Your team are working at home to protect them from the pandemic, but are you letting a virus into your IT Systems?

Posted By: Helen Friday 31st July 2020Tags: , , ,

There have been many unexpected impacts of the Covid-19 Pandemic across all sectors. For those of us in the IT industry the most significant of all has been the unprecedented increase in Organised Cyber Crime

An article on Statista.com, before the outbreak of the pandemic, shows the average cost of a cyber-attack to a medium sized business was £3,770, rising to £9,103.00 for a large company.  Downtime was an average of 3.4 days. 

As reported in the national news, since lockdown began, organised criminals have actively targeted companies of all sizes including BAM Construction and Interserve.  Taking advantage of the decrease in security due to homeworking, the evolution of the Cyber landscape has changed beyond comprehension. Previously tried and trusted security solutions are now becoming all but redundant. 

Average cost of all cyber security breaches for business in the United Kingdom (UK) 2019 (in GBP).

Past Security Recommendations

Over the recent years we have promoted BitDefender and ESET Endpoint to the majority of our clients. However we are becoming increasingly aware that Endpoint protection is no longer a match for the new scams and hackers. AV options are becoming much more resource hungry; taking up hundreds of Megabytes of space on systems. Crucially they are not able to adapt to new threats as fast as they are emerging.

Take a look at what happened to one of our clients;

Case Study: One click led to all their data being encrypted

Recently one of our larger clients fell victim to a Phishing attack.  By simply opening an email they thought was from their manager, a well-meaning member of staff failed to check the details of the sender, clicked on a link in the body of the email letting in the Cyber Criminals.

The attack was targeted around a Ransomware algorithm which had scanned the organisations entire network before running  a series of programs, encrypting all their data,  including backup’s.

Whilst working to recover the data for our client we made several discoveries. These findings have helped us to better understand how Ransomware is now penetrating traditional security layers, in place by most companies. Having obtained the program details and technique used in the attack via the discovery of system entry point we are now in a prime position to offer advice on developing solutions for an effective first line defence and recovery.

How do we help you adapt to beat the Hackers?

As a trusted and dedicated IT support company, it’s our job to assist clients with the recovery of data.  We are fully aware of the downtime and issues this causes.  Members of your team not able to work, the threat of a GDPR associated breach, loss of income and the potential of a ransom needing to be paid.  With this firmly in mind, Managing Director, Michel of LaneSystems and your extended team continue researching innovative new products and services. Our aim is to increase the security and protection of your networks and data from ever increasingly sophisticated Cyber-attacks.

Prevention “is better than cure”

For many of us, working from home has included the use of a VPN to remotely access company files and networks. After reviewing the attempted hacks on several clients, we now recommend the following:

Artificial Intelligence (AI) Based Anti-Virus

A new form of Anti-Virus program that assesses the behaviour of the user, you and your team.

Monitoring behavioural patterns on a day to day basis, AI based applications question any changes that seem out of the ordinary. It will continually question until either sure the user is legitimate or locking out the user and program to prevent an attack. Think of it almost like the bank calling to check if it really is you spending money in Europe.  A key feature of AI is the ability to detect file encryption activity, aka Crypto attack that often precedes a ransom request to recover your data.

AI Anti-Virus automatically stops the encryption process, reverting the files back to normal. During the process the user is locked out whilst the affected machine disabled . This prevents any further spread of the crypto hack to other machines or the organisation’s network.

Two Factor Authentication for VPN Access:

Homeworking has helped protect many from the Covid-19 virus yet opened up companies to the threat of hacking over home networks connected to company servers. A secure VPN connection to files was an excellent solution to remote working for a long time. Accessing folders and data remotely was straightforward but experiences from new Cyber attacks are proving this is no longer enough. This was unfortunately experienced by one of our clients shortly after joining us at LaneSystems.  Luckily for them we’d already put Two Factor Authentication (2FA) in place, which stopped their business network being hacked.

With a VPN in place a team member, from the Durham based business, had been working at home but noticed her phone had started to receive a huge number of messages about someone trying to access the work network and being blocked.  It transpired that the member of staff’s Tesco account had been hacked and as she used the same password for her work account the hackers thought they would try their luck.

Should a VPN password be obtained by hackers the door is left wide open to your whole network, data etc.

By implementing Two factor authentication on her mobile phone, such as the Google or Microsoft Authenticator App, the connection and identity of the user being genuine were verified in seconds, increasing security, and preventing hackers gaining access. 

Remote working doesn’t have to mean your company falls victim to phishing attacks. Ask how we can keep you secure, today.