Please give us a few moments whilst we get your account ready.
Cyber-security is an important aspect of any business or organisation with a digital presence, which many organisations have in this digital age. With the ever-increasing use of technology, there are many threats that have increased in scale, severity and volume.
Cyber-security is defined as the body of technologies, processes and practices put into place to protect cyber-systems, such as networks and computers, from an attack. The simplest and most common form of cyber-security is an anti-virus programme. The levels of security needed will often depend on the size of an organisation, what systems they have in place and additional industry regulations or regional legislation.
There are several different cyber-attacks that the cunning cyber-criminal can employ with differing effects, some designed to disrupt and some designed to extort for profit. Cyber-attacks are often well thought-out and planned in advance with several stages to an attack, the first often some kind of ‘disarming’ of security protocols. Although sophisticated attacks will use multiple methods to attack a network, with varying success, most attacks can be identified to one category of attack.
These are just some of the types of attack that can occur and it has become increasingly common to see several strains of code being utilised by cybercriminals to boost the effectiveness of an attack.
The truth is, as a small business, global enterprise or even as a single user, everyone is at risk of cyber-attack. Cyber-criminals are well funded, well-resourced and will target as many people as possible to increase effectiveness, email being a common tool to launch an attack. While global enterprise organisations, such as HBO, may be at risk of a large-scale targeted attack it is likely they will have a larger technical resource available to deal with this, for an individual it can be trickier to stop an attack.
Research suggests that one of the largest threats to an organisation is Ransomware, with 2016 being dubbed the ‘Year of Ransomware’ and reports suggesting a rise in the number of attacks of around 3500% compared to the previous year. Ransomware is popular among cyber-criminals as it is easy to distribute to the masses and can be a quick, untraceable (thanks to Bitcoin), method of getting paid; Ransoms of up to $1 million have been paid.
It is nearly impossible to completely ensure protection against cyber-threats, however, actions can be taken by any organisation to decrease the chance of a breach or attack.
The first step to any security process should be to review the risks that currently exist or that could become an issue in the future. This will include reviewing infrastructure, systems and software’s that are in use and identifying if they will be a threat.
“At Redstor, we regularly role play risk scenarios to identify weaknesses in our systems and processes, with a view to constantly improving them.”
Thomas Campbell, Technical Director, Redstor
Following on from a security review it is important to action any feedback and resolve risks quickly. Further steps can then be taken to minimise the chance of future risks developing; updating software regularly is important as software providers will often develop specific patches against new threats or avenues of attack.
Reviewing and protecting systems can become a very manual and time-heavy task if there is no way to actively monitor on an on-going basis. Monitoring systems can flag up any warning signs of an attack and help prevent the spread of one should it manage to infect part of a system.
The recent ransomware attack on Kaseya, a cloud-based IT and security management provider services company that supplies tech-management tools to customers worldwide, has the potential to be the most serious cyber-criminal incident this year.Continue reading