News

Cyber-security 101

Thu, 12/10/2017 - 10:54
Redstor_CyberSecurity101_blog
Data Backup , Data Protection

Cyber-security is an important aspect of any business or organization with a digital presence, which many organizations have in this digital age. With the ever-increasing use of technology, there are many threats that have increased in scale, severity and volume.

Cyber-security is defined as the body of technologies, processes and practices put into place to protect cyber-systems, such as networks and computers, from an attack. The simplest and most common form of cyber-security is an anti-virus programme. The levels of security needed will often depend on the size of an organization, what systems they have in place and additional industry regulations or regional legislation.

 

Need to know

There are several different cyber-attacks that the cunning cyber-criminal can employ with differing effects, some designed to disrupt and some designed to extort for profit. Cyber-attacks are often well thought-out and planned in advance with several stages to an attack, the first often some kind of ‘disarming’ of security protocols. Although sophisticated attacks will use multiple methods to attack a network, with varying success, most attacks can be identified to one category of attack.

  • Cyber-crime is any criminal activity that occurs by means of computers or the internet.
  • Malware is an increasingly common type of attack that consists of malicious software being accessed (usually downloaded), which then attacks a user’s system.
    • Ransomware is a very common type of malware.
  • A worm is a malicious code that will route through a network or system to find vulnerabilities that can be hacked.
  • A virus or a trojan is one of the most established types of cyber-attack, these are usually designed to wipe out data on a network. 

These are just some of the types of attack that can occur and it has become increasingly common to see several strains of code being utilized by cybercriminals to boost the effectiveness of an attack.

 

Is your organization at risk?

The truth is, as a small business, global enterprise or even as a single user, everyone is at risk of cyber-attack. Cyber-criminals are well funded, well-resourced and will target as many people as possible to increase effectiveness, email being a common tool to launch an attack. While global enterprise organizations, such as HBO, may be at risk of a large-scale targeted attack it is likely they will have a larger technical resource available to deal with this, for an individual it can be trickier to stop an attack.

Research suggests that one of the largest threats to an organization is Ransomware, with 2016 being dubbed the ‘Year of Ransomware’ and reports suggesting a rise in the number of attacks of around 3500% compared to the previous year. Ransomware is popular among cyber-criminals as it is easy to distribute to the masses and can be a quick, untraceable (thanks to Bitcoin), method of getting paid; Ransoms of up to $1 million have been paid.

 

Best practices for protecting against cyber-attack

It is nearly impossible to completely ensure protection against cyber-threats, however, actions can be taken by any organization to decrease the chance of a breach or attack.

Review

The first step to any security process should be to review the risks that currently exist or that could become an issue in the future. This will include reviewing infrastructure, systems and software’s that are in use and identifying if they will be a threat.

 

“At Redstor, we regularly role play risk scenarios to identify weaknesses in our systems and processes, with a view to constantly improving them.”

Thomas Campbell, Technical Director, Redstor

Protect

Following on from a security review it is important to action any feedback and resolve risks quickly. Further steps can then be taken to minimize the chance of future risks developing; updating software regularly is important as software providers will often develop specific patches against new threats or avenues of attack.

Monitor

Reviewing and protecting systems can become a very manual and time-heavy task if there is no way to actively monitor on an on-going basis. Monitoring systems can flag up any warning signs of an attack and help prevent the spread of one should it manage to infect part of a system.

Recent Articles

Redstor_Ransomware_Typewriters_blog Ransomware

Latest Ransomware Attacks Leave Organisation Working On Typewriters

Ransomware is a threat to all organizations and has been prevalent for a number of years. Although recent reports suggest that organizations are no... read more

August 09, 2018
Redstor_Reddit_blog Ransomware

Two-factor Becomes Hack-factor In Reddit Attack

The last few years have seen a number of high profile hacks, each growing in complexity and affecting masses of people. Strains of ransomware have... read more

August 07, 2018
Redstor_Dixons_super-breach_blog Disaster Recovery

Dixons Breach Becomes Super-breach Following Review

Earlier this year high street electronics firm Dixons Carphone revealed that a data breach had occurred the previous year, effecting over 1 million... read more

August 02, 2018