The major vulnerability within your company, particularly in the run-up to Christmas, is social engineering - a technique used to deceive and manipulate victims to reach a certain goal, such as unauthorised access to a computer system for financial gain or causing harm or disruption. Social engineering may, in some cases, be considered an art of manipulation; it is well planned, researched and executed in order to lure victims into revealing sensitive information or granting unauthorised access.
From an attacker’s perspective, it makes sense to focus on the behavioural patterns of humans. And what is one behaviour that most of us do at this time of year? Online Christmas shopping!
According to UK online retail association, the combination of Black Friday discounts and coronavirus restrictions has made November a record-breaking month for online retail. In the first week of the month, online sales were up 61 percent compared with the same period last year. With many people working from home, it is highly likely that many of the uplift in November sales were made by employees were using their time at home to make the most of the occasional downtime to browse ecommerce sites on corporate devices.
Technical countermeasures against phishing attempts and detecting malicious activities today are much more robust than they have been in the past. The human, on the other hand, is more complex and harder to predict in certain scenarios, while easy to manipulate in others. In the rush to grab a festive bargain, there is a risk that staff may fall victim to tried and tested methods of coercion:
Security budgets set for major rise after Covid-19 restrictions.
E-mails: cybercriminals use the name and layouts of known services or organisations (including retailers) to trick the user into clicking on a malicious link or downloading of malicious file attachments.
Fake websites: they look legitimate but are fraudulent copies. The threat actors will trick the users into giving their personal information and/or into clicking upon a malicious link and/or into downloading malware (sometimes without even knowing it).
So, while we may be less than 2 weeks until the big day, it is vital that your security teams remain vigilant to ensure an unwitting employee avoids falling foul of a devious cyber scam and turn the next few weeks into a ‘nightmare before Christmas’.
Here are some top tips on the steps that organisations can take now to help them have a happy festive period:
Education, education, education: Regular communication with your staff about evolving threats is vital. Make sure that they all know the basics: check the authenticity of messages received, whatever the channel you receive it from: email, SMS, instant messaging, social media, etc. Elements to check are, in particular: the sender, the content of the message (spelling error or bad translation), urgent demand or unusual one.
Review back up and disaster recovery. Two real threats which have arguably escalated due to the pandemic are Ransomware and Denial of Service attacks. Take some time to review the state of your backups and the readiness of your data and disaster recovery processes. Think about the data being generated by home workers – if you don’t already have a suitable backup system to support remote working, then public cloud solutions like Google Cloud, Dropbox and Microsoft OneDrive may present a viable alternative.
Prepare for the worst: The less prepared a company is for a cyber-crisis, the more serious and difficult the impacts will be. However, it’s important to distinguish between a cyber security incident and a cyber crisis. A crisis is exceptional. It cannot be resolved by the usual processes and within the normal functioning realm of an organization. Employees involved in managing a crisis must step outside their usual roles and responsibilities. Most companies use the word “crisis” to describe incidents that they could manage without disrupting their practices. The difference between a crisis and a security incident requires a certain maturity and/or good training.
If you find yourself in a position where you have fallen foul to an attack and cannot find a way to get fixed, then please do consider calling our team to support your situation, for assistance with the following activities:
Identification of malware and containment of your network.
Triage of infected devices and malware analysis.
Transition to BAU activities and post incident analysis.
Additional support can also be provided by undertaking a post incident breach assessment, to ensure that your estate is secure post suffering a breach. This activity will support the organisations transition to a more secure position.
As part of the Incident Response package available, we can support your organisation at all levels of budget, to support your cyber security programme. So please do speak with us to see how we can support your organisation and keep it a HAPPY CHRISTMAS for your organisation and your clients.