In the wake of the escalating situation with further violations of Ukraine’s territory by Russia, the National Cyber Security Centre (NCSC) has recently released advice on how organisations in the UK can boost their online defences to combat and prevent cyber security threats.
The NCSC has urged organisations to follow its guidance on the steps that should be taken. The guidance encourages organisations to follow the steps to reduce the risk of falling victim to a cyber attack.
A cyber or cyber security threat is a malicious act that seeks to damage or steal data. Cyber threats include computer viruses and data breaches, and according to leading cyber security organisation Datto, some of the most common types of attacks are malware, phishing, zero-day exploits, denial-of-service (DoS), and password attacks.
Common types of cyber security attacks
Malware, or malicious software, is a term for software with malicious intent with the aim to steal data and damage or destroy computers and computer networks or systems. Common examples of malware include ransomware, Trojan viruses, and spyware.
Phishing is a type of social engineering attack often used to steal user data, including login details and personal information. A form of cybercrime, in phishing attacks, targets are usually contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing such things as credit card details and passwords to gain access.
A zero-day exploit is a cyberattack targeting software vulnerability when hackers take advantage of software security flaws before the victim is aware of it. Zero-day attackers work in a small window timeframe exploiting a network vulnerability when it is new before a patch is released and/or implemented.
A denial-of-service (DoS) attack is a type of cyber attack in which malicious actors aims to render a computer or other device unavailable to its intended users by interrupting its normal functioning. DoS attacks flood the target with traffic, or by sending information that will trigger a crash.
Password attacks are the most widespread methods of cyber attacks and are when a hacker attempts to steal your password by cracking or guessing it. By accessing a person’s password, an attacker can gain entry to confidential or critical data. Attackers use a number of methods to identify passwords, including social engineering.
Balancing cyber risk and defence
The NCSC outlines that while the threat an organisation faces may vary over time, there is a need to strike the correct balance between the current threat, and the measures needed to defend against it. And that there may be times when the cyber threat is greater than usual.
Their guidance advises that moving to heightened alert can help prioritise necessary cyber security work, offer a temporary boost to defences, and give organisations the best chance of preventing a cyber attack when it may be more likely, and recovering quickly if it does happen. The guidance also advises what steps should be taken by organisations in response to a heightened cyber threat.
Actions to take
1. Check your system patching: Ensure users’ desktops, laptops and mobile devices are all patched, including third-party software, and where possible turn on automatic updates. Check to make user firmware on your organisations’ devices is also patched and ensure your internet-facing services are patched from known security vulnerabilities.
2. Verify access controls: Ensure staff have unique passwords to your business and are not shared across other non-business systems. Make sure passwords are strong and unique, and any that aren’t, are changed immediately. Ideally, passwords should be made up of three random words. If you have multi-factor authentication (MFA), ensure it is configured correctly.
3. Ensure defences are working: Ensure antivirus software is installed and regularly confirm that it is active on all systems and check your firewall rules are as expected.
4. Logging and monitoring: Understand what logging you have in place and where logs are stored and for how long logs are retained.
5. Review your backups: Confirm that backups are running correctly. Perform test restorations from your backups to ensure that the restoration process is understood and familiar.
6. Incident plan: Check your incident response plan is up to date and confirm that escalation routes and contact details are up to date
7. Check your internet footprint: Check that records of your external internet-facing footprint are correct and up to date. This will include things like which IP addresses your systems use on the internet or which domain names belong to your organisation.
8. Phishing response: Ensure that staff know how to report phishing emails and ensure you have a process in place to deal with those reports.
9. Third-party access. If third-party organisations have access to your IT networks, make sure you have a clear understanding of what level of privilege is extended into your system, and to whom.
10. NCSC services: The NCSC offers various services to help understand and combat heightened cyber security threats
11. Brief your wider organisation: Ensure that other teams understand the situation and the heightened threat.
While all the steps within the actions that are advised by the NCSC are vital, there are also a number of further steps that can be made to improve cyber security within your organisation.
With the threat of cybercrime rising and always evolving it is important to implement all the processes and solutions available to you.
Cybercriminals are getting smarter, so your security needs to be stronger. Security breaches in your IT can cause you to lose valuable time, money and customers. We can take the stress away from you and implement the right security solutions to protect all areas of your infrastructure, so you can relax knowing your business is secure.
As well as implementing the latest technology into your business, we also act as your own IT consultant. We will work closely with you to understand how your business operates, what you want to achieve, and then we’ll create a solution that works for you.
Whether you have an idea of the services you require or just know the problems you want to solve, we’ll guide you every step of the way.
Get in touch with us today to find out more about our security solutions and help prevent cyber security attacks.