Not keeping software updated with the latest patches exposes organisations to the risks of cyber attacks and data breaches because criminals often use vulnerabilities in outdated software to gain access to networks. Patches should ideally be tested prior to deployment and done in batches to avoid a shut-down of the network due to overloading. The patches should also be done sequentially rather than all at once so that should one prove problematic it is easier to roll back the patches to the one that caused the problem, rather than removing all of the patches and having to start the whole process all over again. A planned schedule of the patching process also needs to be kept on file and adhered to so that applying the necessary patches isn’t postponed until it becomes too overwhelming to deal with. Read here for more on the Best Practices for Patching
What is a VPN?
The days of the traditional office environment and its confines have been coming to an end with the continued world-wide growth in mobile workers using smartphones, tablets and laptops at home, while on the road and at coffee shops – but then so has traditional IT security as we used to know it also come to an end as a result. Free Wifi access can be found in almost all major cities in the world today, including their international airports and on public transport, and usually with very few limits, but as the saying goes, there are no free lunches and sacrificing security and privacy for something that is supposedly free can come with some major unanticipated costs. One solution to this problem is to use a Virtual Private Network (VPN) connection. A VPN creates a private tunnel to its servers and encrypts the data being sent and received, which greatly improves security and reduces the chances of interception by a third party. Read more about VPNS and Security Tips
How SSL works
Secure Sockets Layer (SSL) is encryption that is used to establish secure links, such as between a web server and a browser, so that all data passed between them remains private. SSL is identified on websites by the HTTPS text at the beginning of a site’s web address – see below. This whole process is known as a handshake and typically happens within a few milliseconds every time a browser connects to a secured resource or website.
SSL is also used to secure communications between secure devices carrying sensitive data within a corporate network, for example between a server and an endpoint.
It’s important to make sure that any data classified as being sensitive or private is protected from prying eyes. SSL-based encryption provides a fast, secure way to send and receive information and can be used on websites, email servers, VPNs, mobile applications and other platforms. Users also need to take responsibility for their own data though because once personal data is stolen it is likely to be available to criminals forever. Read more about the Different Types of SSL
Checking for Vulnerabilities
Threats can enter a network from any point – not only the servers or websites, and they can be external, internal or a combination of both. The external threats can exploit any vulnerability on a publicly accessible device or resource. This includes websites, terminal servers, cloud applications, VPNs, firewalls and anything that is discoverable on the ‘open’ internet. Internal threats, on the other hand, exploit resources on an internal network that are usually considered to be protected by installed security applications. Office-based servers, workstations, printers, mobile phones and IOT devices all fall into this category. Any device that has access to infrastructure of high importance poses a potential weakness to threats and may become a gateway for would-be hackers to gain entry. Vulnerability scanning solutions such as F-Secure RADAR provide a means to detect vulnerabilities in network resources, IOT equipment and websites as well as providing easy-to-understand solution information for the detected vulnerabilities. Read more about Vulnerability Scanning.
GDPR – Cybersecurity landscape
A new European privacy act called General Data Protection Regulations (GDPR) is being enforced and it will permanently change the way organisations across the globe collect, store and process data.
Technology keeps on changing with new advances every day and it has become almost impossible for the average user to imagine a day without the internet.
Latest Cyber-Attack Threats
Cyber threats and the tactics used can be very difficult to perceive until they affect users directly but awareness of current threats doing the rounds can help with avoiding such attacks. Many users are simply fooled into giving away valuable data by well-designed and cleverly orchestrated scams. The following are some of the latest methods currently being experienced in the wild.
419 scams
So-called 419 scams are fraudulent emails requesting money that appear to be from reputable sources
Credential Phishing
These types of attacks generally also involve the use of emails but are not limited to this method.
Malicious Document Attachments
In these cases an attachment is received from an unknown source. Such attachments tend to circulate frequently and may look perfectly safe to open, but are not.
This bulletin is intended to increase the security awareness in organisations by providing useful information to help enhance security and safety when using computing devices and the Internet.
Be sure to consider some of the cyber threats out there and consider these tips for protecting yourself and your devices. Until our next mailer, you can check out all the great resources we have available on our website.
The Cybervision Team
Attack Prediction, Prevention, Detection & Response
Cyber-attack detection has come along in leaps and bounds over the past few years, and is still improving. It has also seen enormous investment and progress across the world, making it is possible now to detect even the stealthiest and most innovative of attackers faster than ever before. And for many years, security experts have vocally advocated the need for enterprises to invest evenly across Prediction, Prevention, Detection and Response. From a survey conducted by cyber security company F-Secure, prevention still takes the lead in investment, with 40% of enterprises naming it as their highest cost. Detection is gradually climbing up the priority list, coming in as the second highest for 34% of enterprises whilst Response is currently the lowest priority and spend for 44% of enterprises.
People Required for Cyber Security
Defending your organisation against cyber-attacks is not a one-size-fits-all exercise. No single tool or magic box with flashing lights will solve this problem and understanding the threat landscape and where your organisation sits within it is no easy task, but it is far from impossible. There is reasonable knowledge now on the primary threat groups, their motivations, their targets and their methods. However, it is not the case that all threat groups target all organisations, or even a few. The nature of targeted attacks is that attackers take weeks or months to plan an attack where they attempt to access and exfiltrate specific information or assets. In order to respond to attacks you effectively also need people in order to defeat people.
Brand Improvement with Cyber Security
Strong IT security will enable organisations to win customers and retain customer loyalty. Across several B2B and B2C sectors, from finance to pharma, recruitment to retail, having a trusted and provable security posture is an essential requirement for new customers to do business with an organisation. This has often been posited, but was recently proved in a survey by Vodafone where 90% of businesses said strong cyber security would help their reputation in the market, attract new customers, and improve customer loyalty.
Protecting Higher Education from Cyber Attacks
In September 2020, the National Cyber Security Centre (NCSC) issued an alert that ‘devastating’ cyber attacks against HE providers were spiking. Further, in 2019 four out of five HE providers reported that they had been attacked at some point in the previous 12 months.
Spotted in the Wild
Fake Retail Phishing Scams
There have been several fake phishing scams appearing on the WhatsApp platform recently that claim to have come from the major retailers Game, Woolworths and Adidas. The scams with these retailers’ names in them offer R2500, free televisions and clothing, respectively, if the user completes a simple questionnaire and shares the campaign with a number of their WhatsApp contacts. The campaigns are clearly designed to trick people into thinking these are from legitimate sources during the month-long “Black November” and upcoming festive shopping periods.