“Highly recommend John Phillips. We’ve recently had to claim on our insurance due to the loss of our websites and the whole process has been SO efficient. Every company should have cyber insurance”
Cyber insurers cover a wide range of eventualities but the way you mitigate the risks of any of these events occurring is through overall good cyber hygiene. The first step toward this is to know the ways you may be vulnerable.
If you do not have standard email protections in place you are much more likely to have your email addresses spoofed or impersonated. This puts your employees, customers and suppliers at risk of falling victim to fraudulent activity which could have a lasting impact on your reputation. This includes either encryption or using webmail application which encrypt data for you and use tools to scan for malware threats before emails reach the end user.
It may not seem obvious but if you use an individual email address to register domain it is much more vulnerable to social engineering attacks. Where the email address of an individual is used a hacker can gain total control of your domain. This could mean traffic to your website is redirected to pages designed to defraud your customers.
In 2016 hackers used social engineering to hijack the domain registration details of a major Brazilian bank. Once they found the domain was registered in the name of an individual they were able to hijack their website and their entire online footprint. They changed the Domain Name System registrations of all 36 of the bank’s online properties, took over the bank’s desktop and mobile website domains to take users to phishing sites. The attack was so complete that the bank could not even send emails. The attackers possibly harvested hundreds of thousands or millions of customers’ account details through phishing and malware but also from redirecting ATM and point-of-sale transactions to infrastructure they controlled.
Known Vulnerabilities and Out of Date Services
Developers make any vulnerabilities they discover known to the public as part of their resolution process. Unfortunately at the same time attackers also share information on how to exploit these vulnerabilities.
Similarly services which are out of date are no longer supported or maintained by their developer. This means that bugs will not be fixed and vulnerabilities will not be patched. It is even possible they may not be publicly disclosed until they have been exploited by attackers. A cyber security company found that 50% of critical flaws refer to outdated or unsupported components.
One of the most notorious examples of this was the Wannacry attack of 2017 which crippled parts of the NHS. A third of NHS hospital trusts were affected by the attack costing £92 billion. This attack exploited a known vulnerability for which Microsoft released a security patch almost two months before the attack began.
Services which are not configured correctly can also be exploited by cyber criminals. Some services should never be directly accessible from the Internet such as databases which may contain personal or sensitive commercial data or routers or network equipment. If these are accessible they are at risk.
Running services which are known to be vulnerable carries a real risk of theft of data, loss of control of website, ransomware and malware: and you are responsible for any data loss.
In 2018 Marriot Hotels suffered a high profile breach. It was found after an internal investigation that the attacker had been able to access the Starwood network since 2014. This has led to the UK’s ICO imposing an £18.4 million fine.
Security certificates are used to create a secure channel which protects data in transit. It will no longer work if your certificate is expired, revoked, invalid or distrusted. This can mean visitors are not able to access your site which can damage your reputation and lose opportunities.
Phishing & Malware
If any of your web pages are being used to host phishing and/or malware content they will be immediately blocked by all the major browsers. Any visitors who are able to access the site will be exposed to threats and can potentially spread these even further. In addition to interrupting your business this can be particularly harmful to your reputation.