How to prevent cyber crime for SMEs
Remote working on such a large scale has left businesses open to attack by cyber hackers. Here we cover the three biggest threats and how to stop such attacks from damaging your business.
How cyber criminals are targeting businesses during lockdown and what you can do to stop them
Staying at home may prevent us from catching COVID-19 but it’s also made many organisations a target for cyber criminals. Password spraying, social engineering and Zoom hacking are three of the biggest threats during the pandemic, but relatively simple measures can help to prevent them.
Password spraying has been used by malicious groups to target healthcare bodies, pharmaceutical companies, academia, medical research organisations, and local government, although it’s been effective against other companies in the past.
It involves collating a list of names of people working at a particular company. The attackers can identify email accounts belonging to employees and “spray” all of them at once with a single, commonly used password. Typical examples are the month of the year, the season, or even the name of the company.
From an attacker’s perspective, they only need to get lucky once, and that might not be too difficult. In 2018, research by the National Cyber Security Centre (NCSC) found that 75% of organisations had accounts with passwords that featured in a list of the top 1,000 most commonly used.
If successful, an attacker can go on to steal data such as an organisation’s Global Address List and use password spraying again on a much larger scale. Or they could use the same login credentials to access other accounts. What’s more, password spraying can be hard to detect as it doesn’t attempt to break into the same account multiple times.
Research by the National Cyber Security Centre (NCSC) found that 75% of organisations had accounts with passwords that featured in a list of the top 1,000 most commonly used.
To prevent password spraying, NCSC recommends implementing two-factor authentication and encouraging users to choose passwords made up of three random words. It says companies should “configure protective monitoring over externally-reachable authentication endpoints” and consider password alternatives such as SSO and biometrics.
Another way that cyber criminals are exploiting the pandemic is through low-tech, but highly effective, social engineering. Emails with subject lines including “2020 Coronavirus Updates”, “2019-nCov: New confirmed cases in your City” and “2019-nCov: Coronavirus outbreak in your city (Emergency)” encourage users to visit a website and give up usernames, passwords, credit cards and other personal information.
The emails typically purport to be from a trusted authority such as the World Health Organization, banks, the Government or even “COVID”. As well as email, such messages have been sent by WhatsApp and other messaging services. Text messages purporting to be from the Government have offered support payments, complete with a fake link to apply for compensation. Beating social engineering scams relies on educating users, and NCSC has plenty of advice on its website. But it also says that organisations should plan for a percentage of such attacks being successful.
As well as harvesting personal data, fake COVID-19 messages are also being used to spread malware. Typically, opening an attachment will download a malicious file. Some attachments purport to be pictures of medical equipment, while others are Excel files that, if clicked, install malware. The software can then download other programs, including ransomware.
To combat criminal emails, the NCSC recently launched the Suspicious Email Reporting Service (SERS). In its first two weeks, 160,000 scam emails were reported, leading to more than 300 fake websites being taken down - among them were fake GOV.uk, TV Licensing, and sites listing fake medical products including kits, face masks, and vaccines. It’s some progress in the ongoing battle with cyber criminals.
In the first two weeks of the Suspicious Email Reporting Service (SERS), 160,000 scam emails were reported and more than 300 fake websites were taken down.
How to keep video meetings safe
With almost all meetings now taking place online, cyber criminals are targeting widespread tools including Zoom and Microsoft teams. In one case, hackers accessed a children’s fitness class and streamed distressing video to participants.
Follow these tips to keep your meetings secure:
- Only share meeting details privately with individuals – don’t use social media or any other public forum.
- User a random meeting ID – this is 11 digits long – rather than your personal ID.
- Ensure that all participants require a password to access the meeting.
- Employ the waiting room function of your software before you a participant.
- Lock the meeting once all participants have joined. In Zoom, under Manage Participants, click the three dots and select Lock Meeting from the options.
- Restrict screen sharing – go to Advanced Sharing Options and select ‘Only Host’.
- Ask all meeting participants to ensure they have the most up to date version of the software or app.
How can I do more?
Our sister company CRIF Decision Solutions presents KYND ON - best in class real time cyber monitoring for SMEs.
It allows businesses to identify cyber risk before attacks, data breach or business interruption actually happen. With KYND ON, you can take a step further and proactively manage your cyber risk today.
KYND’s pioneering technology and products have been developed with one aim in mind and that is to stop cyber risk from affecting any business across all sectors and industries, quickly and simply.
Credit Passport users get 10% discount from the normal price of £19 per month.
Find out more here > https://info.crifdecisionsolutions.co.uk/kynd-on
Photo by Nahel Abdul Hadi on Unsplash