Has Someone Taken Out A Subscription Against You?

In the rush to remote working cybersecurity often fell by the wayside so that businesses could just keep the lights on. You would think companies would be rushing to plug those gaps. But are they? We’re still seeing three types of business: those that have been attacked, those that don’t know they have been attacked, and those that are going to be attacked.  
 
The risks are high with research showing the average cost of an IT security breach is $4.35 M. Also, 54% of breaches remain undiscovered for months. It’s not surprising really when you can now buy ransomware as a service as cheap as you can subscribe to Netflix.  
 
So, how can you be sure someone hasn’t paid a subscription to attack you?  The simple answer is you can’t.  
 
Which is why you need to take the belt and braces approach to cybersecurity. We all know people who lock the house but leave the windows open. That once you are burgled you install an alarm, use deadlocks everywhere, install floodlights and security cameras, or some just assume it won’t happen to them again – but often it does. A recent survey revealed that more than one in six (17%) of burglary victims had fallen prey to being burgled three times or more, and 65% of those in the same property.

So, if you don’t protect your fortress properly, you’ll very likely to be targeted again. It’s the same with business cybersecurity.  
 
Often businesses are attacked in a minor way, they do a bit of cybersecurity hygiene then continue as normal. But that was the attack before the real attack. What they haven’t taken into consideration is that most cyberattacks today don’t happen on the fly, they are well researched and planned. The average time attackers spend in the organisation is 240 days before they make their move. They build trust and rapport within the company before they attack.  
 
So why are we comparing a Netflix subscription with hackers?  
 
In effect, once a user identity has been compromised, the “hackers” don’t hack-in, they simply log-on just like you would with Netflix – often undetected until days, weeks or even months later. They quietly sit and collect data from your organisation and wait for the perfect time to hold you to ransom.  

Many companies have invested heavily in security products and services, but alarmingly research shows that many don’t have these services deployed and configured correctly, and in many cases the most vulnerable or “privileged” users are the ones least protected.  
 
Here are my top tips for ensuring your business is taking the right steps to prevent a ransom demand:     

  • Simplify your cybersecurity tool set. Simply by making sure your tools are joined up and work together – from Identity and Access Management, Multi Factor Authentication (MFA), application threat control, firewalls, network access control to endpoint protection - you will be better protected. This is not about buying more tools, in most cases it’s about reducing the number and complexity of cybersecurity tools you use and focusing on the vital few that will give you the most effective control by ensuring they are deployed correctly.  
  • Assume breach. Every business should be working from a standpoint of assuming they have already been breached or will be soon. You need to apply zero trust principals and ensure that every access made by every single person onto your network is explicitly verified.  
  • Use Multi-Factor Authentication. MFA combines two or more independent credentials: something the user knows, such as a password; what the user has, such as a security token; and what the user is, by using biometric verification or a known/trusted device. This single action – using MFA correctly - can eliminate more than 99% of phishing attacks of which there are 921 identity attacks every single second. Not using MFA is like locking your front door and leaving all the windows open!
  •  Write and Activate Data Loss Prevention Policies. These protect against accidental or deliberate data leakage by defining how an organisation can share and protect its data. They provide a guide as to how data can be used in decision making without it being exposed to anyone who should not have access to it.  
  • Streamline protection across email, chat, files web apps and endpoints – all these ways of communicating leave you open to attack if you aren’t using the latest cybersecurity technology. Make sure all your tools work across communication platforms and there are no gaps that can be exploited. 
  • Train your users. Regularly training your users on basic security hygiene will go a long way to keeping your business safe. The biggest single source of breaches come from your users clicking on a phishing email or text message. If you educate them about likely breaches and how attackers are thinking and likely to try and reel them in, then they can be your best form of defence. 
  •  Patch, patch, patch – and leverage automated patching were possible – across every switch, access point, router laptop and application. It sounds so simple, yet many organisations are still not patching in a timely fashion which is leaving them wide open to attack.  

 
If your business isn’t undertaking all these steps it’s not long before you’ll realise that a subscription has been taken out against you and the hackers have been logging on and off at will.

Make it a priority to address the gaps in your cybersecurity protection to lessen the chances of the next call you answer being one asking for a ransom.  

Rob Quickenden is  CTO of Cisilion

You Might Also Read: 

Making A Success Of Hybrid Working:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« What The West's Caution Over Chinese Tech Really Means
Chatham House Cyber Conference  | 14 June 2023 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Feedzai

Feedzai

Feedzai provide software that uses big data analysis and machine-based learning to prevent fraud in ecommerce.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cyber Security Expo

Cyber Security Expo

Cyber Security EXPO is a unique one day recruitment event for the cyber security industry.

BehavioSec

BehavioSec

BehavioSec uses the way your customers type, swipe, and hold their devices, and enables them to authenticate themselves through their own behavior patterns.

Rublon

Rublon

Rublon protects endpoints, networks and applications by providing trusted access via two-factor authentication (2FA).

Grayshift

Grayshift

Grayshift is the leading provider of mobile device digital forensics, specializing in lawful access and extraction.

Bigbee Technology

Bigbee Technology

Bigbee Technology are an IT solutions company based in Dar es Salaam founded by a group of professionals from around the globe.

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries is America’s largest military shipbuilding company and a provider of professional services to partners in government and industry.

Nisos

Nisos

Nisos provides unrivaled protection of your reputation and assets through the practice of Active Defense.

TWC IT Solutions

TWC IT Solutions

Since 2011, TWC IT Solutions has offered managed IT Support, Cybersecurity, Disaster Recovery, Contact Centre and Business Connectivity services to clients across 24 countries globally.

Recon InfoSec

Recon InfoSec

The Recon InfoSec team includes analysts, architects, engineers, intrusion specialists, penetration testers, and operations experts.

ACI Learning

ACI Learning

ACI Learning - Training tomorrow’s industry leaders with formats for all types of learners in Audit, Cybersecurity, and IT.

Ingenics Digital

Ingenics Digital

Ingenics Digital is a recognized initiator and leading service provider in the areas of software development and embedded systems.

Control D

Control D

Control D is a modern and customizable DNS service that blocks threats, unwanted content and ads - on all devices.

Code First Girls

Code First Girls

Code First Girls are on a mission to close the gender gap in the tech industry by providing employment through free education.

Orca Fraud

Orca Fraud

Orca is an AI-driven fraud orchestration platform. We empower fraud fighters to outpace fraud using our custom ML models.