Octree Observer

  • Ransomware – the threat inside

    by : Octree

    When it comes to ransomware, it only takes one person to let the marauders run free

    That's the assessment of cybersecurity company Malwarebytes, which has found as many as one third of small-to-medium-sized businesses were hit by ransomware last year, and that "the human factor" is increasingly behind large-scale outages.

    The findings come as part of Malwarebytes' Second Annual State of Ransomware Report, which showed that, of the 32 percent of companies hit by at least one malware attack last year, one fifth had to completely stop operations immediately. Do not pass go, do not collect $200 (unless you're coughing it up in Bitcoin).

    The figures paint a grim picture of digital security in the modern era, at a time when malware attacks routinely make news headlines, and ransomware (malicious software that infects systems and demands a ransom to regain access to encrypted files) has the power to bring everything from home computers to the world's biggest companies into the digital dark ages.

  • Government to encourage wider adoption of Cyber Essentials scheme

    by : Octree

    The government has said it will be pushing for more companies to gain certification to the Cyber Essentials scheme. The scheme is backed by the government and contains five key controls that, when implemented correctly, can prevent the majority of cyber-attacks.

    Matt Hancock, the Minister for Digital and Culture, was speaking at the Cyber Security Summit at the Institute of Directors in London in March.

    “Numbers are really starting to grow,” he said. “Already, we’ve awarded more than 6,000 certificates to date, with the numbers more than tripling in the past year.”

    According to Hancock, this growth proves that Cyber Essentials is “an effective tool which can be built on to achieve greater security in our organisations”.

    The government already requires all of its suppliers that handle sensitive data to hold a Cyber Essentials certificate, but Hancock said that it will now be “strengthening this requirement to ensure even more of our contractors take up the scheme”.

    Hancock was also quick to highlight the existing and growing cyber threats: “We know the scale of the threat is significant: one in three small firms, and 65% of large businesses are known to have, experienced a cyber breach or attack in the past year. Of those large firms breached, a quarter were known to have been attacked at least once per month.

    It’s absolutely crucial UK industry is protected against this threat - because our economy is a digital economy. Over 95% of businesses are have internet access. Over 60% of employees use computers at work. The internet is used daily by over 80% of adults - and four out of five people in the UK bought something online in the past year. And we know the costs of a successful attack can be huge. My message today is clear: if you’re not concentrating on cyber, you are courting chaos and catering to criminals.”

    Securing organisations’ supply chains

    This announcement signals a growing shift in the importance and authority of the Cyber Essentials scheme. In addition to the government’s requirement for suppliers to be certified, many organisations will feel the pressure to achieve certification.

    For instance, larger companies, especially FTSE 100 companies, will need to certify in order to secure their supply chain, and small and medium-sized enterprises (SMEs) will need to certify in order to work with larger buyers.
  • UK SMEs not educating staff on the risks of cyber-security

    by : Octree

    CFC Underwriting finds that 38 percent of its claims in 2016 could have been avoided if better education and training processes were in place.

    Once again, I really wanted to share this article from Roi Perez, Community Manager at SC Magazine, highlighting the increasing need for security awareness training within businesses, to reduce the threat of email and web borne malware (primarily ransomware).

    New research from specialist cyber-insurance provider CFC Underwriting reveals that over a quarter of UK-based SMEs (27 percent) are still failing to educate and train their staff on the threat of a cyber-attack.

    Phishing scams caused 38 percent of CFC's claims in 2016, meaning that they could arguably have been avoided if staff were trained properly.

    Over a quarter of SMEs (26 percent) say that they do not train and educate their staff on the threat of cyber-security because they are “not sure where to start”. This could be the result of not understanding their cyber-risk profile, with 20 percent of SMEs never assessing the business exposure to cyber-risk.

    CFC saw a 78 percent rise in cyber claims from 2015 to 2016, with 90 percent of claims by volume coming from businesses with less than £50 million in revenue, highlighting just how vulnerable SMEs are to relatively unsophisticated cyber-attacks.

    When SMEs were asked what poses the biggest threat to their business, cyber-crime came in second, topped only by Brexit. Nearly a third (31 percent) of IT companies report cyber-crime to be the main threat, followed by 25 percent in the manufacturing sector. By comparison, just eight percent overall are concerned about traditional crime. Despite these worries, 80 percent of SMEs still do not buy cyber-insurance.
  • Ransomware-as-a-Service is Booming: Here's What You Need to Know

    by : Octree

    Taking a page from the software-as-a-service playbook, ransomware-as-a-service (RaaS) is giving even novice cyber-criminals the ability to launch sophisticated — and profitable — attacks.

    My thanks to the colleagues at Barkly for this somewhat disturbing article, which I thought I would share with you all.

    Ransomware is certainly nothing new in the cybersecurity business, with the first instances cropping up in Russia more than a decade ago. But, the rise of the RaaS distribution model is giving would-be criminals an extremely easy way to launch a cyber-extortion business with virtually no technical expertise required, flooding the market with new ransomware strains in the process.

    In fact, the growth in RaaS platforms on the Dark Web is likely one of the primary drivers behind the huge spike in ransomware attacks over the last year. Network security provider SonicWall reports a staggering total of 638 million attacks over the course of 2016, more than 167x the number of attacks they registered in 2015.

    Other reports indicate nearly half of businesses fell victim to some cyber-ransom campaign last year. At the same time, the number of new ransomware families surged 752 percent, costing businesses $1 billion worldwide.

    What makes RaaS such a threat? It’s the simple, franchise-like deployment model. Instead of writing their own malicious code, aspiring cyber-criminals can now log in to their RaaS portal of choice, configure their deployment, and instantly distribute the malware to unwitting victims. Some RaaS providers even advertise their products in hacking forums, offering customizations and other enticements to drive subscriptions.

    To help you get a better handle on the RaaS threat, let’s dive into some specific FAQs.
  • Alert: New Wave of Ransomware is Bypassing Security

    by : Octree

    Your traditional anti-virus solution is defenseless to this attack!!!

    My thanks to Jonathan Crowe from Barkly for this article. Illuminating and very, very worrying. You really need to act now.

    Key details:
    • Type of attack: Ransomware hidden in NSIS installer files
    • Attack vector: Email
    • Damage: As of yet unknown, but researchers have spotted a major uptick in infections beginning in December

    A new slew of ransomware campaigns are infecting companies thanks to an improved method of avoiding detection — hiding malicious code deep within NSIS installers.

    According to researchers at Microsoft, adoption of the technique appears to be widespread, with Cerber, Locky, and other popular ransomware families all getting in on the act in
    "a collective move by attackers to once again dodge AV detection."

    Beginning last December, the volume of these attacks has experienced a significant uptick, putting more and more companies at risk.

  • 26% of British businesses 'have no protection against cyber attacks'

    by : Octree

    Although businesses understand the importance of digital innovation, they aren't prepared for the challenges

    Almost a third of UK businesses are not sufficiently prepared against a cyber attack, research by software and services provider Advanced has revealed.

    Additionally, 46% of companies don't view data security as a priority when deciding which systems and software to adopt when furthering their digital presence.

    “Digital innovation presents a huge opportunity for companies and our economy, but it also goes hand in hand with a need for greater emphasis on cyber security," Tom Thackray, CBI Director for Innovation, said.

    "Cyber resilience is a growing priority for all businesses, and the challenge now is to move from awareness to action. It’s important that businesses in all sectors – from manufacturing to retail – truly understand digital technology’s potential, from the boardroom to the shop or factory floor."

    Advanced questioned more than 1000 professionals across UK businesses in a range of sectors about how ready they were if a cyber attack struck and how their attitude has changed since it was decided the UK would exit the EU.
  • In June, the FBI released stats that showed “business email compromise” (BEC) scams cost businesses $3.1 billion dollars.

    by : Octree

    Also known as CEO Fraud, Whaling, Spear Phishing this threat targets every size business, primarily because of its ease of perpetration.

    Even more troubling, the FBI warned that BEC scams, also known as “CEO fraud” or “Man-in-the-Email” scams, would likely “continue to grow, evolve, and target businesses of all sizes.” The Bureau also mentioned that they’ve seen a 1,300% increase in business email compromise attacks since January 2015.

    What Are Business Email Compromise Attacks?

    A BEC is a form of phishing attack where a cyber criminal impersonates an executive (often the CEO), and attempts to get an employee, customer, or vendor to transfer funds or sensitive information to the phisher.

    Unlike traditional phishing attacks, which target a large number of individuals across a company, BEC attacks are highly focused. Cyber criminals will scrape compromised email inboxes, study recent company news, and research employees on social media sites in order to make these email attacks look as convincing as possible. This high level of targeting helps these email scams to slip through spam filters and evade email whitelisting campaigns. It can also make it much, much harder for employees to recognize the email is not legitimate.

    What Does a BEC Attack Look Like?

    BEC attacks usually begin with a cyber criminal successfully phishing an executive to gain access to their inbox, or emailing employees from a lookalike domain that is one or two letters off to trick them into thinking they received an email from an executive at their company (a tactic often referred to as “spoofing” an email).

  • Lost devices are a leading cause of data breaches

    by : Octree

    For the financial sector lost or stolen mobile devices were the leading cause of data breaches over the last decade.

    An interesting article from SC Magazine that once again highlights the potential data loss through unsecured mobile devices, and particularly within financial services.

    Phishing scams and ransomware attacks may grab the headlines, but for the financial sector lost or stolen mobile devices were the leading cause of data breaches over the last decade.

    A Bitglass report found 25.3 percent of data breaches that have occurred since 2006 were due to malicious actors getting their hands on a corporate mobile device. This is well above the 19.2 percent of breaches that were caused by hacking, the 14.1 percent due to unintended disclosures and the 13.1 percent of incidents caused by company insiders.

    The report does not disclose how many devices are lost, nor how many of those might end up in the hands of a malicious actor, but the fact that many employees have access to key corporate information means any loss can be catastrophic.

  • Five social engineering scams employees still fall for

    by : Octree

    Is your security awareness training letting you down? It certainly seems so. That’s if you are actually delivering any!!!

    My thanks to Stacy Collett at CSO for this remarkable insight into human behaviour. So.....

    You’ve trained them (I doubt it!).

    You’ve deployed simulated phishing tests (Oh no you haven’t!!).

    You’ve reminded your employees countless times with posters and games and emails about avoiding phishing scams (Really? When?).

    Still, they keep falling for the same ploys they’ve been warned about for years. It’s enough to drive security teams to madness.

    According to Verizon’s 2016 Data Breach Investigation Report, 30 percent of phishing messages were opened by their intended target, and about 12 percent of recipients went on to click the malicious attachment or link that enabled the attack to succeed. A year earlier, only 23 percent of users opened the email, which suggests that employees are getting worse at identifying phishing emails -- or the bad guys are finding more creative ways to outsmart users.

  • 2016 – the Year of Ransomware

    by : Octree

    It’s a matter of when, not if, you are breached, and it could be terminal for your data

    It seemed like just another ordinary day for staff at vehicle hire company MNH Platinum. Little did they know that the simple click of an email link was about to threaten their entire business.

    It was early last year when the Blackburn-based firm was the victim of a virus which encrypted over 12,000 files on its company network. A ransom demand followed – the criminals would decrypt the company’s files in exchange for more than £3,000.

    With the virus proving impossible to remove without the loss of crucial company data, the firm had no choice but to pay up.

    “We were completely unprepared for a cyber breach simply due to a lack of awareness of the magnitude an attack of this type could have through mistakenly clicking a link in an email,” says managing director Mark Hindle. “I am thankful that we had a lucky escape, in that I was able to retrieve the documents that are crucial to the running of the business, albeit at a price.”

    Hackers are ahead in the cyberwar – businesses need to wake up
  • FSB: Small businesses hardest hit by cyber crime

    by : Octree

    Small firms in the UK collectively fall victim to cyber crime 7 million times per year, at a cost to the economy of around £5.26 billion.

    According to new analysis from the Federation of Small Businesses (Cyber Resilience: How to Protect Small Firms in the Digital Economy), small firms in the UK collectively fall victim to cyber crime 7 million times per year, at a cost to the economy of around £5.26 billion.

    And even though 93% of small firms have taken steps to protect their business from cyber threats, those measures have proven inadequate: 66% of small businesses have been a victim of cyber crime. These businesses suffer an average of four cyber crimes every two years at a cost of nearly £3,000 – disproportionately more than big businesses when adjusted for organisational size.

    Phishing (49%), spear phishing (37%) and malware (29%) attacks are the most frequently reported methods.

  • The rise and rise of ransomware

    by : Octree

    The relative low cost of ransomware as a business means that criminals can jump in and out of the business. This article looks at why it continues to work

    My thanks to Davey Winder of SC Magazine for this. Frightening stuff.

    Newly published research suggests that the growth in ransomware infrastructure is, frankly, incredible. With old threats being neutralised, and the public becoming increasingly aware of how to mitigate against these attacks, we wonder just how big a threat ransomware really is?

    The latest Infoblox DNS Threat Index for Q1 2016 reports a 3,500 percent increase in ransomware domain creation quarter on quarter from 2015. The relative cost of infrastructure is so low that it completely makes sense from the criminal's point of view, to scale up those activities that prove to have a return on their investment.

    Ransomware has certainly jumped on that commoditisation of cyber-crime wave, and is riding it for all it's worth. And let's not forget that the Infoblox DNS numbers are not the end of all of it. "Ransomware can work perfectly well without needing freshly registered domains," warns Paul Ducklin, senior technologist at Sophos, "if it uses Tor, or a collection of hacked servers on legitimate domains."

    Another factor in the ongoing rise and rise of ransomware is that since "the criminals have typically provided the unlocking keys, mainly due to automation in their tools, people are paying the ransoms".

  • 75% of UK consumers won't do biz with a company that has been hacked

    by : Octree

    Three quarters of UK consumers would stop doing business or cancel memberships with an organisation if it was hacked.

    New research from Centrify discovered that 73 percent of consumers in the UK admit that it has become normal or expected for businesses to be hacked, yet only half feel they are taking enough responsibility for their customer's information security. The survey evaluated responses from 2,400 people across the UK, Germany and the US.

    About two thirds of respondents in each studied country rated organisations as a nine or 10 on a 10-point scale when it comes to how responsible they should be for preventing hacks and securing the personal information of their customers.

    Those that are more than likely to take their business elsewhere following a data breach include individuals who have had their personal information compromised previously in a hack, tech savvy people and those who shop regularly online.
  • Human error causes more data loss than malicious attacks

    by : Octree

    Human error is the main cause of data breaches, according to statistics obtained from the UK’s Information Commissioner’s Office.

    I wanted to share with you this article about data loss due to internal staff error. Frightening stuff!

    Figures obtained by Egress Software Technologies via a Freedom of Information (FOI) request found that human error accounted for almost two-thirds (62%) of the incidents reported to the ICO – far outstripping other causes, such as insecure webpages and hacking, standing at 9% combined.

    The most common type of breach occurred as a result of someone sending data to the wrong person. Data posted or faxed to the wrong recipient accounted for 17% of data breaches, according to ICO information.

    In the 448 incidents of data breach recorded by the UK regulator during the first three months of 2016, most incidents could be attributed to human error according to data released by the regulator. Of the incidents, 74 were recorded as a loss or theft of paperwork and a further 74 were cases where data were posted or faxed to the wrong recipient. In 42 cases, data were emailed to the incorrect recipient. Unencrypted devices were either lost or stolen on 20 occasions, and 24 cases concerned insecure disposal of paperwork.

  • Four rules and five controls to become cyber secure

    by : Octree

    Some simple housekeeping to improve your cyber resilience.

    No matter the size or industry, cyber criminals are not choosy when deciding the target of their attacks – what does matter is the commercial value of the data that companies possess and what the criminals can do with it. From customers’ contact details and sensitive information to credit card and bank account numbers, there is a wide choice for criminals. If you are responsible for your company’s cyber security, follow these four simple rules developed by staysafeonline.org and reduce your company’s chances of falling victim to cyber attacks.

    Identify your business’s ‘crown jewels’
    The first rule is to understand the value of the information you hold, which is different from what you value the most. You might think that customers’ order details are more important than employee contact details, for instance, but what if staff login credentials are stolen in a social engineering attack? You’ll be breached. Have a think about all the information you store and assign a value, from public to confidential to top secret. All information should be considered, including the company’s documentation, and customer and employee details.

    Protect what’s important

    The next step is to secure the most valuable information. You can do that by restricting access to the most important documents and files or using encryption.
  • UK Digital Economy Minister urges businesses to adopt Cyber Essentials to combat malware threats

    by : Octree

    As UK government vows to boost cyber-defences, its own research finds majority of successful attacks could have been prevented by adopting Cyber Essentials.

    Two-thirds of UK firms have been hit by cyber-attacks, according to figures released by the Department for Culture, Media and Sport.

    The Cyber Security Breaches Survey report said that most of the attacks involved viruses, spyware or malware.

    The research also found that a quarter of large enterprise suffer a cyber-breach at least once a month. Only half of all firms have taken any recommended actions to identify and address vulnerabilities. Only a third of firms had formal written cyber-security policies and a scant ten percent had an incident management plan in place.

    It suggested that seven out of ten attacks could have been prevented using the Government's Cyber Essentials scheme.

    Only a fifth of businesses understood the dangers of sharing information with third parties.

  • New research reveals 71 percent of UK organisations not cyber-resilient

    by : Octree

    Study of 450 UK IT and security professionals uncovers insufficient planning and lack of clear ownership as major inhibitors to achieving cyber resilience.

    In a new study commissioned by Resilient Systems, information security research firm The Ponemon Institute benchmarked UK organisations' resilience to cyber threats.

    The study titled “The Cyber Resilient Organisation in the United Kingdom: Learning to Thrive against Threats”, is the second report in a series of cyber-resilience studies. It found that 71 percent of UK organisations would rate their cyber-resilience as low, underlining a lack of preparedness to handle cyber-attacks. This is hardly surprising given the blasé attitude I’ve experienced when visiting organisations, and particularly those that should be complying with regulatory mandates. And you may think this is only relevant to big business…………..you’d be very wrong.

    As part of the study, the Ponemon Institute surveyed 450 IT and security executives about their organisations' approaches to becoming more resilient in the face of increasingly problematic and frequent cyber-attacks.
  • What's your approach to cyber-security?

    by : Octree

    Businesses in the UK are at greater risk of cyber-crime than any other country in the world.

    I came across this interesting and rather disconcerting article by Richard Beck, head of cyber-security, QA, and felt I ought to share it.

    Businesses in the UK are at greater risk of cyber-crime than any other country in the world. According to the UK government's 2015 Information Security Breaches Survey, 74 percent of small businesses and 90 percent of major businesses suffered a cyber-breach last year – up 81 percent on 2014. The financial consequences of such attacks were significant; statistics from the survey show the average cost of the worst single breach for UK companies employing over 500 people starts at £1.46 million. Smaller businesses did not fare much better, with the average cost of a security breach starting at £75,200.

    Given that the cost of hacking can range from a minor inconvenience, to reputation damage, loss of customer data and fines, most UK businesses now fully appreciate the potential severity that can arise from a cyber-attack. Yet many still have some way to go when it comes to implementing good risk management – including educating staff on cyber-risks.

  • The most popular hacking methods uncovered

    by : Octree

    A recent survey highlights the top 10 methods used to try and compromise your networks

    My thanks to Julia Dutton for this enlightening article.

    A recent survey conducted by Balabit to uncover the ten most popular hacking methods aims to help organisations clearly see which methods or vulnerabilities attackers are using the most when they want to get sensitive data in the shortest possible time.

    The survey also shows that 40% of respondents were aware that first-line defence tools, such as firewalls, are not effective at preventing a cyber-attack. Simply put, security is no longer a product but a process. “Technology itself is too weak”, said Amit Yoran, President of RSA at last month’s RSA conference.

    # 1: Social engineering (e.g. phishing attacks)

    Topping the list was, unsurprisingly, social engineering – e.g. phishing attacks. Although traditional access control tools and anti-malware solutions are important, once criminals manage to break into a system, they can easily escalate their rights and gain privileged access to the network.

    #2: Compromised accounts (e.g. weak passwords)

    Coming in at a close second was compromised accounts, which could be caused by weak password security practices.

    #3: Web-based attacks

    Websites and web applications offer an easy-access route to company assets and provide a huge attack surface, making these types of attacks – which include methods like SQL injection – highly popular.
  • Safer Internet Day 2016

    by : Octree

    This year’s theme is very clear, and it’s all about you: "Play your part for a better internet!"

    My thanks to the guys at Sophos for this gem.

    Yesterday was Safer Internet Day (9.2.2016), #SID2016.

    This year’s theme is very clear, and it’s all about you: “Play your part for a better internet!”

    In other words, it’s not about how to use technology to protect yourself; it’s not about what your ISP should do to keep you safe; it’s not about how everyone else can keep you safe, although all those things are both important and useful.

    This year, more than ever, Safer Internet Day is about asking not what the internet can do for you, but what you can do for the internet.

    ALTRUISM BEGINS AT HOME

    But that doesn’t mean that you shouldn’t look out for yourself.

    In fact, the great thing about computer security is that by looking out for yourself, you help everyone else at the same time.

    It’s true the other way around, too: if you behave carelessly online, you may put your friends, your family, and even complete strangers directly into the firing line of cyber-crooks.

    For example, if you get infected by ransomware, the crooks will hold your data hostage, and you may end up paying them £200 to get the data back, which makes it sound as though malware prevention is all about saving yourself.

    But most malware infections aren’t ransomware.

    Most malware is some sort of bot or zombie: a malicious program used by crooks so they can send commands to your computer from the other side of the world. (Bot is short for “robot,” because your computer ends up blindly following orders from someone else.)

    The crooks will almost certainly dig around on your computer to find out if you have anything interesting for them to steal, such as passwords or account details, which clearly puts you at direct risk.

    But your home computer is probably full of information about other people, too: pictures, email addresses, phone numbers, perhaps even information from work about customers or colleagues.

    Even if the crooks who infected your computer aren’t interested in all that information for future cybercrimes of their own, it has value to them because they can sell it on to other crooks.

    Additionally, once cybercriminals have got what they want from your hard disk, they will turn outwards, using your computer as a springboard to attack other people.
  • Son rattles up £4k bill gaming

    by : Octree

    Faisall Shugaa made 65 purchases from Apple between 13-18 December, never realizing that Dino Bucks translate into real money

    Ever wondered what your kids are doing on their PCs, laptops, tablets, smartphones? Of more concern may be what they are doing on yours!!!

    The latest “Dad, I shrank your bank account due to super easy in-app purchases” story involves a 7-year-old who racked up a £4000 bill (about $5900) by buying dinosaurs.

    As the Metro reports, Mohamed Shugaa, from West Sussex, UK, found out his son had made the transactions during a 5-day dino spree in December, using Dino Bucks in the iTunes game Jurassic World on his dad’s iPad.

    Sure, he knew his son could unlock his tablet with his passcode.

    But Shugaa was (unpleasantly!) surprised to learn that his son, Faisall, had also memorized his Apple ID password.

    That’s all you need to unlock the gates to flashy dinosaur upgrades.
  • UK shoppers lose workday picking up aftermath of cyber-crime

    by : Octree

    More than 12 million Brits (20 percent) have been victimised by cyber-criminals this past year

    UK consumers lost more than one full working day (nine hours) when dealing with the aftermath of online crime, costing roughly £134 each person or £1.6 billion across the country.

    "The fact that over a fifth of consumers have had their personal details stolen should come as no surprise – criminals seek money, consumers have it, and personal details are the online route to it. The criminals are entrepreneurial, well-resourced and technically able, so it is unrealistic to hope to prevent breaches," said Paul McEvatt, senior cyber-threat intelligence manager, UK & Ireland at Fujitsu.

    The Norton Cyber-Security Insights Report surveyed more than 1,000 UK consumers to shed light on the global impact of consumer cyber-crime. Brits are more likely to point fingers at foreign governments with 45 percent blaming them as the main guilty party of online crime. Two of every five Brits choose not to take time to change their account passwords after a security compromise. Over 10 percent of victims in the past year stated that their identity was stolen and one in seven had their financial information stolen after shopping online.

  • Are you serious about cyber-security? Security Serious Week opens

    by : Octree

    It's Security Serious Week, a campaign designed to bring industry experts together to make others more serious about cyber-security.

    My thanks to Max Metzger of SC Magazine for this news article.

    To mark the opening of Security Serious Week, the cream of UK cyber-security marshalled at London's St Katharine's Docks, to discuss the campaign as the opening salvo of an industry-wide effort to raise security awareness.

    Yvonne Eskenzi, one of the founders of the campaign, explained the drive behind it: “Security Serious is all about those that can't, learning from those that can – it's simple really. I plan to bring together our leading experts to convey their words of wisdom to those people and organisations who want to become more security savvy.”

  • What should business owners do on Monday morning?

    by : Octree

    Over the weekend there has been much publicised and printed regarding the recent breach at TalkTalk but we’ll leave it to the ongoing investigation by the appropriate authorities to report on the facts in due course.



    It has however raised calls by leading business organisations for urgent action to be taken to tackle cyber-crime with the Institute of Directors (IOD) claiming only “serious breaches” of crime make the headlines but attacks on British businesses “happen consistently”.

    Little over 12 months ago the UK Government launched a cyber hygiene standard for businesses called Cyber Essentials, by implementing Five Key Controls it is claimed that around 80% of cyber-attacks could be prevented if businesses implemented controls covering.....
  • Hackers use Windows 10 to install ransomware on computers

    by : Octree

    Crafty ransomware hiding as operating system upgrade installer

    Users have been warned not to fall for a scam that pretends to be a Windows 10 installer but in fact installs ransomware instead.

    The email scam was discovered by security researchers at Cisco. Hackers have sent out emails claiming to be from Microsoft with an email attachment. The scammers claim the zip file is the Windows 10 upgrade, but in fact is its origins are from an IP address in Thailand. The email colour scheme is very similar to the Windows 10 update app. It even goes as far as to say the message “has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.”

    The researchers said another red flag was several characters in the email message that haven't parsed properly, which could be due to the hackers using a non-standard character set.

  • How relevant is Cyber Essentials to your business proposition?

    by : Octree

    Now starting its second year, Cyber Essentials certification is quickly becoming recognised as an invaluable kite mark and roadmap for organisations wishing to improve their cyber-security.

    My thanks to Chris Stanley of MASS for this endorsement of the Government’s still relatively new security initiative aimed primarily at SME businesses, Cyber Essentials, for which Octree is already certified and employ accredited consultants for the standard.

    In 2011 the Cabinet Office called for the UK, by 2015, to “derive huge economic and social value from a vibrant, resilient and secure cyberspace”. As part of the National Cyber Security Programme, the government engaged with the Information Assurance for Small and Medium Enterprises (IASME) consortium and the Information Security Forum (ISF) to develop a set of technical controls. These controls would form the basis of a kite mark for ensuring business protected itself against cyber-attacks.

  • Companies Buy Good Security, But Fail to Deploy It Properly

    by : Octree

    Companies may be investing more in multilayered IT security solutions, as everyone says that they should, but once purchased those solutions are not being properly deployed.

    Thanks to Tara Seals of Infosecurity Magazine for this startling and revealing article.

    A Lieberman Software survey has revealed that companies are putting their customers’ data at risk because IT teams don’t have the expertise or time to deploy complicated IT security products.

    The results were a bit alarming; about 69 percent of respondents said that do not feel they are using their IT security products to their full potential. As a result, a staggering 71 percent of IT professionals believe this is putting their company, and possibly customers, at risk.

  • UK Employees download Apps and Porn despite warnings

    by : Octree

    Report highlights fact that British employees ignore IT and security best practices in favour of entertainment

    A new report commissioned by Blue Coat and carried out by Vanson Bourne finds that Britons continue to take cyber-security risks and ignore IT policy to download apps, open emails from unknown senders and even view adult content at work.

    The report, which takes in the views of 1580 employees across 11 countries, finds that one in three UK employees has downloaded apps without IT approval, even though two-thirds of these (66 percent – more than 300) knew that it was wrong.

  • 7 Common User Errors that will get you Hacked!

    by : Octree

    Common knowledge has it that users are the weakest link in the IT risk management world—particularly negligent or uneducated users.

    My thanks to Ericka Chickowsi of Dark Reading for this illuminating article. Beware the insider threat!

    It is widely accepted that users and their endpoints are the weakest link in the IT risk management world—particularly negligent or uneducated users. But how exactly are the bad guys exploiting this ignorance or lack of care to break into users' endpoints and corporate accounts? Many of their methods involve just a little bit of psychological influence because phishing and social engineering tend to play a part in most attacks. Here are a few of the worst ways users expose themselves.
  • New Tory Government Pushes Ahead With Snooper’s Charter

    by : Octree

    The controversial 'Snooper's Charter' surveillance law could be fast-tracked now that the Conservative political party has formed a majority government in the House of Commons.

    Officially known as the Draft Communications Data Bill, the law is expected to force UK internet service providers (ISPs) into keeping huge amounts of data on customers, and make this information available if requested by government and intelligence agencies.

    The last government tried to push the bill through in 2013, but this was subsequently blocked at the House of Commons by the Liberal Democrats, who were part of the coalition government at the time. There were later attempts to sneak the changes through, via amendments to the Counter-Terrorism and Security Bill, although this was also defeated, this time at the House of Lords.
  • FBI warns WordPress users of ISIS threat: Patch and update now

    by : Octree

    Anyone running a WordPress installation needs to be mindful of security, whether they are in charge of a corporate blog or simply running a pet project from home

    Once again thanks to the guys at Sophos for this rather sobering article on vulnerabilities associated with Wordpress, the very popular web development framework.

    The content management system, which powers around 20% of all the sites on the internet, is itself fairly robust, offering regular security patches and software updates to plug newly discovered vulnerabilities. But users themselves are often slow to react, failing to install updates as they become available, if at all.

    By the time you factor in the plethora of available plugins - developed by third parties to add additional functionality to the basic WordPress platform - there are many potential points of failure for an attacker to target.

    In fact, back in 2013, Sophos reported how over 73% of all WordPress installations were susceptible to attack, simply because they were running with known vulnerabilities that any hacker with a modicum of knowledge could detect via automated web tools.

    Add in the fact that many WordPress owners have palmed administration duties off to third parties - who may not prioritise their best interests as they would if it were their own site - and you have a situation in which site visitors, potential business partners and/or customers are placed at risk.

  • Cyber security clearly not a priority for SMBs

    by : Octree

    Just 16 per cent of SMBs consider improving their cyber security a priority, according to the government.

    According to new research carried out by Cyber Streetwise - a cross-government campaign, funded by the National Cyber Security Programme - small and medium sized companies are putting a third (32%) of their revenue at risk because they are falling for some of the common misconceptions around cyber security, leaving them vulnerable to losing valuable data and suffering both financial and reputational damage.

    Two thirds (66%) of SMEs don’t consider their business to be vulnerable, and just 16% say that improving their cyber security is a top priority for 2015.

    When asked if they agreed with some of the most common misconceptions around keeping their business secure online, over three quarters (78%) of small businesses believed at least one. These included the following myths:
  • UK named and shamed as Europe's worst country for data breaches

    by : Octree

    Over one billion records were compromised last year as data breaches became a regular occurrence, especially in the UK

    The latest Breach Level Index from Gemalto's SafeNet revealed that the number of compromised data records increased by a staggering 78 percent to just over one billion in 2014, with data breaches also on the up, rising 49 percent year-on-year to 1,541 incidents.

    The report is particularly bad reading for UK businesses and their IT security departments, as it concluded that the country was the worst in Europe, and the second worst in the world, when it came to the sheer number of breaches last year.

    Citing high-profile examples such as Mumsnet, Moonpig and Axa Healthcare, Gemalto revealed that there were 117 breaches in the UK last year, compared to just 9 in France and 8 in Germany. To put this figure in context, there were 190 breaches in Europe as a whole, meaning the UK's portion accounted for over 60 percent.

    This figure put the country – whose Prime Minister David Cameron has been pushing for an end to encryption – second in the world, behind only the United States with 1,164 breaches in the last year. The US accounted for every three in four breaches (76 percent).

    Interestingly, while ‘malicious outsiders' were cited for over half of data loss incidents, a quarter were down to accidental loss, which significantly eclipsed the much-talked-about malicious insider (15 percent) and state-sponsored actors (4 percent). Hactivists were to blame for an even smaller portion than that.
  • Why small firms struggle with cyber security

    by : Octree

    The tidal wave of security threats is almost overwhelming for almost every business

    My thanks to Mark Ward, Technology Correspondent at the BBC, for this illuminating article.

    Keeping cyber thieves at bay is hard. They are busy, well-motivated and well-financed.

    Just one example serves to show just how prolific they are. Every day, come rain or shine, they crank out about 250,000 novel variants of viruses. Their vigour has helped them steal data from some really big companies, Target, Home Depot and eBay, in the last few months.

    And, what is a problem for the big companies is even more acute for the smaller firms. They have an even tougher time keeping the bad guys out.

    "They are exposed to many of the same attacks as much larger enterprises, yet they don't have the security expertise and resources available to those larger firms," said Maxim Weinstein, a security advisor at security firm Sophos.

  • What Price a Cyber Security Breach?

    by : Octree

    Hack to cost Sony $35 million in IT repairs

    Have you ever wondered what a data breach at your company is likely to cost you? In real tangible terms it may be investigation services, replacement equipment, improved security counter measures, more vigilant network monitoring. But what about the hidden and unknown costs – reputation, loss of business, legal and regulatory punitive measures?

    The Japanese media giant Sony Corporation has put an estimate to the damage caused by the massive cyberattack against Sony Pictures Entertainment last year -- US$35 million. This was just one of numerous attacks against Sony, including the now infamous Lizard Squad attack on Christmas Day that took down the Sony Playstation Network’s authentication servers.

  • Sony accuses DDoS attackers for ruining PlayStation's Xmas

    by : Octree

    Gaming service STILL struggling to return to life

    My son couldn’t wait to unwrap his shiny new Sony Playstation 4 on Christmas morning. The excitement was intense. And then came the time to activate his Playstation Plus subscription to play online and with friends across the Internet. It couldn’t be done! I thought at first it may be a browser issue, then an ISP issue, then a web filtering issue. But no…………it turned out to be a massive DDoS (Distributed Denial of Service) attack initiated by yet another Hacktivist group by the name of Lizard Squad. They did not endear themselves to the general public, and their motives are unclear. But it was yet another assault on the Japanese media corporation - talk about kicking a man when he’s down. Thankfully, for my sanity as much as anything, the network is now back online, and my son is now locked away for hours at a time only surfacing for essential supplies and his ablutions.

    A DDoS is an attack method used to deny access for legitimate users of an online service. This service could be a bank or e-commerce website, a SaaS application, or any other type of network service. Some attacks even target VoIP infrastructure.
  • Sony accuses DDoS attackers for ruining PlayStation's Xmas

    by : Octree

    Gaming service STILL struggling to return to life

    My son couldn’t wait to unwrap his shiny new Sony Playstation 4 on Christmas morning. The excitement was intense. And then came the time to activate his Playstation Plus subscription to play online and with friends across the Internet. It couldn’t be done! I thought at first it may be a browser issue, then an ISP issue, then a web filtering issue. But no…………it turned out to be a massive DDoS (Distributed Denial of Service) attack initiated by yet another Hacktivist group by the name of Lizard Squad. They did not endear themselves to the general public, and their motives are unclear. But it was yet another assault on the Japanese media corporation - talk about kicking a man when he’s down. Thankfully, for my sanity as much as anything, the network is now back online, and my son is now locked away for hours at a time only surfacing for essential supplies and his ablutions.

    A DDoS is an attack method used to deny access for legitimate users of an online service. This service could be a bank or e-commerce website, a SaaS application, or any other type of network service. Some attacks even target VoIP infrastructure.
  • Hackers now offer '100% satisfaction guaranteed'

    by : Octree

    Cyber-criminals are offering "100% satisfaction" guarantees on stolen credit cards, or they will be replaced

    The underground hacker market has become so commercialised that cyber-criminals are offering "100% satisfaction" guarantees on stolen credit cards, or they will be replaced. An investigation by Dell SecureWorks has also found that, like legitimate businesses, the criminals are selling ‘Hacker Tutorials' which make it easier for ‘newbies' to start planting malware and stealing financial data.

    The report also highlights an astonishing focus among hackers on “excellent customer service”, something many legitimate businesses could aspire to. Like any market which is crowded with multiple vendors selling many of the same products and services, the reputation of the vendor becomes critical to running a successful business. It looks like more hackers on the underground have realised this and are trying to distinguish themselves by offering prompt customer service and ‘100% guarantees' on the stolen data they are selling.

  • Retailers are "overconfident" about their security, majority have fundamental gaps

    by : Octree

    Worrying signs for Xmas shopping!

    Just in from Lisa Vaas at Sophos Labs, right in time for the holiday shopping daze: many UK retailers' heads are comfortably buried in the sand when it comes to their cyber security and data protection capabilities, thinking that in spite of not having basic protection and no contingency plans for data breaches, something - maybe magic? - will somehow protect them from malicious cyber-attack.

    In fact, the vast majority - 72% - of 250 UK retail IT decision makers surveyed for the 2014 Retail Security Barometer report, which was conducted by Opinium for Sophos, have failed to implement fundamental security required to safeguard both business and customer data.

    It's not that retailers aren't aware of the increasing risks, and it's not as though retailers don't know how a breach could affect both consumers and their own brand.

    One of many recent examples, this one from across the pond, is US retailer Home Depot, which at the end of last month was facing 44 civil lawsuits across the US and Canada following a huge data breach in September that left 56 million credit cards and 53 million email addresses exposed.

  • Information security: 'Not my problem'

    by : Octree

    Non IT directors pass the buck on cyber security.

    Having read this article from Tony Morbin, Editor in Chief of SC Magazine, I could not resist passing it on.

    Awareness for cyber-security as a risk has risen, but as Simon Church, CEO at NTT Com Security explained: “There is still a high level of misunderstanding, indifference and complacency, and failure to rank information security as a critical risk."

    The figures in 'The Global Risk:Value' report back up this view, based on a survey of 800 business decision-makers (not in an IT role) in the UK, Australia, France, Germany, Hong Kong, Norway, Sweden and the US, showing that 19 percent think there would be no significant impact on their revenue from a data breach and 28 percent admit they do not know what the financial implications would be.

  • 'Serious threat' as free web apps plant Trojans and ransomware

    by : Octree

    We are being warned of a 'serious threat' from cyber-criminals using free web apps to distribute malware.

    I am pretty sure I’m not the first to admit I have used “freeware” occasionally to achieve some technical objective, and have been less than cautious as to the source, the program or the implications. I just wanted to mount that ISO file to install the app, open a PDF that Adobe didn’t like, edit a photo without ludicrous expense…….you get the gist. And what about the inviting adware?

    Yet are we really sure what we are clicking on, or downloading, isn’t laden with malicious code ready to compromise our systems? It would appear not.

    In a 17 November blog post, Trend Micro says criminals are using the FlashPack exploit kit to target corporate users who download apps supported by adverts. The ads secretly infect victims with a range of malware and ransomware, without the users clicking on malicious links or visiting unsafe websites. Trend has seen attacks being funnelled through three specific malicious domains, with the vast majority of victims so far based in the US.
  • ICAEW: businesses are falling further behind cyber attackers

    by : Octree

    Business is not keeping up with cyber risks, says accountancy body

    Businesses are not doing enough to combat cyber risks despite an increased awareness of the need to take cyber security seriously, warn auditors. The ICAEW report, Audit Insights: Cyber Security, says there is a growing gap between business and cyber attacker capabilities, with economic growth and new business activity continuously creating new cyber risks.
  • JPMorgan hack sees financial services turn spotlight on cyber security

    by : Octree

    The positive side to a major data security breach

    You may or may not be aware that last week JP Morgan Chase reported that 76 million households and seven million businesses had their private information compromised, including customer names, addresses and telephone numbers but excluding financial information. Hackers also obtained internal data identifying customers by category, such as whether they are clients of the private bank, mortgage, vehicle finance or credit card divisions. The breach affected anyone who visited the company’s websites, including Chase.com, or used its mobile application. Follow-up reports have since claimed that the investment bank may have been compromised by a state-sponsored actor (believed to be of Russian origin) which exploited an employee password through a phishing attack to break into a company server.
  • Phishing Scams- Catching Email Users Hook, Line and Sinker

    by : Octree

    Email borne ransomware on the increase

    As reported by our Australian email filtering partner Mailguard Pty, further evidence of the increasing threat of ransomware.

    Another day and another sophisticated phishing scam has hit the headlines. This recent batch of file-encrypting ransomware including CryptoLocker, CryptoWall and CryptoDefense, and botnet kits like Zeus, are all deemed particularly nasty.

  • It’s a fact……….small businesses know nothing about cybercrime!

    by : Octree

    SMEs face a relentless barrage of cyber threats today.

    What a way to start the week! A 7.30am Monday breakfast meeting to highlight cybercrime and how it threatens SMEs, organised by our Chamber of Commerce, and hosted by the good people of PwC. Charlie McMurdie was the keynote presenter, formerly Head of Law Enforcement National Cyber capability, Police Central e-Crime Unit, and now Senior Cyber Crime Advisor at PwC.

    And Charlie pulled no punches when, in a hopelessly short period of time, she delivered a whistle-stop assessment and some very high profile examples of the online threat posed by cyber criminals. What is really frightening is how organised these criminal gangs are, as well as astute and skilful computer hackers. And the expectation of almost complete anonymity as well as abundant financial rewards further amplifies their motivation.
  • It’s a fact……….small businesses know nothing about cybercrime!

    by : Octree

    SMEs face a relentless barrage of cyber threats today.

    What a way to start the week! A 7.30am Monday breakfast meeting to highlight cybercrime and how it threatens SMEs, organised by our Chamber of Commerce, and hosted by the good people of PwC. Charlie McMurdie was the keynote presenter, formerly Head of Law Enforcement National Cyber capability, Police Central e-Crime Unit, and now Senior Cyber Crime Advisor at PwC.

    And Charlie pulled no punches when, in a hopelessly short period of time, she delivered a whistle-stop assessment and some very high profile examples of the online threat posed by cyber criminals. What is really frightening is how organised these criminal gangs are, as well as astute and skilful computer hackers. And the expectation of almost complete anonymity as well as abundant financial rewards further amplifies their motivation.
Octree Cyber Essentials
Cyber security – don’t know where to start?
Talk to Octree, specialists in helping SMEs achieve Cyber Essentials status.
GDPR Survey

Recent Posts

Blog Categories

Blog Archive