Arx Alliance Cyber Security Newsletter #1

Arx Alliance Cyber Security Newsletter

Originally published October 4, 2021 at ARX 

 

Welcome to our inaugural newsletter! Thank you for taking the time to spend a few minutes with us as we discuss the world of cybersecurity and try to share interesting stories, perspectives, and news. Those who know us already will know we are a massive advocate for the ‘little guy’ and feel more needs to be done to help create visibility, transparency, and increased education for SMEs who would otherwise not be in a position to combat or even manage an ever-worsening world of cyber. Therefore, we genuinely hope this monthly sharing of information will help organisations, both small and large, better understand and therefore manage their respective landscapes when it comes to cybersecurity and supply chain risk management.

Modern day cyber attacks

Let me first begin with a question: how many companies out there (regardless of size) believe they are immune to a cyber-attack? In my humble opinion, the simple answer is a big fat zero! Size clearly does not play a role in an organisations ability to avoid attacks which has been proven time and again as some of the largest tech companies in the world have fallen victim on multiple occasions. It therefore won’t surprise many that more than 90% of industrial companies are open to cyber-attacks. Perhaps this is due to their perceived lack of industrial organisations being tech-savvy. One such (worrying) stat was that “…penetration testers gained access to the industrial control systems (ICS) networks at 75% of these companies“. Let’s also not forget, these are often large organisations who demand and work with a large network of suppliers therefore potentially resulting in a knock-on effect that no one would want to experience. Some eye-opening & eye-catching stats within which are worth a read!

There are of course plenty of preventative measures available (but as mentioned above, unfortunately not accessible for all) however, as the old adage goes look close to home first and foremost to begin addressing issues. But what does this actually mean in a practical sense?! It’s not as complicated as it might sound at first with six basic things one can do to prevent being hacked. Changing personal behaviours will not only help individuals in their usage of personal devices but also when using company infrastructure. For instance, using free to use authenticator tools by turning on two-/multi-factor authentication and using a password manager would be two great steps to get us all started.

The importance of multi-factor authentication and strong passwords seems obvious but is regularly overlooked by the masses. This helps protect data, devices, and systems from unauthorised access. There have been many examples of poor password strength being used repeatedly including the use of the same ‘weak’ passwords for most (if not all) access. Let’s not forget, hackers are continually upping their game to ensure they can access what we don’t want them to; therefore, meaning we have to continually up our game too to stay one- step ahead. A simple change in approach of regular password changes and the use of password managers to help generate random passwords would make a material difference in this line of defence.

What are sniffing attacks?

It is important the industry terminology and acronyms don’t put people off from exploring approaches and solutions to addressing cyber issues. This not only helps cut through the jargon but also results in the basic measures being put into place for what’s (at some point inevitably) to come. Sniffing attacks is one such term that is gaining prominence among cybercriminals today to steal customer data and compromise network security.

To put into perspective exactly how much cyber criminals are raising their game, it might surprise you to know that these attacks are not at all random and opportunistic as one might think. There is a whole ecosystem where hackers can actually purchase access to victims’ networks from other cybercriminal groups and initial access brokers (IABs). Attackers are so savvy they have lists based on Geography, Revenue, Sectors, and Access Type which they are explicitly looking for in terms of vulnerabilities to target. This has gone so far that its even has a mainstream and very much identifiable name: Ransomware- as-a-Service (RaaS) with pricing far outweighed by the potential of payouts.

It is therefore no surprise that the cyber security industry is combatting people burnout! The ‘defenders’ of the peace are not only inundated but often the unsung heroes as their visibility is reduced the better the job they perform. This is of course due to increased cybercriminal sophistication which in turn means things need to change with some practice changes including investing in solutions that empower these teams to detect and stop attacks. The added ability to provide non-IT jargon-based management reports would be a massive plus to these individuals in helping to facilitate decision making at the very top. This approach will in turn promote a proactive and preventative strategy rather than fire-fighting once the problem has landed on their doorstep. Some food for thought!

Prevention and education!

Words by Dishang, COO Arx Alliance, COO Leading Point