Phishing is the act of sending fraudulent communications from what appears to be a reputable source, usually through email, but also through texts, websites and phone calls. The goal of the attack is to obtain sensitive data like credit card information and personal login details, or to install malware on the victim's system. 

To stay vigilant and avoid falling victim to phishing scams, be on the lookout for the following:

1. Suspicious-looking links or attachments
2. Mistakes in spelling and grammar
3. Communication that is sent from a name or address that you don’t recognise
4. Messages containing special offers and discounts 
5. Generic ‘Sir/Madam’ greetings
6. Requests to share personal or financial information
7. Automated voice messages 

If you have received a message that you feel is suspicious, whether that be via email, over the phone or by text, you can report it to the National Cyber Security Centre here.

For additional support to help your business stay on top of phishing scams, our partner Cyber Security Associates, provide Phishing Campaign training, designed to test incident response, validate training or identify training gaps for staff. Get in touch to find out more.

Whilst the cyber threat is ever-evolving, cyber security incidents can be simply grouped into one or more of four key outcomes: exfiltration, destruction, manipulation, and access denial. Although the protection required to prevent each of the four types is similar, they are unique in the potential effects and the severity of the situation following the breach.

1. Exfiltration - Information is removed and sold, or used as a means for blackmail - Data exfiltration is a security breach made possible by preying on systems that are reliant on weak, common or easy-to-crack passwords. Attacks are targeted via phishing emails that persuade employees to open messages containing malicious scripts, which can be used to install malware on the company’s network. Once access is gained, the goal is to source valuable, sensitive and private company and customer data that can be later leaked or used for blackmail. 
2. Destruction - Information is destroyed - A data destruction attack targets an organisation’s important data which could result in taking down an organisation’s website, services, and internal systems. Backups do not guarantee safety, where advanced data destruction attacks can target backup and restore methods. This could put businesses in a position where they have to rebuild infrastructure from scratch or pay a high ransom to the attackers. 
3. Manipulation - Information is manipulated - In a data manipulation attack, a cybercriminal will alter, tweak or modify valuable digital documents and critical data to damage an organisation from the inside out. Understandably, data manipulation attacks take far more time to recover from than an exfiltration or destruction attack. Once data is manipulated, it is difficult to determine exactly how the data has been altered.
4. Access Denial - Access to information is blocked - An access denial attack aims to render a computer or device unavailable to its intended users by interrupting the device’s normal functioning. They typically work by overwhelming or flooding a targeted machine with requests until normal traffic can’t be processed, resulting in access being denied to additional users. There are several methods of access denial attacks, including:
5. Ransom distributed denial-of-service (DDoS) attack - is one of two parts: the attack and the ransom demand, in which a cybercriminal can approach in either order. In the case that a ransom note is issued first and a DDoS attack threat is made if an organisation doesn’t pay up, it might be the case that the attacker is incapable of carrying out the attack.
6. Buffer overflow attack - aims to cause a machine to consume all available hard disk space, memory, or CPU time; leading to sluggish behaviour, system crashes and as a result, access denial.
7. Flood attack - works by saturating a targeted server with an overwhelming amount of packets to reach server capacity, resulting in denial-of-service. The cybercriminal must have more bandwidth than the target for the attack to be successful. 

1. Multi-factor-authentication for all network access via the internet
   This will block any attempts from criminals accessing your network.
2. Remove all Legacy Microsoft Windows Operating Systems ASAP
   They all have known vulnerabilities that can be hacked in seconds with no protection.
3. Implement a spam and malicious email filter
   This will prevent harmful emails from reaching your staff.

Our security expert partner, Cyber Security Associates, offers comprehensive training via E-learning courses for all abilities to equip your staff with the necessary skills and knowledge to remain cyber secure. To find out more about these services, get in touch.
 

As a result of remote working, teams have become reliant upon using popular collaborative and accessible services like Microsoft M365. But this increase of remote working has created ample opportunities for cybercriminals to attack vulnerable cloud-based systems. By default Microsoft does not apply the majority of security settings leaving users vulnerable and open to attack. 

Cyber Security Associates’ M365 Security Assessment solution will ensure the necessary security controls are correctly configured to protect your businesses’ emails and documents, by providing a report on findings and assistance in amending the required controls on M365 services. To find out more about how CSA can help, contact us.

Ransomware attacks involve criminals exploiting vulnerable services and unpatched software, with breaches involving end-user interaction such as opening a suspicious email attachment or clicking on a malicious web link. It’s easy to fall victim to an attack if users are unaware of how to be vigilant. 

Top tips to prevent a ransomware attack

1. Backup critical data and services
   Perform regular backups for critical services physically and in the cloud, don’t store them in a way that allows direct access. Offline backups are key as cloud-based backups are still at risk. This will prevent complete encryption of services by adding extra security. 
2. Practise good cyber hygiene
   Maintain a secure IT infrastructure by keeping internet-facing services locked down and devices fully patched from unknown vulnerabilities. To check you are running the latest and safest software versions, scan your internet ‘footprint’ and consult with IT vendors.
3. Check active accounts
   Regularly review your administration accounts, delete old accounts and reset existing accounts often. Ensure your administrators use separate accounts for working on systems and that these accounts do NOT have an associated email address.
4. Educate employees
   Ensure good training and education for your staff so they don’t accidentally click on suspicious emails or malicious web links. Use multiple types of internal communication methods to get the message across.
5. Have a plan of action
   Ensure all staff are prepared with an external contact number or email they can use should they have any concerns. Designate a trained team to deal with any Ransomware incidents quickly and efficiently, and put an effective plan in place.
6. Deploy next generation of end-point protection
   Ensure your end-points and servers are protected against the deployment and execution of Ransomware. Your Anti-Virus may not provide enough protection to defeat the threat; whereas, zero-trust based capabilities will defeat known and unknown types of Ransomware and Malware.

With remote working, it has become increasingly important to ensure our mobile devices are protected against cyber threats. New CSA solution, Lookout Mobile Endpoint Security provides endpoint-to-cloud solutions to receive and manage increasing security alerts. 

Delivered via the cloud, Lookout protects iOS, Android, and Chrome OS with endpoint detection and response built by expert threat researchers. Whether you accidentally download an app riddled with malware or are the unfortunate target of the latest ransomware or phishing scam, Lookout Mobile Endpoint Security will protect you at all points. To get started in protecting your mobile devices, get in touch.