ActiSoft Technology - Blog #Human Firewall

Your Money or Your Data! A Guide to Ransomware

Mon, 20 Jun 2022 10:50:48 +0000

What is Ransomware?

Ransomware is a kind of malicious code that renders a device, server or file unusable until a payment is made to a cybercriminal. Attacks have more than doubled since 2020, and a recent study found that incidents reported to the ICO grew from 326 to 654 between 2020 and 2021. Actual figures will be much higher, as not all incidents are reported (although of course they should be!). The heavily impacted sectors according to the report are finance, education and insurance, but all sorts of businesses have been affected.

Over the years ransomware has evolved and become increasingly sophisticated. While some malicious software of this kind just encrypts certain files, others have the power to completely destroy entire file systems.

How it Works

As soon as the malware has been installed – usually as the result of a user clicking on a link – the hacker takes control of the system and freezers the user out until they pay up. They often ask for payment in Bitcoin, due to its anonymity, but cyber criminals will sometimes ask for bank details or other types of payment such as Amazon gift vouchers too. Even once the ransom has been paid, there’s no guarantee users will regain full access to their files afterwards. In fact, while over half of victims pay up, but only 8% get all their data back.

The Cost of Ransomware Attacks

According to Yubico, the average cost of a ransomware attack was $1.85 million (£1.4m) in 2021. Along with the initial monetary demands, other costs include business downtime, lost sales, operating costs and legal fees. In the case of attacks where more sensitive information is compromised, costs can be as much as $4.44 million (£3.5m).

There are severe reputational costs to consider too. New strains of ransomware can affect entire supply chains, which puts partner organisations and their customers at risk. Under GDPR regulations all breaches must be reported to the ICO, which means they are also made public. Insurance companies are less likely to touch organisations that have been hit hard by ransomware attacks, and if they do, you can expect your premiums to rocket.

Once an organisation has been targeted – and agreed to pay the ransom – they then become an easy target for future ransomware attacks.

Although most cybercriminals are motivated by money and other financial rewards, others act out of spite or for political reasons. They often use a range of different methods to extort money or information, and in some cases if ransoms aren’t paid they’ll even go as far as contacting customers direct and demanding money from them.

How to Prevent a Ransomware Attack

A while ago, all you needed to protect against a ransomware attack was a secure backup system and fast data restore process. Things have changed in recent years. At their worst, modern attacks can bring entire organisations to their knees, so traditional methods are no longer enough, so you need a more comprehensive, multi layered line of defence in place.

But as with most other cyber-attacks, the best way to avoid a costly ransomware attack is by creating a culture of awareness and making sure your staff have the right training. Malicious software can only be installed if a human allows it, so it’s essential that everyone knows what to look out for.

Here are some steps you can take to minimise the risks:

Make sure everyone in your organisation is trained and knows to never click on unverified links
Have all your emails scanned for malware
Install firewalls and Endpoint Protection
Only ever download from trusted sites that your IT team have approved
Keep regular backups of all your files
Avoid using public Wi-Fi
Never allow unverified, unfamiliar USBs in any of your devices
Install robust security software
Never share sensitive data with anyone you’re not 100% certain of

As specialists in cyber security, our team at Actisoft can talk you through all the risks and provide you with all the tools you need to avoid a ransomware attack. From firewalls and Endpoint Protection to Cyber Essentials accreditation and much more, we’re here to help.

Get the Manual

Start Your Free Phishing Security Test

Find out what percentage of your employees are Phish-prone

Did you know that 91% of successful data breaches started with a spear phishing attack?

Find out what percentage of your employees are Phish-prone™ with your free phishing security test. Plus, see how you stack up against your peers with the new phishing Industry Benchmarks!

IT pros have realised that simulated phishing tests are urgently needed as an additional security layer. Today, phishing your own users is just as important as having antivirus and a firewall. It is a fun and an effective cybersecurity best practice to patch your last line of defence: USERS

Why? If you don't do it yourself, the bad guys will.

Here's how it works:

Immediately start your test for up to 100 users (no need to talk to anyone)
Select from 20+ languages and customise the phishing test template based on your environment
Choose the landing page your users see after they click
Show users which red flags they missed, or a 404 page
Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
See how your organisation compares to others in your industry

The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

Start phishing your users now. Fill out the form, and get started immediately!

Try It Now!

What You Need to Know About Phishing: The Biggest Threat to UK Organisations

Wed, 15 Jun 2022 12:28:33 +0000

Phishing is an attempt by cybercriminals posing as legitimate institutions, usually (but not always!) via email, to obtain sensitive information from targeted individuals.

These attacks are on the rise, with more than 80% of organisations being targeted in 2021 alone. One of the most frustrating things about phishing is that these attacks are becoming so realistic and sophisticated that it’s becoming increasingly hard to spot them. So, even if you think you know everything there is to know about online scams, it’s still surprisingly easy to get caught out.

There are many different types of phishing, but in this post we’ll concentrate on the most common types affecting UK businesses right now.

Email Phishing

Most phishing attacks are deployed via email, and hackers are getting really good at creating fake accounts that look just like the real thing. They register fake domains that mimic well known organisations (such as Amazon, the NHS or Google) and send thousands of generic emails in what’s known as a “spray and pray” approach. The idea is that if they send a massive amount of emails, at least a few people will respond.

These attacks are on the rise because they work. The fake domains they create are so realistic that targets have to look really closely – they copy the logos and font type exactly, and often just one character is out of place in the email address. Many recipients see something that looks very familiar and assume it’s safe. As soon as they click on the link or download the attachment, it’s too late.

Spear Phishing

This is a more sophisticated type of email phishing attack. Instead of using a “spray and pray” approach cyber criminals will target particular people within an organisation, which involves more time and effort.

Before they send their malicious emails, hackers will have gathered important information about their targets including things like their name, job title, work location, email address and other specific information about their role. These attacks are particularly hard to identify because they address the user by name and often refer to other members of staff, meetings or work activities that are familiar to the target. Unlike the email scams of old, they’re often written in perfect English and seem totally legitimate – so it’s often only a matter of time before the hacker has access to the user’s data.

Whaling

Whaling attacks go a step further, and are usually aimed at senior staff members within an organisation. Whaling emails tend to be more subtle, and they’re less likely to use tricks like fake links. Instead, they’re likely to pose as a CEO or board member requesting vital information or the transfer of funds. The hackers create a sense of urgency, saying things like “I know you might be busy but really need you to get this done now” and they rely on employees being keen to keep their bosses happy.

Angler Phishing

This is a relatively new form of attack, which is deployed via social media. Hackers share posts including fake URLs, cloned websites and infected links and use instant messages to encourage victims to download malware. Cyber criminals keep an eye out for customers contacting organisations with complaints, then hijack the organisations’ social media accounts and ask for the customers to provide their bank account details in order to receive a refund. Of course, that refund never happens, and scammers walk away with valuable data and banking information.

Smishing and Vishing

These are more like old school hacks because they take place over the phone rather than via email, but they’re no less damaging. In a smishing attack, the victim will receive a text message asking them to follow a link or download a piece of software to their phones, while a vishing attack involves a telephone conversation. A common tactic is for criminals to pretend to be calling from a bank, alerting victims to suspicious activities on their accounts. Attacks of this kind can look incredibly realistic these days, and hackers rely on the fact that when people are stressed and under pressure they’re more likely to make silly mistakes.

Phishing attacks are estimated to cost the UK economy over £5 billion a year. The best way to prevent these attacks is with anti-phishing and anti-spam software, but it’s also essential to stay aware and on guard – which goes for smishing and vishing too. This means ensuring all staff are regularly trained and understand how to spot a potential threat.

For more detail about different types of phishing, our partner Fortinet has put together a comprehensive list you can also visit our Phishing page. We are also happy to talk to you about the most common threats to your organisation and deliver cyber security training. Contact us today for a no obligation quote!

Start Your Free Phishing Security Test

Find out what percentage of your employees are Phish-prone

Did you know that 91% of successful data breaches started with a spear phishing attack?

Find out what percentage of your employees are Phish-prone™ with your free phishing security test. Plus, see how you stack up against your peers with the new phishing Industry Benchmarks!

Why? If you don't do it yourself, the bad guys will.

Here's how it works:

Immediately start your test for up to 100 users (no need to talk to anyone)
Select from 20+ languages and customise the phishing test template based on your environment
Choose the landing page your users see after they click
Show users which red flags they missed, or a 404 page
Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
See how your organisation compares to others in your industry

The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

Start phishing your users now. Fill out the form, and get started immediately!

Try It Now!

How to Run a Successful Security Awareness Training Program

Fri, 01 Oct 2021 15:18:27 +0000

Blog courtesy of KnowBe4

Written by Stu Sjouwerman

As we're now in Cybersecurity Awareness Month, thinking about how to strengthen your security awareness training program is probably top of mind.

Luckily, we've got you covered with helpful tips you can use to run a strong security awareness training program in your organisation! We asked our Security Awareness Advocates for their expert advice on questions like how to get started, how to motivate your users, and how to develop a strong security culture over time. While not an exhaustive list, here is a handy one-sheet with what they had to say:

Click here to download the full infographic

Critical components of a successful security awareness program:

Use good, high quality content that’s highly relevant to your users
Reinforce the training with regular simulated phishing attacks
Stay current with what is happening in real phishing attacks - mirror the topics and methods used by cybercriminals

How to motivate your users to do their training on time:

Lead with a carrot, not a stick! Reward users upon completion (could be a sticker, certificate, raffling off a gift card, etc.)
Make it a game and create healthy competition between departments or other groups
Get your leadership involved publicly - make sure it’s well known and seen. It will make the rest of the organisation want to follow in their footsteps

How to gain and maintain executive support for your security awareness program:

Speak their language: Don’t get too technical, and tie it to business objectives (risk, reputation, business benefits, profit and loss impact, etc.)
Address the “why” and how does it help your organisation be more successful
Talk about cybersecurity in the news, how it was a result of human error, and how this program will help to mitigate human error

How to measure the benefits of a successful security awareness program:

Track metrics like the phish-prone percentage of your organisation or number of phishing emails reported over time
Conduct surveys with different stakeholders to gauge their perception of the program’s success
Whatever you use to measure success, make sure it is defined, agreed upon and tracked

How to develop a stronger security awareness culture over time:

Evaluate your organisation against the 7 dimensions of security culture, and measure it against your industry’s benchmarks (we have done studies on this!)
Tie your security culture into your overall organisational culture so the two are not at odds
Understand that there is no fast track to a good security culture - by consistently following the advice above, you will develop a strong security awareness culture over time

We hope these tips can help you implement new-school security awareness training for your users. Here are more in-depth videos on our partner support site. Make sure you're prepared for Cybersecurity Awareness Month and beyond!

Get Your Free 2021 Cybersecurity Awareness Month Resource Kit

In today's hybrid work environment, your users are more susceptible than ever to attacks like phishing and social engineering. Cybercriminals know this and are constantly changing tactics to exploit new vulnerabilities. We've put together these resources so you can keep your users on their toes with security top of mind. Request your kit now to help your users defend against cybercrime whether they are fully remote, back in the office, or a combination of both.

Here's what you'll get:

Access to free resources for you including our most popular on-demand webinar and whitepaper
Resources to help you plan your activities, including your Cybersecurity Awareness Month Guide and Cybersecurity Awareness Weekly Planner
Two free training modules for your users; "Your Role: Internet Security and You" and "2021 Social Engineering Red Flags," both available in multiple languages
Resources to share with your users including Kevin Mitnick cybersecurity demo videos, infographics, tip sheets, awareness posters, and wallpapers
All assets are printable and available digitally, so they can be delivered to your users no matter where they are working from

Get Your Free Resource Kit Now!

Probability of Experiencing a Vendor Email Compromise Attack Increases 96%

Mon, 20 Sep 2021 14:51:00 +0000

Blog courtesy of KnowBe4

Written by Stu Sjouwerman

Vendor Email Compromise requires first taking control of a strategic email account within the victim organisations. According to new data, cybercriminals are getting really good at this.

Vendor Email Compromise – an attack where an email account is actually taken over rather than simply spoofed as seen in business email compromise attacks – can have a far greater impact on the organisation. Emails coming from a threat actor-controlled legitimate email account are much harder – if not impossible – to discern as being malicious in nature.

According to new data in Abnormal Security’s Q3 2021 Email Threat Report, email account takeovers are rising in both number and success rates:

The chance of experiencing a VEC attack has risen 96% over the last 12 months
Mid-sized companies are 43% likely to have at least one account takeover per quarter
Enterprises with 50K+ employees are 60% likely to be a victim of account takeover
The C-Suite is the most targeted group, at three times than VPs – the next targeted group
14% of account takeovers occur at department head levels within organizations
The average request in a VEC attack is $183,000, with the highest documented being $1.6 million

With the potential for VEC attacks to cost organisation’s millions annually, it’s first imperative to protect email accounts from the possibility of account takeover using multi-factor authentication and zero trust solutions that scrutinise requests to access email. It’s equally important to educate users involved with the organisation’s finances using Security Awareness Training to maintain a sense of vigilance – even when a request comes from a legitimate source. It’s necessary to validate any unexpected requests using a separate communication medium to ensure the person believed to be asking is actually doing so.

Request A Demo: KCM GRC

The new KCM GRC platform helps you get your audits done in half the time, is easy to use, and is surprisingly affordable. No more: "UGH, is it that time again!"

With KCM GRC you can:

Reduce the amount of time and money required to easily manage your compliance, risk and audit requirements
Automate reminders so you can quickly see what tasks have been completed, not met, and are past due
Simplify risk management with an intuitive interface simple workflow based on NIST 800-30.
Efficiently manage your third-party vendor risk requirements
Quickly implement compliance and risk assessment processes using KnowBe4's pre-built requirements and assessment templates

Request Your Demo!

Enterprise Organisations Have as Much as an 85% Chance of Receiving a BEC Attack Every Week

Mon, 20 Sep 2021 08:31:00 +0000

Blog courtesy of KnowBe4

Written by Stu Sjouwerman

In addition to enterprises having a high probability of attack, according to Abnormal Security’s Q3 2021 Email Threat Report, businesses of every size are at risk:

Small organisations under 500 employees have a 42% probability of receiving a BEC attack each week
Mid-sized organisations, a 60-70% chance

Part of this growth is the expansion in operational methods used by cybercriminal groups seen on the dark web. Posts on cybercrime forums have been spotted that attempt to recruit or outsource functions related to BEC scams – particularly those looking for native-English speakers to help improve the credibility and efficacy of social engineering elements in BEC attacks.

Because BEC relies pretty heavily on social engineering and spoofing companies, domains, and/or an individual, putting employees through Security Awareness Training is an effective way to minimise the threat surface of phishing attacks and stop BEC attacks before they have an opportunity to make an organisation a victim.

Can hackers spoof an email address of your own domain?

Are you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit "CEO Fraud", penetrating your network is like taking candy from a baby.

Now they can launch a "CEO fraud" spear phishing attack on your organisation, and that type of attack is very hard to defend against, unless your users are highly ‘security awareness’ trained.

Find out now if your domain can be spoofed. The Domain Spoof Test (DST) is a one-time free service. Run this test so you can address any mail server configuration issues that are found.

Try To Spoof Me!

U.K. Organisations See Double the Number of Ransomware Attacks in the First Half of 2021

Tue, 31 Aug 2021 07:28:00 +0000

Blog courtesy of KnowBe4

Written by Stu Sjouwerman

Additionally, 63% of U.K. businesses affected by ransomware reported their organisations' brand was negatively impacted, according to CyberReason’s Ransomware: The True Cost To Business report, making ransomware a legitimate threat to business longevity in the U.K.

CybSafe’s analysis found that phishing was the primary cause of all cyber breaches reported to the ICO in the first half of this year, making up 40% of all successful attacks. Phishing continues to be a thorn in cybersecurity’s side, with some percentage of attacks finding their way past security solutions and into the Inbox where an unsuspecting user is fooled into clicking on malicious links and attachments.

It’s only through continual Security Awareness Training that users will elevate their state of vigilance, always being on the lookout for malicious content and reducing whatever threat surface remains by the time an attack reaches the Inbox.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 22 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

Here's how it works:

100% harmless simulation of real ransomware and cryptomining infections
Does not use any of your own files
Tests 21 types of infection scenarios
Just download the install and run it
Results in a few minutes!

Get RanSim!

Defending Against Ransomware Attacks Should Start (and Can End) With Security Awareness Training

Fri, 20 Aug 2021 13:45:50 +0000

Blog courtesy of KnowBe4

Written by Stu Sjouwerman

Most cybersecurity strategies focus on layering in security solutions that prevent, detect, and respond to any kind of malware-based attacks – which includes ransomware. One aspect of the attack chain that can have a material impact on the effectiveness of your ransomware defence is the very prevalent human element. In most cases, phishing attacks are the primary initial attack vector, causing your users to stand squarely in between the ransomware attack and your organisation.

No single security solution can stop every attack, so it makes sense that because ransomware gangs – in part – require users to interact with malicious email content to enable an attack, educating those users via Security Awareness Training to spot an attack to stop it from ever continuing.

So, your ransomware defence strategy should start with Security Awareness Training because you have no guarantee that the next attack will be stopped by solutions. But a user can make the difference between a boring normal workday and one where your entire operations has come to a screeching halt.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

Here's how it works:

100% harmless simulation of real ransomware and cryptomining infections
Does not use any of your own files
Tests 21 types of infection scenarios
Just download the install and run it
Results in a few minutes!

Get RanSim!

Can the Microsoft 365 Platform Be Trusted to Stop Security Breaches?

Fri, 20 Aug 2021 13:45:50 +0000

Blog courtesy of KnowBe4

Written by Stu Sjouwerman

Lax security policies, a lack of security measures and solutions in place, and an expectation that Microsoft will address any security issues is putting organisations at risk.

Microsoft has gone to great lengths to ensure their Microsoft 365 platform offers modern security measures to keep their customers' data safe. But according to new data from cloud email security provider Hornet Security, 25% of organisations have reported a known email-based security breach, and it begs the question “why?”

According to Hornet Security, a lot of the issue resides with organisations not taking advantage of security features – whether from Microsoft or a third-party:

33% of organisations are not using Microsoft’s multi-factor authentication (MFA)
Of those using MFA, 55% of organisations are not using Conditional Access which scrutinizes connection requests beyond just providing credentials and additional authentication factors
Only 43% leverage Microsoft’s data loss prevention policies to keep data from leaving the organisation
68% of organisations expect Microsoft to keep email safe from threats

What’s interesting is that almost none of these features (with the exception of MFA) address the core issue – phishing and compromised credentials. For every organisation that has experienced a security breach, there’s a phishing email riddled with social engineering tactics and, more importantly, a recipient user who engages and activates attacker’s malicious content.

It’s imperative that organisations recognise the need to follow the attack kill chain and see one of the weakest links is the user who unwittingly enables threat actors by falling for phishing scams. Users that undergo continual Security Awareness Training are better equipped on a daily basis to see phishing attacks for what they really are and keep the organization safe by not playing their role in an email-based attack.

Request A Demo: Security Awareness Training

New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilise users as your last line of defence. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Save My Spot!