The industry-leading cyber security firm SonicWall has released
their latest cyber threat intelligence report. This explains the
continuing battle to stay one step ahead of the cyber criminals.
The UK is still the second favourite country in the world to be
attacked. The USA is in first place!
There was a 195% increase in ransomware attacks on the UK in the
last year. These attacks continue to pay handsome dividends for
cybercriminals.
Attacks through PDF’s and Office files remain a major
threat
Traditional PDF’s and Microsoft Office files are still widely
used by cyber criminals to deliver malicious code to business and
personal computer users.
Please ensure that all your staff are aware of the dangers of opening
pdf’s and Office files from unverified sources. If you are
not sure who has sent it to you DO NOT CLICK ON IT OR OPEN
IT!
In June for example, Microsoft Security reported that a remote
access trojan was hidden in a Excel file. This deployed malware
when the file was opened.
How To Protect Your Business
There are different types of cyber criminal. Some are interested
in making money through fraud or from the sale of valuable information.
Some are industrial competitors, or foreign intelligence services,
interested in gaining an economic advantage for their companies
or countries.
Others are pure “hackers” who simple enjoy the challenge
of interfering with computer systems. There are also “Hacktivists”
who attack companies for political or ideological motives.
Finally, closer to home, you have employees, or those who have
legitimate access to your business systems. They may attack your
systems through accidental or deliberate misuse.
Many companies have experienced security breaches with each one
costing thousands of pounds.
Here is some general guidance to help keep your business secure:
1. Educate Your Users
Staff need to be educated about cyber risks, especially in respect
of emails and browsing web sites.
Basic education should include how to create strong passwords and
to beware of clicking on any links they are not sure of.
2. Keep Your Network Secure with a Firewall
Your firewall is your gateway to the internet and it protects you
from outside attacks. It monitors and blocks unauthorised access
and malicious content.
Even with a secure firewall in place it is still important to have
regular security checks and controls.
3. Keep Anti-Virus and Malware Software Up-To-Date
Make sure your anti-virus and malware software is kept up to date.
You should have a daily monitoring process.
4. Enforce a “Strong Password” Policy
Make sure users change their passwords regularly and prevent them
from selecting ones that are easy to guess. Make sure that accounts
are locked out after a low number of failed login attempts.
5. Put Controls on the Use of Removable Media Controls
Make sure you have a policy in place to control all access to removable
media, such as memory sticks. Limit media types and their use. Scan
all media for malware before connecting it to your network system.
6. Manage User Access and Privileges Carefully
Establish effective management processes and keep the number of
privileged accounts to a minimum. Limit user privileges and monitor
user activity. Control access to activity and audit logs.
7. Put a Disaster Recovery Plan in Place
It is essential to have a working Disaster Recovery Plan in place,
and to test it regularly. Take regular backups of your servers and
data and keep them securely off-site. Any criminal incidents must
be reported to the police.
8. Monitor Systems and Networks
You should continuously monitor all systems and networks to make
sure that the network is kept secure and that anti-virus software
is kept up to date.
9. Implement a Clear Home and Mobile Working Policy
Mobile workers with laptops and tablets need to be extra vigilant
when using their devices outside the office.
Make sure they use strong passwords and that all Company data stored
on their device is encrypted, so that if the device is stolen your
data is safe.
10. Install Recommended Software Patches FAST
Apply patches at the earliest opportunity in order to limit exposure
to known software vulnerabilities. Ensure the secure configuration
of all systems is maintained.
For help and advice on protecting your business from cyber crime
please call us on 01273 384100 or email us at sales@cnc-ltd.co.uk.
|