Friday 11 June 2021

Why Freelancers Should Prioritise Cybersecurity

Article by Beau Peters

As a freelancer in any industry, you are likely more susceptible to hackers and cybercrime than many other professions. Not only are you pulling in a constant stream of customer data, but as a worker on the go, you likely work exclusively in the digital realm with all of your information in the online space. That means that you are basically presenting data on a silver platter for cybercriminals to find and use for malicious purposes.

If you take your business seriously, then cybersecurity needs to be your top priority, not only for your clients but also for the stability of your own enterprise. Luckily, you can stay out of the way of cybercriminals by implementing a few basic security features along with an understanding of common threats. We’ll explain both solutions below.

Protect Client Data
It is important to remember that just about any piece of client data can be used by cybercriminals to cause havoc. Credit card and social security numbers are especially dangerous, as they can be used to take out fraudulent loans and commit identity fraud that could lead to financial and emotional issues as your customers frantically try to get their life back together.

Keep in mind that it is not only the data you acquire from customers that need to be protected. As a freelancer, you are likely working on many different websites with many different companies, and the cookies and browsing breadcrumbs you leave behind are also loaded with customer data as well as your own. If you don’t protect your systems, that data can be easily extracted by hackers.

If you think you are safer because you have a smaller business, think again. Hackers tend to go after smaller targets often because they know that freelancers and new organizations often don’t have the resources or security procedures in place to protect their data, and even if the hackers only get away with a small amount of private customer data, that information is just as valuable to hackers and dangerous on the black market.

If you do have a client who becomes the victim of cybercrime and it is connected back to you, it could mean a hit to your reputation that you may not be able to come back from, and as a smaller business, you may not want that type of heat. Recent statistics show that the cost of a breach could be as much as £285k ($200k) in penalties and repairs, so if you don’t bring in that kind of money, caution is of the utmost importance.

Avoid Common Scams and Sketchy Characters
Since you are likely a one-person company that doesn’t have an IT team to detect issues and solve problems, you will need to be extra cautious of the companies and clients with which you interact. Part of that is being aware of common scams that could spell big trouble. Phishing emails are often sent by a hacker and they continue to be a constant threat. If you are contacted by a freelance client that seems too good to be true or asks for private information upfront, you may be dealing with a hacker.

You must complete your due diligence when it comes to finding and accepting freelance clients. Before you start sharing with them, get their contact information and look them up online to see if they have a digital footprint. A first step in determining if they are legitimate is by searching online with the keywords “company’s name + scam” or “company’s name + lawsuit,” and see what comes up. Also, use your network of writers and on LinkedIn to ask if your associates have heard of the company and if they have a good reputation.

Another common scam that you should be aware of has little to do with who you work with, but instead, where you do your work. The man-in-the-middle attack is when a hacker sets up a fake Wi-Fi network in a public place and tries to gain the victim’s attention by saying that it is free or by attempting to mimic the real Wi-Fi at the establishment. When you connect to this fake network, you are really connecting directly to the hacker’s computer, and from there, they can take any data they want from your machine. To avoid this scam, always take the time to ask the proprietor of the establishment for the correct Wi-Fi, so you know it is legitimate.

Securing Your Work at All Times
To have the best chance of avoiding these issues now and in the future, you will want to build your computer network like a fortress. Not only will taking the proper precautions keep you out of financial trouble, but you could also advertise in your job pitches how secure your business really is. Start with smart passwords. Every program you use should have a strong password that utilises a combination of letters, numbers, and special characters, and every password you use should be unique.

The next step in setting up your security fortress is installing software that will keep cybercriminals at bay. Start by installing antivirus software and use it to scan your system every week for malware and viruses. Always make it a point to update your antivirus software whenever a new version is available so you get the latest protection. On top of that, you should install a virtual private network (VPN), which will disguise your location and encrypt all of your precious information.

Along with keeping your data secure, you will also want to keep all-important personal and client data stored on a dependable backup server. This will come in handy if you ever lose your computer or if you are the target of ransomware, which is an attack where hackers try to take control of your system until you pay them money to release it. If you have a backup, you can recover the data without playing into the hacker’s game.

You’ve worked hard to create your freelance business, so you should do everything in your power to protect it. Try the solutions described above and your business will remain strong and secure.

Tuesday 8 June 2021

Top Cyber Security Challenges Post Lockdown

By Sam Jones | Cyber Tec Security

Not too long ago things were looking bleak for the world, still under the dark cloud of the COVID pandemic, but with vaccine rollouts now taking place worldwide, there is finally a light at the end of the tunnel. It’s important to remember, however, as we slowly transition back into some semblance of normality, that there will be new challenges to face in all facets of life, and the Cyber Security sector is no exception.

The Rise in Cyber Threat
While the COVID pandemic loomed, the world was simultaneously dealing with a slightly different type of pandemic - a cyber one. The number of cyber attacks on businesses rose dramatically over the course of the last year, with estimated increases as high as 90%.

Organisations were forced to quickly adapt and move operations out of the office and into home environments, often bypassing best practices for a secure migration. Hackers took advantage of this confusion and chaos and focused on exploiting the vulnerabilities of those at home, who were working more independently and potentially on devices that did not align with critical security controls.

The pandemic offered new opportunities for cybercriminals to develop more sophisticated attacks, with the number of novel attack techniques rising to 35%, 15% greater than pre-pandemic. The good news is that the increase in cyber attacks has likely brought to light the importance of cyber security and implementing effective measures to protect against these threats.

Hybrid Working
The pandemic has proved that remote working is indeed possible and it is probable that not all businesses will return to the office post lockdown, at least not full time. There may be more leniency with employees wanting to work from home more frequently, but this new world of hybrid working could create challenges for cyber security.

Organisations will have to be wary that employees may be moving from a secure office environment to vulnerable home environments where they could be operating with inadequate security measures in place. In the rush to home working, companies were forced into being less restrictive with security policies and plenty of staff were using their own personal devices and network. But with such little visibility and control, there was no way of knowing what vulnerabilities there may have been - devices may not have been patched, home networks were potentially insecure, and company policies and processes ignored.

This is all about understanding how we control an environment that is now a bigger risk because our network has increased from perhaps one or two locations to potentially hundreds.” CTO, Cyber Tec Security

If businesses are going to operate effectively in this hybrid working style, they will need to bear in mind certain security considerations. Many will find it beneficial to introduce a home working policy or alter other company security policies to reflect new vulnerabilities. While employees will still need to access company data at home, it is imperative that this is done securely, with data protection tools and policies put in place and the use of a VPN for secure communication channels. Companies might consider providing company hardware to remote employees, but if personal devices are used at home to access data, they will need to be securely set up and regularly audited.

Human error is still the number one cause of cyber attack and home working could make this even more prominent. In 2020, Verizon found that 67% of cyber attacks were down to phishing and Business Email Compromise. Phishing links are still clicked on and while this is likely due to poor cyber awareness, the situation could be worse in a home environment with greater dependence on email for work requests and less support and supervision.

Ultimately, organisations will need to cultivate a culture of security awareness and provide employees with relevant cyber training and resources to help minimise cyber risk and ensure individuals are fully equipped as they transition to this hybrid working style.

A Shift in Priorities
After a hard-hitting 12-14 months and a spike in cybercrime, businesses that may have not considered their cyber security before will now have it on their radar. Certain advancements can and should be made internally post-pandemic, such as developing new policies to incorporate home working and BYOD, and ensuring an incident response plan is in place.

Recent Supply Chain attacks like SolarWinds should also compel businesses to start looking at managing the security of their third parties, which are a common way for cybercriminals to gain access and cause disruption to multiple organisations in a supply chain.

Although some businesses will have the luxury of investing big money into more advanced security solutions and cyber insurance as a response to the pandemic, others will be facing budget limitations after a hard year. Regardless, no business can afford to ignore the cyber threat post-pandemic, but for most, it will be a case of identifying and prioritising risk reduction strategies to best fit your company’s funds and resources.

The pandemic has forged a new security landscape and businesses have been forced to see the importance of being able to quickly adapt to changes in our working styles and environments. Cybercrime is not going anywhere in the post-pandemic world but by being well prepared in the face of these new security challenges, businesses can stay secure and successfully protect against the cyber threat.

Tuesday 1 June 2021

Cyber Security Roundup for June 2021


A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, May 2021.

UK Smarties Cities Cybersecurity Warning
The UK National Cyber Security Centre (NCSC) published its Smart Cities (connected places) guidance for UK local authorities. NCSC warned UK Smart Cities will be highly targeted by hackers, and as such, councils need to ensure they are properly prepared as they rollout increasingly connected and technology-reliant infrastructure. The NCSC said critical public services must be protected from disruption, while sensitive data also needs to be secured from being stolen in large volumes. Smart cities and connected rural environments promise a host of benefits for UK society, for instance, sensors will monitor pollution, real-time information on parking spaces, while cameras will track congestion and smartly manage traffic flow. However, another concern is the large volumes of personal information that will likely be collected by smart cities technology, which could erode privacy by allowing citizens to be tracked in greater detail than ever, or could be stolen by criminals or hostile states.

The NCSC's technical director, Dr Ian Levy, referred to Hollywood depictions of cyber-attacks on critical city infrastructure. He picked out the 1969 classic movie 'The Italian Job', where a computer professor switches magnetic storage tapes running traffic in the Italian city of Turin, which causes utter gridlock, enabling a haul of gold to be stolen by mini cars weaving through the traffic chaos. "A similar 'gridlock' attack on a 21st-century city would have catastrophic impacts on the people who live and work there, and criminals wouldn't likely need physical access to the traffic control system to do it" Dr Levy warns in a blog.

Is your Home Router a Security Risk?
Which? report claimed millions of UK people could be at risk of being hacked due to using outdated home routers. The consumer watchdog examined 13 router models provided to customers by internet-service companies such as EE, Sky and Virgin Media, and found more than two-thirds had security flaws.

Use of weak passwords was a common theme with the investigation, which concluded:
  • weak default passwords cyber-criminals could hack were found on most of the routers
  • a lack of firmware updates, important for security and performance
  • a network vulnerability with EE's Brightbox 2, which could give a hacker full control of the device
The routers found lacking in security updates included:
  • Sky SR101 and SR102
  • Virgin Media Super Hub and Super Hub 2
  • TalkTalk HG635, HG523a, and HG533
Which? computing editor Kate Bevan said that a proposed UK Smart Device legislation which would ban default passwords on routers "can't come soon enough. Internet service providers should be much clearer about how many customers are using outdated routers and encourage people to update devices that pose security risks".

Eight Arrested in UK Smishing Fraud Bust
Eight UK men were arrested in an investigation into scam text messages. These scam text messages are known as "smishing" within the security industry, where text messages entice victims with a web link to either malware or malicious website, in a bid to steal personal data or bank details or to have the victim make a bogus payment. The suspects, in this case, were allegedly involved in sending fake messages posing as the Royal Mail, asking people to pay a fee to retrieve a parcel.

Colonial Pipeline DarkSide Ransomware Attack
A Russian cybercriminal group called DarkSide was said to be behind a devasting ransomware cyberattack that shut down a major fuel pipeline in the United States for several days. The cyberattack took down Colonial Pipeline's IT systems which manage a 5,500-mile pipeline network that moves some 2.5 million barrels of fuel a day from the Gulf of Mexico coast up through to New York state.  The cyberattack dominated media headlines in the United States, with US drivers warned not to panic buy petrol amid shortages in eastern states. DarkSide released a statement following the publicity, stated didn't intend to take the pipeline offline - "Our goal is to make money and not creating problems for society". CNN, the New York Times, Bloomberg and the Wall Street Journal all reported Colonial Pipeline paid $5 (£3.6) million in Bitcoin to Darkside

DarkSide is a ransomware-as-a-service platform, first seen advertised in August 2020 on Russian language hacking forums.  The service can be purchased by pre-vetted cybercriminals to deliver ransomware and to perform negotiations and accept payments from victims.  Following this attack, which garnered the focus of United States President Joe Biden and the FBIDarkSide promptly shut down its ransomware-as-service operations.

UK Foreign Secretary Dominic Raab also issued a warning to Russia on ransomware attacks, "Russia can't just wave their hands and say it's nothing to do with them", he said. "Even if it is not directly linked to the state they have a responsibility to prosecute those gangs and individuals." 

It was reported DarkSide had made at least $90m in ransom payments from about 47 other victims according to Bitcoin records. DarkSide is one of at least a dozen prolific ransomware gangs making vast profits from holding companies, schools, governments and hospitals to ransom.

Conti Ransomware takes down Ireland's Health Service
Ireland's national health service (Health Service Executive (HSE)) closed down its computer systems after reportedly being hit by the Conti ransomware group, with the cybercriminals initially asking for £14m ($20m) to restore IT systems. Ireland's Health Minister Stephen Donnelly said "the incident was having "a severe impact on health and social care services".   However, the ransomware group has since handed over software to release HSE systems for free, with the Irish government insists it did not, and would not, be paying the hackers.

Conti typically steals victims' files and encrypts the servers and workstations in an effort to force a ransom payment from the victim. If the ransom is not paid, the stolen data is sold or published to a public site controlled by the Conti actors.  The FBI issued a warning in the United States about the Conti gang targeting at least 16 healthcare networks there. More than 400 organisations have been targeted by Conti worldwide.

The BBC news website debated whether paying ransomware should be made illegal in the UK, given it is not currently explicitly illegal for UK firms, and their insurers, to pay ransoms out to cybercriminals.

More Big Data Breaches
At least 4.5 million individuals had their personal information compromised after Air India was subjected to a cyber attack. Stolen details including names, passport information and payment details stretching back 10 years were accessed by the cybercriminals.

Check Point researchers reported Amazon Web Services System Manager (SSM) misconfigurations led to the potential exposure of more than 5 million documents with personally identifiable information and credit card transactions on more than 3,000 SSM documents. Check Point said they have worked with AWS Security to provide customers with the necessary information to help them resolve any configuration issues with the SSMs. Developers did not adhere to the AWS best practices.

Check Point researchers also reported that in analysing Android apps on open databases they discovered serious cloud misconfigurations that led to the potential exposure of data belonging to more than 100 million users. Check Point explained how the misuse of a real-time database, notification managers, and storage exposed the personal data of users, leaving corporate resources vulnerable to bad threat actors.

Stay safe and secure.