Breakfast Cyber Seminar - Aston Lark Swale 11th July 2019
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Aston Lark Swale Breakfast Cyber Seminar 11th July 2019 YOUR WORLD IS OUR FOCUS www.astonlark.com © Aston Lark 2017 – 2019
Agenda Content at Aston Lark Time Activity Presenter 08:00 – 08:30 Arrival & Breakfast All 08:30 – 08:40 Welcome & Introduction Lisa Toms (Aston Lark) 08:40 – 08:45 Brompton Cycle Video Ed Rawe (Hiscox) 08:45 – 09:30 Cyber in Kent Aimee Payne (Kent Police) 09:30 – 10:15 How to respond to a breach James Webster (Hiscox) 10:15 – 10:20 Resources available to you Aimee Payne 10:20 – 10:30 Q&A All 10:30 Close All © Aston Lark 2017 – 2019
Brompton Cycle Attack © Aston Lark 2017 – 2019
Content at Aston Lark Cyber in Kent Aimee Payne Cyber Protect & Prevent Officer Serious Economic Crime Unit © Aston Lark 2017 – 2019
Scale of issue • Estimated cost of Cybercrime is $450 Billion per annum globally • By 2021 it is estimated to reach $6 trillion per annum globally
The Risks…. The UK Crime Survey shows that Fraud and Cyber Crime are the most wide spread crimes and are hugely under reported. The risks to your business are; • Your Money • Your Reputation • Your Data • Your Business! A breach is costly whether its the cost to fix or reputational damage and doing nothing is not an option! How important is your data? Is this protected?
Who are the threats? • Criminals looking to steal from you, whether this is data or money or just to disrupt your business so you cannot function • Competitors, wanting to obtain your data and disrupt your business • Your own staff, disgruntled employees or tricked employees who provide Information to Cyber Criminals • Hackers wanting to show off and prove they can breach your security1
Ask yourself… • Do you know the value of your business data? • What if your reputation / trust was affected? • Do you know how and where your data is stored? • Do you have backups? • Who can access your data? • Do you really know your staff? • Do you and your staff understand how to reduce the risks? • Do you have business continuity and disaster recovery in place? • Do you know your responsibilities if you have a data breach? • What would you do if you lost all your data tonight?
Remember A, B, C A – Accept nothing B – Believe no one! C – CONFIRM EVERYTHING!
Take a few minutes to review your digital footprint….
Quite simply, Google yourself!
Limit the amount of information made
PUBLICLY available
Check www.ukphonebook.com
and www.192.comPassword Security
Social engineering
Sometimes the information we post onto social
media can appear harmless and innocent, but it
can often be used by cyber criminals to form
part of an attack.
What information can we learn about someone
from the post opposite? How could this
information be used against us?Social engineering
Types of threats
Ransomware
Beware Ransomware!
• Malicious software (malware) that attempts to extort money (tokens/bitcoins
generally)
• The ransomware will either “lock” the computer to prevent usage, or will encrypt
the files contained on it barring access to them
• Ransomware generally occurs when a link in an email or and email attachment is
opened allowing the ‘malware’ to be installed
ADVICE
• Ensure you have regular back ups (non
cloud too) – but most importantly :
ALWAYS exercise extreme caution
with email links and attachments,
EVEN from trusted sendersPhishing & Spear Phishing
Password Security
• Current best practice advises THREE RANDOM WORDS. To add complexity, convert some letters to
numbers and add special characters
For example : BEACHBUCKETSPADE
To add complexity : 8EACH8UCK3TSP4DE£
• Your single most important account and password is your email – effectively, anyone taking control
of your email can then reset all your other passwords locking you out.
• Don’t use words/names/information that may be in the public domain or easily worked out from
social media content, such as Mother’s maiden name; Date/Place of birth; pets names; children’s
names; teams you support etc
• Never share passwords or disclose your password to anyone else
• Always change default passwords on all SMART devices/routers
• ALWAYS log out of sites you have logged in to – especially on shared/public devices/machinesDid you know… • Any device connected to a Wi-Fi hotspot can view traffic sent & received by everyone else? • A malicious hacker could sit in a coffee shop and carry out all manner of attacks to intercept data as unsuspecting customers access online banking or chat on social media • Enterprising criminals can even set up their own hotspots with the primary goal of capturing personal data.
Hiscox CyberClear You’ve been hacked. What now? James Webster, Head of Specialty Claims, Hiscox
Claims in 2018
What did we see?
Business email compromise 37%
Ransomware 16%
Hack 11%
Other 10%
Misuse of data 6%
Lost device or document 5%
Sextortion 4%
Supplier breach 3%
Rogue employee 2%
Malware 2%
Cryptojacking 1%
Telephone hacking 1%
0% 5% 10% 15% 20% 25% 30% 35% 40%How does that compare to 2017?
2018 2017
Business email compromise 37% Ransomware 37%
Ransomware 16%
Business email compromise 14%
Hack 11%
Hack 13%
Other 10%
Misuse of data 6% Misuse of data 10%
Lost device or document 5%
Lost device or document 8%
Sextortion 4%
Other 6%
Supplier breach 3%
Malware 2% Malware 5%
Rogue employee 2%
DDoS 4%
Cryptojacking 1%
Telephone hacking 3%
Telephone hacking 1%
0% 5% 10% 15% 20% 25% 30% 35% 40% 0% 5% 10% 15% 20% 25% 30% 35% 40%Not just an issue for big business
Almost 75% of claims for sub £10m revenue
13%
20%
Top 40 claims
£0 – £1m
£1m – £5m
10%
£5m – £10m
£10m – £20m
£20m – £50m
5%
£50m+
12%
40%Cyber attack case study
Who are you?
• Small but growing widget supplier, supplying widgets on a
daily basis to a customer base of c.200
• Single site
• 20 staff
• £1m turnoverCyber case study First communication
Cyber case study
What is the impact?
• All system files are encrypted – details of orders,
deliveries, contracts, payroll, HR records
• Outlook is fine, everything else is goneCyber case study
Who do you call first?
• Your IT supplier?
• Your lawyer?
• Your PR company?
• Someone else?Cyber case study Who do you need?
Day one – experts engaged ✓ Cyber extortion – who is the attacker? Is paying ransom an option? ✓ IT forensic – how serious is the infection? Has data been stolen? ✓ Legal – do we need to notify ICO? What could customer claims look like? ✓ PR – what can we say to customers?
Day one – decision time
The attacker – do you engage?
• Yes, to play for time
• Yes, with a view to paying a ransom
• NoDay one – decision time
The ICO – do you notify this?
• Yes, within 24 hours
• Yes, within 48 hours
• Yes, within 72 hours
• NoDay one – decision time
Customers – what do you tell them?
• Everything’s fine, we’ve got it under control
• Chapter and verse – who the attacker is, what the
strain of ransomware is, exactly what your response
is
• Something in between these two
• Radio silenceDay two – what’s happening now? ✓ Cyber extortion – ongoing dialogue with attacker, ransom named ✓ IT forensic – ransomware analysis ✓ Legal – preparing ICO notification ✓ PR – ongoing comms with customers and other stakeholders. FAQs prepared
Day two – decision time
The attacker – £10k demanded. Do you pay?
• Yes
• NoWeek two – final steps ✓ IT forensic – systems restored, concluding investigations ✓ Legal – awaiting ICO response ✓ PR – positive messaging. Focus on restoring your reputation ✓ Customers – service back up and running, but monthly billing is due
Week two – decision time
Customers – it’s billing time. What do you do?
• Issue invoices as normal, see what happens?
• Issue credit notes for the full month?
• Sliding scale depending on severity of impact?
• Something else?Week three onwards ✓ ICO – ongoing dialogue ✓ Customer base – rebuilding the relationship ✓ Business interruption – some customers gave notice to terminate contracts
What did it cost?
Rather a lot
£140,000
£120,000
£100,000
£80,000
£60,000
£40,000
£20,000
£0
Legal IT and cyber security Ransom PR Business interruption
45Content at Aston Lark Resources available to you Aimee Payne Cyber Protect & Prevent Officer Serious Economic Crime Unit © Aston Lark 2017 – 2019
How to protect your Business?
Download software updates Download software and app updates as soon as they appear. They contain vital security upgrades that keep your devices and business information safe. Use strong passwords Use strong passwords made up of at least three random words. Using lower and upper case letters, numbers and symbols this will make your passwords even stronger. Don’t post password answers on social media – pets names etc. And always change default password/PIN settings. Delete suspicious emails Delete suspicious emails as they may contain fraudulent requests for information or links to viruses.
Use anti-virus software Your computers, tablets and smartphones can easily become infected by small pieces of software known as viruses or malware. Install creditable internet security software like anti-virus on all your devices to help prevent infection. And remember to switch it on! Train your staff Make your staff aware of cyber security threats and how to deal with them. Not clicking on links and opening attachments! VPN’s Don’t use public WIFI, if you choose to use it, consider using a VPN or just use 3/4G Two Factor Authentication This is an extra layer of security that requires not only a password and username but also something that the user has on them
What you can do… • Ensure that only those who need it can gain physical access to computers and servers. • Restrict and enforce strict access to company, employee and customer records and ensure sensitive data is encrypted. • Introduce rules and regulations around mobile devices, including use of the internet, secured home access, and use of employees’ own devices in the business.
Your Employees • Training should not be a one off activity and staff should be regularly updated in this area. Get staff to question and challenge things that seem irregular. Maybe consider have a Cyber Champion within your organisation. • Keep up to date with the latest advice. • Ensure you can all spot the signs of social engineering emails or calls trying to gain confidential information – and never click on links or open attachments if the source isn’t 100% known and trustworthy. • Set guidelines about employees’ social media to help prevent your business’ or its reputation being compromised. • All new staff should be made aware of your Cyber Policies and Procedures, consider placing this into employment contracts.
Be aware of data breaches & protect your data www.haveibeenpwned.com A website that allows you to check if your personal data has been compromised by data breaches. "Notify me" service allows visitors to subscribe to notifications about future breaches. Once signed up, you will receive an email message any time their personal information is found in a new data breach. This service often alerts users to breaches long before it reaches the news, meaning that you can take action immediately instead of your accounts being at risk for months without you knowing.
To become a registered CiSP member you must be: • A UK registered company or other legal entity which is responsible for the administration of an electronic communications network in the UK • Sponsored by either a government department, existing CiSP member or a trade body/association If you wish to apply for this FREE service please visit: www.ncsc.gov.uk/cisp
Useful Websites: National Cyber Security Centre: • www.ncsc.gov.uk Online safety on all areas for everyone : • www.getsafeonline.org General advice on Cyber Security for Business & Public : • www.cyberaware.gov.uk Take Five – to stop Fraud: • www.takefive-stopfraud.org.uk
www.takefive-stopfraud.org.uk
Follow us on
Twitter
@kentpolicecyberContent at Aston Lark Any questions? Contact Lisa Toms at Aston Lark, Swale lisa.toms@astonlark.com T: 01795 899433 © Aston Lark 2017 – 2019
You can also read
