Successful security audit

How can your business manage a successful security audit? IT audits—no one enjoys them, but they are a critical part of today’s IT security solutions. Audits are necessary to keep your company’s network and assets safe and secure.

While it is true audits are necessary, dealing with outside auditors can be a less than pleasant experience. What happens if they make a mistake? What if they don’t do their work properly? Then as the leader of the IT department, you’ll bear the responsibility, especially if an intruder subsequently makes their way into your systems.

Is there a way to have a successful audit, even when bringing in outside auditors? The answer is yes, when the audit is done in the right way and with the right auditor.  In a recent article by Mark Weir from from Techrader, he asks how much security is enough?

Successful security audit

Cybersecurity is a major concern for businesses, especially since hackers are getting smarter and bolder.
To protect your company, a robust cybersecurity strategy is vital.

Establish security through annual audits

While security audits are important, many companies fail to conduct annual audits on their networks. The reasons for this are many. Some view this as unnecessary—if they’ve not suffered an incident, then they must have strong enough security. Another reason could be the expense of having an audit each year.

While these reasons may seem understandable, the fact is that businesses are facing more security breeches than ever before. This is true for businesses of all sizes—from corporations down to small businesses. Now is the right time to ensure your network is secure, rather than waiting to be hacked.

If your company has never conducted a security audit, then it’s time to implement annual audits. You might think of an annual security audit as being similar to having a physical each year. The doctor does a first physical exam and uses this as a comparison for future physicals. When something is different in a subsequent physical exam, then it must be investigated.

Spell Out Your Objectives

When it comes to finding the right auditor, it’s a good idea to develop your audit objectives in advance. These may include:

  1. Writing down a list of all company assets (including data, computer equipment, and more)
  2. Define the security perimeter: things that will be included and those that will not be included in the audit.
  3. Define threats
  4. Prioritise Risks
  5. Make a list of security improvements and best practices to eliminate threats

Now you have a list of objectives for the audit, meaning these are the areas that the auditor needs to focus on.

Choose auditors with experience

What you’re looking for is an auditor (or a team) that has real-world experience with security technology. This way they’ll have the ability to even the most elusive and serious security issues. You might also ask to see any published works they’ve written. This is another way to see if the auditor has the experience and the knowledge to conduct a proper security audit.

Instead, contact business connections and see if they can recommend some experienced security audit firms. In addition, ask each audit firm for a list of references to past clients, and then contact these firms and ask about their own experience with the audit firm. Once you’ve created a list of auditing firms, ask them for details on how they conduct an audit.

Prepare for the Audit

Now that you’ve found the right auditing firm, you’ll need to make sure they’re onboard with your objectives and the type of data they’ll have access to. This is where many companies and auditors have their first problem. Everyone assumes the other side knows what data will be accessed during the audit. The auditor may have their own ideas on the subject, and your company may have its own view on the matter. Never make the assumption that you and your auditor are on the same page about access to data. This is something that should be agreed to by you and your auditor before the audit begins.

In addition, it’s necessary to keep those people and departments involved in the process. You’ll want to involve the department managers who will be affected by the audit. This way, they won’t face sudden, unpleasant surprises in the course of the audit. For this reason, it’s a good idea to create some audit rules in advance:

  1. Managers will need to determine any specifics to limit impact on their systems. They may specify the day and time when testing will be optimal for their processes.
  2. Auditors will need an “indemnification statement” that gives them authorisation to conduct the audit. This should also be sent over to your ISP, so they aren’t alarmed by the large volume of port scans on their address space.
  3. Auditors generally expect access to certain data and documentation to analyse your network. These may include:
    • Copies of all policies and procedures (may include passwords, virus scanning, acceptable use info for employees), privacy guaranteed (to keep company users and client data secure), privileged access and incident handling.
    • Information about your network, and specification of target IP ranges
    • List of security devices (firewall, IDS)
    • List of software used on the network
  4. Ensure the auditor has a plan, and that they provide you with the details.
  5. When the audit’s completed, you can review the results to plan your future strategy. The audit report should cover:
    • Threat sources (internal and/or external)
    • Probability of an attack on the network
    • Impact of the attack (should outline how much money the company could use, would this affect the company’s reputation, and more)
    • Recommend actions to fix any problems

In conclusion

Whilst security audits aren’t fun, they are essential. Especially when you see trends that change overtime. The audit provides essential information on the health of your network. As well as vulnerabilities that could put your company in danger.

Contact the LIS Help Desk to conduct a security audit with confidence, knowing your network will be more secure as a result. Our experienced team are always on hand to answer your questions and keep your business secure.

LIS – SECURING YOUR DIGITAL WORLD

#Security #Audit #ITSupport

Return to work traps

As businesses transition their workforces back to the office, hackers are distributing phishing emails and malicious files disguised as COVID-19 training materials. Return to work traps are becoming more common as cyber criminals take advantage of the pandemic.

Return to work traps take advantage of employees

According to a new report from UK Tech News, criminals are setting “return to work traps”, taking advantage of the training employees need to go through as they return to the office in its new form.

They claim many workers now need to go through various tutorials, webinars and training sessions. Ensuring they are compliant with new workplace rules set up to prevent viral transmission. Sensing an opportunity, cybercriminals are disguising malware as webinar recordings and other educational material, it was said.

According to the report, these new practices are mostly reserved for businesses in North America and Europe, where lockdown measures are slowly being eased up and people are being allowed to return to work.

Return to work traps.jpg

Workers return to their offices and cyber criminals will abuse Covid-19 to spread malware and steal sensitive data.

Open emails and documents with caution

Make sure emails and documents are from a legitimate source from within the company. We are seeing a trend of hackers leveraging household names, such as Microsoft Office 365, to trick employees. One thing is for certain: the coronavirus pandemic is leading us towards a cyber-pandemic.

Protect you staff at home

Organizations are allowing employers to access work-critical information from their homes. This is  a vulnerability as many employers working from home are in need for a VPN (virtual private network). Unconsciously they are downloading software from untrustworthy sites leaving their computers infected.

In addition, the tech support scammers will also emerge, pretending to be trying to fix an IT problem. They attempt to gain control of a target’s computer; and hackers may call pretending to be another department of an organization to get access remote and tricking general staff. On a bigger scale, cyber criminal groups in Russia, China and North Korea were exploiting the growing chaos to target national governments like the US, Japan, and Italy.

While some organizations are using tech to fight coronavirus, attackers are using healthcare organizations as a target. This will be particularly dangerous as those are the most vital among us at the time. A recent example was the ransomware attack against the University Hospital in Brno, Czech Republic. One of the largest COVID-19 research labs in the country, shutting down the entire IT network and causing anxiety to an already stressed staff.

Stay safe. Protect your business

Unfortunately, we do not see cybercrime going away in the near future. Cybercrime has rocketed since the start of the Covid-19 pandemic as many try to exploit people’s fears. IS your  operating system and software up to date? Do you use the latest Anti-Virus and Anti-Spam solutions?

Contact the LIS Help Desk to discuss the most cost-effective solutions for your company. Our experienced and friendly team will make sure you have the correct protection in place. We will carry out an IT Audit and recommend upgrades to hardware and software. Why worry about your IT security? LIS take care of all your IT requirements.

LIS – SECURING YOUR DIGITAL WORLD

#Cybercrime #Security #ITSupport #AntiVirus

Cyber-attacks On UK Sports Industry

The National Cyber Security Centre (NCSC) report cyber-attacks on UK sports industry have increased. At least 70% of sporting institutions in the UK have suffered a security incident in the past 12 months.

Some of the cyber-attacks on UK sports industry are disclosed in the report Cyber threat to sports organisations. They include blocked turnstiles at stadiums after systems were taken offline by ransomware. This almost led to the cancellation of a football match. A £15,000 loss to a racecourse after a staff member fell victim to an eBay scam. It promised equipment that never materialised. Similarly, organised criminals tried to sabotage a Premier League transfer deal by hacking into emails worth £1m.

The NCSC said cyber criminals tended to use common tactics. They target the sports industry with cyber-enabled fraud and shutting down critical systems with ransomware.

Cyber-attacks On UK Sports Industry

Sports industry urged to reform cyber security after £1m Premier League phishing scam.
Greater awareness is needed by the industry as attacks increase.

Cost of the damage by cyber-attacks on UK sports industry

About 30% of the incidents reported to the NCSC caused direct financial damage to the victim. On average £10,000 per attack and the biggest single loss clocked in at £4m. Some 40% of the reported incidents involved malware and a quarter of those were ransomware attacks.

“Cyber security might not be an obvious consideration for the sports sector. Sports are slowly returning as lockdown eases. The impact of cyber criminals cashing in on this industry is real.” Said Paul Chichester, operations director at the NCSC.

Chichester added, the sports sector struggles to recover from the impact of Covid-19. Organisations could reduce their risk by paying more attention to increasing their security of attacks.

“Sport is a pillar of many of our lives. We are eagerly anticipating the return to full stadiums and a busy sporting calendar” he said. “I would urge sporting bodies to use this time to look at how they can improve security. In conclusion, acting now will help protect them and fans from the consequences of cyber-crime.”

British Olympic Association

Hugh Robertson, chairman of the British Olympic Association, said: “Improving cyber security across the sports sector is critical. The British Olympic Association sees this report as a crucial first step. It will help sports organisations to better understand the threat and highlights practical steps to improve cyber security.”

Rugby Football League

Tony Sutton, chief operating officer at the Rugby Football League, added: “The issue of cyber security is one that all sports, including rugby league, take seriously. We are growing our digital capabilities and online platforms. Protecting the governing body, members, customers and stakeholders are important and we welcome the guidance from the NCSC report.”

Make sure you are protected

Unfortunately, LIS are unable to predict when your team will win their next match. However, enjoy watching your favourite sport whatever the result.

Above all, do not make the same mistake as the sports industry. Do you have any concerns about your IT security? Then contact the LIS Help Desk and our friendly team will recommend the latest solutions to upgrade your security. However, stay safe, secure and protect your business.

LIS – SECURING YOUR DIGITAL WORLD

#CyberCrime #Security #ITSupoort #Sports

Hackers can cause injuries

Video games have been around for ages. However, technology has improved and games have become more sophisticated. More people than ever are playing especially online. Did you know hackers can cause injuries? Read this BBC report and make sure your devices are protected.

Bullets rained down from all angles but Abdelrhman Badr kept calm. Suddenly an enemy burst through a window. Abdelrhman swung round to face the soldier and save his team. He lined up his sights for a fatal shot and squeezed the trigger but… his screen went black.

All of a sudden his computer shut itself down without warning. The game he was playing had never caused problems before. He reached down and looked inside his computer, which he liked to leave open and on display in his bedroom.

Instinctively he touched one of the components, swore and pulled his hand back. The graphics card was so hot it had burned his fingers. The 18-year-old from Sheffield hadn’t realised it yet, but this minor injury was caused by crypto-jacking.

Hackers can cause injuries

Cybercriminals are always on the lookout for clever ways to turn new technology into money-making opportunities. Cryptojacking is one of their latest innovations

What is cryptojacking?

Crypto-jacking is the unauthorised and illegal use of someone’s computer to collect Bitcoin and other crypto-currencies. Criminals are using ransomware-like tactics and poisoned websites to get your employees’ computers to mine cryptocurrencies. Here’s what you can do to stop it.

Cryptojacking is the unauthorized use of someone else’s computer to mine cryptocurrency. Hackers do this by either getting the victim to click on a malicious link in an email that loads cryptomining code on the computer. They can also or infect a website or use an online advert with JavaScript code. This will auto-executes once loaded within the victim’s browser.

How cryptojacking works

Cryptojackers have more than one way to enslave your computer. One method works like classic malware. You click on a malicious link in an email and it loads cryptomining code directly onto your computer. Once your computer is infected, the cryptojacker starts working around the clock to mine cryptocurrency while staying hidden in the background. Because it resides on your PC, it’s local—a persistent threat that has infected the computer itself.

An alternative cryptojacking approach is sometimes called drive-by cryptomining. Similar to malicious advertising exploits, the scheme involves embedding a piece of JavaScript code into a Web page. After that, it performs cryptocurrency mining on user machines that visit the page.

How to prevent cryptojacking and make sure your secure

We are unable to help you level up or give you any tips to improve your gaming. We would recommend that you do not touch any parts of your computer systems. The story above illustrates, hackers cause you injuries. Leave it to the experts.

However, contact the LIS Help Desk to make sure your business systems are protected. We offer the latest Anti-Virus, Anti-Spam and Office 365 Security packages. Protect your company with our IT support contract. This gives you peace of mind to enjoy your pastimes – or maybe the latest online game 😀.

#CyberCrime #burn #HotDevices

Twitter accounts hacked

The news broke recently that major US Twitter accounts were hacked in a Bitcoin scam.

The Twitter accounts of notable billionaires were hacked, on Wednesday afternoon. These included Amazon founder Jeff Bezos, Tesla founder Elon Musk, rapper Kanye West, Microsoft founder Bill Gates, and former New York Mayor Michael Bloomberg. Politicians’ accounts, including Joe Biden and Barack Obama, were also affected soon after. “I am giving back to the community,” the tweets read. “All Bitcoin sent to the address below will be sent back doubled!”. The link to the Bitcoin wallet is consistent throughout all the tweets, suggesting a cryptocurrency scam.

The bulk of the messages have been deleted, though screenshots remain of several affected accounts:

Twitter has acknowledged the problem, but we are still very short on detail. The Biden campaign stated that the platform locked his account immediately after the breach, and removed the tweet. As part of the Twitter’s effort to solve the problem, verified accounts were restricted from tweeting for several periods on Wednesday night. The internet was alive to rumours of the removal of the verification badge.

Twitter accounts hacked

What’s the scam?

Hackers broke into the high-profile Twitter accounts and sent fake tweets offering $2,000 for every $1,000 sent to an anonymous Bitcoin address.

For instance, the message sent from  Elon Musk’s account said, “All bitcoins sent to my address below will be sent back double the amount. If you send $1,000, I will send back $2,000.” Likewise, information spread from Bill Gates’ Twitter handle said: “Everyone is asking me to give back, and now is the time.”

How did they do it?

Whilst there has been no official announcement of the method the hackers used, there are strong and consistent rumours originating from those who should know the truth. It appears that high level administration accounts were compromised, possibly through some form of social engineering, phishing or some say an ex-employee. Doubtless the truth will out. Either way this is a timely remind to lockdown your admin accounts!

Lessons for us from Twitter accounts hacked

There are no free lunches and no easy money. As an investor, you should always doubt information or schemes that offer to you an opportunity to make quick money in a very short period. The financial victims were just greedy. The other victim is the end user who places their trust in a large organization that we should be able to be rely upon to secure our data.

“Hackers had complete access to Twitter. They could post anything from any account. But they chose to seek bitcoins through false promises. People should be more careful. Most crypto giveaways that ask for contributions are scams. We hope this brings awareness, and Twitter users do not fall for these kinds of scams again,” said Arjun Vijay, Co-Founder and COO, Giottus Cryptocurrency Exchange.

Emergency response

Twitter earlier had to take the extraordinary step of stopping many verified accounts marked with blue ticks from tweeting altogether. Password reset requests were also being denied and some other “account functions” disabled. You may be sure that behind closed doors the Twitter investigation with the assistance of the FBI will be exhaustive. The reputational damage from the Twitter accounts hacked can not be over estimated.

Does your business also need an emergency response?

We would strongly urge you to review who has adminstrator rights to your world. Are you immune to this cyber threat? At the end of the day Twitter suffered from poor house keeping by a large corporate.

Protect your business with LIS

With immediate effect, we will add our Office 365 Security package to all our customers, at no cost. Amongst other benefits this gives you a monthly review of all users with administrator access and alert/approval for any changes that may occur. Irrespective of whether the change came about through staff action, hacking or some form of social engineering. We would offer it to Twitter but that horse has bolted 😀.

A strong defence against cyber-crime is essential for your business. Protect your business data and sensitive information as it flows across your organisation. Our solutions enable us to understand where you are vulnerable. We can take proactive steps to help prevent and respond to threats, in order to reduce the potential risk to your business.

Contact the LIS Help Desk to migrate to Office 365 if you don’t already subscribe. Take advantage of our Office 365 Security Package special offer. Make sure your data and email are fully protected.

Our Office 365 Security Package is a bundle of software tools, that includes:

Finally, if you need them our managed anti-virus and anti-spam protection services can be deployed within minutes. LIS provides essential protection for your business, defending you from email viruses, spam and malware.

Do not gamble with your business security – we give you peace of mind!