February 2024 Newsletter

Posted By: Mark Friday 15th March 2024 Tags: , , , , , , , , , , , ,

This month: Cyber Essentials & Cyber Essentials Plus overview; we’re going to Teesside Expo; LaneSystems team updates; ransomware threats on the rise; AI chatbot lawsuit; stolen biometrics for bank fraud.

Newsletter Image: Cyber Essentials & Cyber Essentials Plus

Cyber Essentials & Cyber Essentials Plus

What is Cyber Essentials?

Cyber Essentials is a government-backed scheme that helps businesses protect themselves against common cyber attacks by providing certification and guidance on five technical controls. Implementing these controls helps safeguard your company against common online security threats and demonstrates your commitment to cybersecurity.

What are the five technical controls that Cyber Essentials cover?

Cyber Essentials sets out five essential controls that organisations can implement immediately to strengthen their cybersecurity defences:

  1. Use a Firewall: Secure your internet connection by using a firewall. Firewalls act as a barrier between your internal network and external threats, filtering incoming and outgoing traffic.
  2. Secure Configuration: Choose the most secure settings for your devices and software. This includes configuring operating systems, applications, and network components to minimize vulnerabilities.
  3. Control Access: Control who has access to your data and services. Limit user privileges to only what is necessary for their roles. Implement strong authentication mechanisms.
  4. Malware Protection: Protect yourself from viruses and other malware. Use antivirus software, keep it up to date, and regularly scan your systems for malicious software.
  5. Patch Management: Regularly apply security updates to your systems. Keep software, operating systems, and applications patched to address known vulnerabilities.

Why should businesses consider getting Cyber Essentials Certified?

Cyber Essentials helps protect your business, builds trust with stakeholders, and opens up opportunities for growth and collaboration. Key reasons why businesses should consider getting Cyber Essentials certified include:

  • Certified Cyber Security: Cyber Essentials provides an effective, Government-backed scheme that helps organisations protect themselves against common cyber attacks. By achieving certification, you demonstrate your commitment to securing your IT infrastructure and data.
  • Reassure Customers: Certification reassures your customers that you take cybersecurity seriously. It shows that you have implemented essential security controls to safeguard their information and transactions.
  • Attract New Business: Having Cyber Essentials certification can be a competitive advantage. Potential clients and partner are more likely to choose a business that demonstrates its commitment to cybersecurity.
  • Clear Picture of Security Level: Going through the certification process gives you a comprehensive understanding of your organization’s cybersecurity posture. You’ll know where you stand and can take targeted steps to improve security.
  • Government Contracts: If you plan to bid for central government contracts, having Cyber Essentials certification is often a requirement. It’s especially crucial for contracts involving sensitive information or technical products and services.

What’s the difference between Cyber Essentials and Cyber Essentials Plus?

Cyber Essentials

Level: Basic certification.

Purpose: Aimed at businesses without dedicated 24/7 IT teams.

Assessment:

  • Self-assessment: Organisations complete a questionnaire to evaluate their security practices.
  • Guidance: Some Certification Bodies offer guided basic certification, assisting with answers.
  • Focus: Addresses fundamental security controls to protect against common attacks.

Benefits:

  • Identifies existing security weaknesses.
  • Suitable for smaller businesses with budget constraints.
  • Demonstrates commitment to cybersecurity.

Cyber Essentials Plus:

Assessment:

  • Independent review: Responses are reviewed by an external Certification Body.
  • System tests: External assessors use tools and techniques to verify controls.

Requirements:

  • Same as Cyber Essentials but with additional verification.
  • Tests carried out externally.

Benefits:

  • Provides a more comprehensive assessment.
  • Validates technical controls in place.
  • Suitable for organisations with IT departments or external expertise.

So, while Cyber Essentials offers basic security assurance, Cyber Essentials Plus goes further by independently testing and verifying security measures.

Is Cyber Essentials suitable for my company size?

Cyber Essentials benefits companies of all sizes, from macro organisations to large enterprises. The assessment recognises the international definitions of company size, from Micro organisations (0-9 employees), through Small (10-49 employees), Medium (50-249 employees) and Large (250+ employees), and is priced accordingly. And, dependent on size of business, becoming Cyber Essentials certified can take as little as three days.

Contact LaneSystems today for further information about getting your company Cyber Essentials or Cyber Essentials Plus certified.

Newsletter image: Teesside Expo Spring 2024

It’s Teesside Expo Time

LaneSystems are once again delighted to announce our attendance at the Spring 2024 Teesside Expo on Thursday, March 21st.

Michel, Lisa and Kevin will be there in the Main Hall, Wynyard Hall, between 10am-3pm,to greet you and answer any questions you may have about the world of Cyber Security, Cyber Essentials and keeping your business IT Systems protected.

Pop along and say hello!

Newsletter image: One Hello and One Goodbye

One Hello And One Goodbye

As February draws to a close, we bid a fond farewell to one of our field technicians, Adam Middleton. We appreciate all your work at LaneSystems, and wish you the best of luck with your future endeavours!

While it’s goodbye to Adam, we say hello to our new service desk apprentice, Cormac Fitzgerald. Cormac joins the LaneSystems team while completing his apprenticeship. We hope you enjoy being a part of our team!

Newsletter Image: Ransomware Threats Aren't Going Away

Ransomware Threats Aren’t Going Away

Ransomware payments in 2023 exceeded $1.1 billion, a new record total and marking a sharp reverse to the declining numbers seen in 2022. Several factors contributed to the increase:

  • The rise of ransomware-as-a-service (RaaS) models
  • The emergence of double extortion tactics
  • The targeting of larger and critical organizations
  • The relative lack of effective deterrence from law enforcement

The threat groups receiving the highest ransom payments in 2023, were ALPHV/Blackcat, Clop, Play, LockBit, BlackBasta, Royal, Ransomhouse, and Dark Angels.

A number of new-kids-on-the-block also appeared in 2023, with Akira and 8Base proving to be the most “successful” of at least 25 new ransomware gangs recorded by cyber security analysts. At least a dozen of these were connected to pre-existing groups as offshoots or rebrands. New threats were involved in a quarter of all publicly claimed ransomware incidents in 2023.

As is often the case, North America and Europe accounted for the majority of the payments, while healthcare, public administration, and professional services were the most affected sectors.

Ransomware attacks are likely to continue to pose a serious threat in 2024 and beyond, and your business needs to be prepared to prevent, mitigate, and effectively respond to ransomware incidents.

Stay Protected From Ransomware Attacks

Ransomware attacks are a serious threat to any business, as they can encrypt your data, disrupt your operations, and extort money from you. To protect your company from ransomware attacks, you should follow these general steps:

Backup Your Data

The most important step is to have a reliable and secure backup of your data, so that you can restore it in case of an attack. You should backup your data regularly, store it offline or in a separate network, and test your recovery process periodically.

Prevent Initial Access

Take action to stop attackers from gaining access to your network and systems. You should use strong passwords, multi-factor authentication, and encryption for your devices and accounts. You should also update your software, firewall, and antivirus regularly, and avoid opening suspicious links or attachments.

Detect And Respond

You should monitor your network activity, logs, and alerts for any anomalies or indicators of compromise. You should also have an incident response plan and a team ready to isolate, contain, and eradicate the threat. You should also notify authorities and any stakeholders.

These steps can help you reduce the risk and impact of ransomware attacks, but they are not foolproof. Therefore, you should also have a contingency plan and a business continuity plan in case of a successful attack. You should also educate your employees and users about the dangers and best practices of ransomware prevention.

LaneSystems provides robust business services to protect, mitigate and respond to ransomware attacks. Contact us today for further details.

Newsletter image: Air Canada's AI Chatbot Lawsuit

Air Canada’s AI Chatbot Lawsuit

In a recent groundbreaking legal battle, Air Canada, the country’s largest airline, was ordered to pay compensation to a customer who received misleading information from the airline’s artificial intelligence chatbot.

The Case

In 2022, a customer called Jake Moffatt contacted Air Canada seeking information about bereavement fares and whether retroactive refunds were possible. The chatbot advised him to apply for a refund within 90 days of ticket issuance through an online form.

Based on the chatbot’s guidance, Moffatt booked tickets for a family member’s funeral, and later applied for a refund. However, Air Canada denied the refund, claiming that bereavement rates did not apply to completed travel. The chatbot’s advice had been misleading.

In response, Air Canada made a remarkable submission as its defence during the lawsuit. They argued that the chatbot was a “separate legal entity” and thus responsible for its own actions. Despite the error, they claimed that the chatbot was simply part of their website and should be treated as such – covered by their terms of use.

The Judgement

The tribunal ruled in favor of Moffatt, stating that Air Canada should take responsibility for all information on its website, whether from static pages or its chatbot’s responses. The judge stated that customers had no way of knowing which part of the website provided accurate information and ordered the airline to pay the fare difference.

This case raises questions about oversight and accountability for chatbot services. Air Canada’s attempt to distance itself from the chatbot’s mistake by claiming it was “responsible for its own actions” highlights the challenges faced by businesses using AI tools. As companies increasingly automate services, ensuring accurate and reliable information becomes crucial.

Air Canada’s chatbot misstep serves as a wake-up call for businesses blindly relying on AI. The era of the AI chatbot demands transparency, accuracy, and accountability. Will this ruling encourage companies to check that they provide customer trust and clarity in their automated interactions?

Newsletter image: Stolen Face Scans Used In Bank Fraud

Stolen Face Scans Used In Bank Fraud

Cybercriminals are using malware to steal face scans from iOS and Android users and then use them to break into their bank accounts. This is a new and sophisticated form of fraud that involves the use of deepfake technology to create realistic face swaps that can bypass biometric verification systems.

GoldPickaxe and GoldPickaxe.iOS are trojans being used to infect users’ mobile devices, tricking users into performing biometric verification checks that are then used to bypass the same checks employed by legitimate banking apps. The attackers are currently targeting users in Vietnam and Thailand by impersonating government authorities or offering fake apps that require face scanning. The stolen biometric data is used to access the victims’ banking apps and withdraw money from their accounts.

Some experts warn that biometric tools are not as reliable as they seem and that organisations should use additional security measures to protect their users. And, while the known targets are currently in Asia, it could easily spread to other regions.

How to protect against the above types of attack

This is the first known case of iOS malware that can collect and exploit facial recognition data. So whether on iOS or Android take the following steps to try avoid falling victim

Avoid unreliable sources

Do not install apps from unofficial or untrustworthy sources. Always look to download apps from Apple’s official App Store or Google’s Play Store, and check the developer’s history and reputation.

Regularly update iOS

Keep your iPhone device always updated with the latest security updates provided by Apple.

Exercise caution when sharing information

Avoid sharing personal or sensitive information, such as photos of identity documents, through unsecure channels, such as text messages or unencrypted emails. Be wary of unknown apps asking for biometrics access.

Use antivirus software

Install and run a reputable antivirus software on your device to detect and remove any malware infections.

Enable two-factor authentication:

Use two-factor authentication for your online accounts, especially your banking apps, to add an extra layer of security and prevent unauthorized access.

Ultimately, be vigilant and report any suspicious activities or transactions to your bank and the relevant authorities.