck, head of cyber-security, QA, and felt I ought to share it.

    Businesses in the UK are at greater risk of cyber-crime than any other country in the world. According to the UK government's 2015 Information Security Breaches Survey, 74 percent of small businesses and 90 percent of major businesses suffered a cyber-breach last year – up 81 percent on 2014. The financial consequences of such attacks were significant; statistics from the survey show the average cost of the worst single breach for UK companies employing over 500 people starts at £1.46 million. Smaller businesses did not fare much better, with the average cost of a security breach starting at £75,200.

    Given that the cost of hacking can range from a minor inconvenience, to reputation damage, loss of customer data and fines, most UK businesses now fully appreciate the potential severity that can arise from a cyber-attack. Yet many still have some way to go when it comes to implementing good risk management – including educating staff on cyber-risks.

  • The most popular hacking methods uncovered

    by : Octree

    A recent survey highlights the top 10 methods used to try and compromise your networks

    My thanks to Julia Dutton for this enlightening article.

    A recent survey conducted by Balabit to uncover the ten most popular hacking methods aims to help organisations clearly see which methods or vulnerabilities attackers are using the most when they want to get sensitive data in the shortest possible time.

    The survey also shows that 40% of respondents were aware that first-line defence tools, such as firewalls, are not effective at preventing a cyber-attack. Simply put, security is no longer a product but a process. “Technology itself is too weak”, said Amit Yoran, President of RSA at last month’s RSA conference.

    # 1: Social engineering (e.g. phishing attacks)

    Topping the list was, unsurprisingly, social engineering – e.g. phishing attacks. Although traditional access control tools and anti-malware solutions are important, once criminals manage to break into a system, they can easily escalate their rights and gain privileged access to the network.

    #2: Compromised accounts (e.g. weak passwords)

    Coming in at a close second was compromised accounts, which could be caused by weak password security practices.

    #3: Web-based attacks

    Websites and web applications offer an easy-access route to company assets and provide a huge attack surface, making these types of attacks – which include methods like SQL injection – highly popular.
  • 3 million Brits have switched providers after data breach

    by : Octree

    Talk Talk loses the personal details of only 110,000 customers yet pays a heavier price in lost business and reputation!

    This news article should act as a salient reminder to each and every one of us in business that cybercrime is not just about lost data. The periphery costs can be even more acute. And, contrary to popular opinion, it is not just large businesses that suffer – we are all susceptible, and particularly those among us who chose to ignore the threat.

    TalkTalk might well have lost "only" 110,000 customers as a result of last year's high profile data breach but a whopping 3 million Brits say they have ditched a company after having their personal data compromised.

    According to new research by security firm Privitar, perceptions about how well companies safeguard customer data is becoming a significant factor when consumers choose to do business with them.

    Some 83% of respondents said they would look to switch to another service if they felt it could manage their data better.

    17 February 2016 0 Comments Cybercrime
  • Safer Internet Day 2016

    by : Octree

    This year’s theme is very clear, and it’s all about you: "Play your part for a better internet!"

    My thanks to the guys at Sophos for this gem.

    Yesterday was Safer Internet Day (9.2.2016), #SID2016.

    This year’s theme is very clear, and it’s all about you: “Play your part for a better internet!”

    In other words, it’s not about how to use technology to protect yourself; it’s not about what your ISP should do to keep you safe; it’s not about how everyone else can keep you safe, although all those things are both important and useful.

    This year, more than ever, Safer Internet Day is about asking not what the internet can do for you, but what you can do for the internet.


    But that doesn’t mean that you shouldn’t look out for yourself.

    In fact, the great thing about computer security is that by looking out for yourself, you help everyone else at the same time.

    It’s true the other way around, too: if you behave carelessly online, you may put your friends, your family, and even complete strangers directly into the firing line of cyber-crooks.

    For example, if you get infected by ransomware, the crooks will hold your data hostage, and you may end up paying them £200 to get the data back, which makes it sound as though malware prevention is all about saving yourself.

    But most malware infections aren’t ransomware.

    Most malware is some sort of bot or zombie: a malicious program used by crooks so they can send commands to your computer from the other side of the world. (Bot is short for “robot,” because your computer ends up blindly following orders from someone else.)

    The crooks will almost certainly dig around on your computer to find out if you have anything interesting for them to steal, such as passwords or account details, which clearly puts you at direct risk.

    But your home computer is probably full of information about other people, too: pictures, email addresses, phone numbers, perhaps even information from work about customers or colleagues.

    Even if the crooks who infected your computer aren’t interested in all that information for future cybercrimes of their own, it has value to them because they can sell it on to other crooks.

    Additionally, once cybercriminals have got what they want from your hard disk, they will turn outwards, using your computer as a springboard to attack other people.
  • Son rattles up £4k bill gaming

    by : Octree

    Faisall Shugaa made 65 purchases from Apple between 13-18 December, never realizing that Dino Bucks translate into real money

    Ever wondered what your kids are doing on their PCs, laptops, tablets, smartphones? Of more concern may be what they are doing on yours!!!

    The latest “Dad, I shrank your bank account due to super easy in-app purchases” story involves a 7-year-old who racked up a £4000 bill (about $5900) by buying dinosaurs.

    As the Metro reports, Mohamed Shugaa, from West Sussex, UK, found out his son had made the transactions during a 5-day dino spree in December, using Dino Bucks in the iTunes game Jurassic World on his dad’s iPad.

    Sure, he knew his son could unlock his tablet with his passcode.

    But Shugaa was (unpleasantly!) surprised to learn that his son, Faisall, had also memorized his Apple ID password.

    That’s all you need to unlock the gates to flashy dinosaur upgrades.
Octree Cyber Essentials
Cyber security – don’t know where to start?
Talk to Octree, specialists in helping SMEs achieve Cyber Essentials status.
GDPR Survey

Recent Posts

Blog Categories

Blog Archive