To receive our quarterly e-newsletter filled with the kind of news you can use, register here.
Businesses across Scotland are experiencing a new kind of threat to their finances, a threat that causes them to transfer large sums of money directly into the criminal’s bank account. Social Engineering is the latest and most sophisticated cybercrime to date, designed to specifically target your business finances.”
This year alone has seen a marked increase in the number of online attacks focusing on local businesses. The days of receiving a half-hearted phishing attempt from a Nigerian benefactor who urgently needs your bank account details and sort code are long gone. Criminals are now employing sophisticated methods to gain access to company systems, costing business owners thousands of pounds in lost revenue, damaged brand equity and increased IT security.
These online scams are trending now
Social engineering is a form of manipulation used by criminal gangs to extort large sums of money from businesses. Hackers using this highly targeted tactic will research your business’ and you employees’ social media accounts before carrying out an attack. The criminal gangs will identify senior staff within your business; their status, contacts, interests and habits and use this knowledge to manipulate the targeted individual(s), causing them to transfer large sums of money, usually quite successfully.
Whaling is a highly targeted form of social engineering attack that usually focuses on the CEO or MD and a senior member of the accounts team.
It typically involves an email that appears to be from the MD seeking login credentials, bank account details or the urgent transfer of substantial sums of money to a supplier or customer. Calls and emails will always address the individual on first name terms, and emails will usually be branded, making them difficult to spot.
Another successful tactic the criminals like to use, is ransomware, with one particular strain hogging the limelight at the moment; Cryptolocker.
Cryptolocker typically arrives in the form of an infected email (usually a link, or attached document), or hidden in a link on a website and once clicked, will quickly infect the user's computer. It then encrypts all files on the machine, and any visible files on the company network. A ransom message will then appear on the user’s screen demanding payment in return for a decryption key.
Once access to the network has been achieved, unauthorised users can install Cryptolocker or similar malware on your servers, encrypt company data, uninstall antivirus and backups and delete local copies of backups.
Basic steps to protect your business
The following steps, although by no means exhaustive, will help your team develop good online security habits.
Hold regular security briefings
Human error accounts for a large proportion of successful cyber-attacks. With this in mind, it is important to make your team aware of the threat landscape as well as the policies and processes that are in place to help avoid an attack, or at the very least, mitigate the damage should your company become the victim of an attack.
It is worth holding regular training and education sessions and using internal news streams and intranet to keep your teams abreast of company security best practice.
Take passwords seriously
Develop a strict password policy to reduce the risk of your network being compromised by external attackers. Also, research an enterprise password policy that fits the needs of your business.
There is a good selection of cloud-based password management tools on the market, many of which offer excellent enterprise options. Look out for products that let you protect multiple devices across remote locations. Apps such as LastPass and KeePass offer highly encrypted password vaults and password generators, helping users create secure passwords.
Password management tools aren’t immune to security flaws, though. A master password protects access to the password vault. Therefore, it is important to understand that a weak master password has the potential to open up your entire suite of site logins to criminals.
Keeping your data properly backed up is absolutely essential, regardless of whether you feel your business is at risk of a security breach or not. Running regular on premises and off-site backups improves your chances of recovering vital information should you become the victim of an attack.
Finally, use common sense
Our final point is to teach common sense in the digital workplace. If you or a colleague isn't 100% confident that a suspicious email is from a trusted source, they should ask for a second opinion. No-one wants to be the person that clicked on the malicious attachment that brings the business to a halt and costs thousands to rectify. If you do suspect an email is infected, DO NOT send it to anyone else for verification.
For more information contact Craig Allan at NetworkROI email@example.com or visit their website.