Cyber Security: Everything You Need to Know in Preparing For An Attack | Software Advisory Service

Whitepaper

Home > Whitepapers > Cyber Security: Everything You Need to Know in Preparing For An Attack

Cyber Security: Everything You Need to Know in Preparing For An Attack

A recent study has revealed that UK firms are “severely unprepared” for Cyber Attacks – with potential invasions wreaking havoc for IT departments across the nation.

Nearly half of all businesses (46%) reported a cyber breach or attack in the past 12 months*.

*Cyber Security Breaches Survey 2017, Department for Digital, Culture, Media & Sport.

 This is reinforced in the findings from the second annual Resilience Report, published by Cyber Security analytics platform RedSeal. By interviewing 600 senior IT decision makers about the cyber challenges they face, RedSeal found the following alarming results:

  • 54% of IT teams don’t have the tools and resources they need.
  • 55% can’t react quickly enough to limit damage in the event of a major security incident.
  • Only 20% of teams are extremely confident their organisation will continue running as usual after discovering a cyber breach.

What does this tell us? That IT security teams are struggling to keep up with the current level of cyber terrorism, foreshadowing a virtual epidemic.

 So what is Cyber Security

Cyber security - also often labelled as information technology security - refers to the range of techniques used to protect your networks, programmes, hardware, software and data from a harmful attack by an external source.

 

Are there Different Types of Cyber Security Incidents? 

The source is the main distinguishing feature between types of Cyber Security incidents. These invasions can range from a minor phishing email, instigated by a solo attacker, to a global, organised crime unit looking to dissolve a major organisation. Both ends of the spectrum are, however, similar in their ability to drastically impact the running of your business.

 

 

How can businesses defend themselves from such Cyber Terrorism?

Cyber-attacks are most often composed of four stages: Survey, Delivery, Breach and Affect.

  1. Survey - Tactic: Educate users - investigating and analysing available information about the target in order to identify potential vulnerabilities.
  2. Delivery - Tactic: Create adequate security controls - getting to the point in a system where a vulnerability can be exploited.
  3. Breach - Tactic: Maintain adequate security controls - exploiting the vulnerability/vulnerabilities to gain some form of unauthorised access.
  4. Affect - Tactic: Implement Incident Response Plan (IRP) - carrying out activities within a system that achieve the attacker’s goal.

There are however various types of cyber security will which can be employed at each of these stages to deflect such an attack, and dramatically reduce its impact. These tactics are included below. 

If your attacker has managed to bypass previous tactics, which is rare but a possibility, then their mechanisms are clearly sophisticated. It is now important to follow your Incident Response Plan – a procedure which should dictate how to minimize the impact of the invasion, rectify and clean-up the affected systems and get the business back up and running in as smooth a manner as possible

CREST suggest this IRP should consist of the following 10 steps:

 

I am a small business, should Cyber Security be a priority of mine?

If you’re a small or medium-sized enterprise (SME) then there’s around a 50% chance that you’ll experience a cyber-attack. For your small business, that could result in costs of around £1,400*.

Furthermore, from May 2018, there's the possibility of increased fines if you fail to meet the requirements of the new General Data Protection Regulation (GDPR). These fines can reach a maximum of €80,000.

Can your small business afford that? If the answer is no, then we highly suggest that you make cyber security a priority.

*National Cyber Security Centre 2017.

 

Cyber Security: Espionage Case Study

The following case study exemplifies the extent to which a cyber-attack can stem from a simple, seemingly innocent action and can quickly progress into a vicious attack on confidential information.

Invaders used a technique known as a ‘watering hole' attack to distribute malware into businesses working in the UK energy sector - whereby they added malicious scripts to legitimate websites often visited by energy sector staff.

The malware targeted known and patchable vulnerabilities in Java, older internet browsers, and all but the most recent versions of Microsoft Windows. It then harvested visitors' credentials and computer system information, and sent this information back to the controllers via attacker-owned domains. Security monitoring did however identify the attack at this stage, and so the invasion was broken before further damage was incurred.

This example can however offer other organisations a platform from which to learn from.

The most effective mitigations against this attack would have been the creation and maintaining of adequate security controls:

  • Deploying a web proxy, web filtering, content checking, and firewall policies could have prevented executable downloads and access to known malicious domains on the Internet.
  • Malware protection defences - which may have detected the commodity attack code used to exploit the victim's browser.
  • User access control - this could have restricted the malware's capabilities.
  • Security monitoring - which in this case managed to identify the suspicious activity.

 

Where do I go from here?

It is now more important than ever to ensure your business is secure from an onslaught of virtual attacks.

To talk to an expert about how to ensure your business is safe from Cyber Terrorism, call Software Advisory Service on 020 3640 8094 or get in touch via the form on the right!


Back Content Hub

Compare IT Solutions


Recent Content