Uncategorized – Wriggle Security

Important Cyber Attack News in the UK

Wriggle — Mon, 15 Oct 2018 14:21:05 +0000

Here at Wriggle Security, we have extensive knowledge and expertise working with clients who have been victims of cyber attacks. It is now negligent to assume that we are immune to cyber security attacks. Cyber security threats are becoming extremely sophisticated and can, therefore, affect businesses of any size and scale. In this climate of digital exposure, news headlines of cyber security breaches are a common occurrence and they only ever reiterate the importance of being cyber aware.

Wriggle Security like to keep you up to date with all the latest industry news about cyber security attacks. That is why we have put together a case file of the most important cyber security news articles hot off the press! Take a read and keep yourself well informed on this fast-moving threat…

#1 CASE ONE

Talk Talk

Internet service provider Talk Talk has recently been hit with a record £400,000 fine for the security failings that led to the company being hacked in October 2015. It was concluded that the company neglected to take basic steps to protect customers information. The hack resulted in the attacker accessing the personal information of more than 150,000 customers of the internet service provider, including sensitive financial data for more than 15,000 people. The amount the ICO can fine companies for serious breach of data protection obligations is capped at £500,000, leaving TalkTalk’s fine almost as large as it could possibly receive. This a major failing on the part of Talk Talk and one that could have been safeguarded against by implementing simple cyber security measures.

#2 CASE TWO

Wonga

Payday lender Wonga have recently hit headlines after news that nearly a quarter of a million of their customers may have been affected by a recent data breach on their system. The data breach included the theft of names, addresses, bank account numbers and sort codes of an estimated 245,000 customers in Britain and 25,000 in Poland. Wonga claimed users’ loan accounts are secure and their cyber security protection was adequate. A spokesperson from Wonga have claimed that they are investigating the illegal and unauthorised access to the personal data of customers and are in the process of informing customers that may have been affected. This is yet another in a string of cases that highlights the looming frequency of cyber attacks.

#3 CASE THREE

WannaCry and the NHS

In May 2017, a computer virus known as WannaCry was released worldwide. The virus encrypts data on infected computers and demands a ransom payment to allow users access. WannaCry had a widespread and devastating impact, but it was most threatening in its breach of NHS cyber security. Sky News reported the NHS ‘was hit with a near-£100m bill following the fallout of the WannaCry’ attack last year.See the full investigation on the NHS’s response to the cyber security attack and the resultant impact on the national health service here.

#4 CASE FOUR

Kim Kardashian

Our final breaking cyber security news case is currently filling news headlines and it is one regarding the TV and social media personality Kim Kardashian.

BBC News reported that she is now one of the ‘most dangerous celebrity to search online. If you’re a fan – beware, because this socialite could leave you exposed to cyber crime. It’s believed her name is one of the most commonly linked celebrity names to potentially malicious online sites.

These cases are only four in a long line of British companies and institutions to suffer major security breaches. It is evident from these cases that we must remain vigilant and aware with our cyber security measures and keep at the forefront of technology to keep these attackers out. Here at Wriggle Security, our philosophy revolves around working to manage risk and PREVENT rather than CURE and these cases demonstrate the importance of such. We always aim to ensure our clients stay one step ahead and solve any potential risks before they present a real threat.

If you think you are in need of help of cyber security assistance, be it management methods or training Wriggle Security is here to help. Please contact us today 0191 285 6128, one of in-house security experts would be more than happy to assist you.

The post Important Cyber Attack News in the UK appeared first on Wriggle Security.

Wannacry – The UK’S Biggest Cyber-Attack This Year

Wriggle — Thu, 27 Sep 2018 08:47:17 +0000

WANNACRY – THE UK’S BIGGEST CYBER-ATTACK THIS YEAR

16/10/17

In May 2107, a huge cyber-attack led to around 57,000 infections in around 99 countries. This is the biggest cyber-attack of the year. It was a specific type of ransomware called WannaCry. It affected companied like FedEx and around 48 NSH trusts in the UK. Which is partly due to the reason why it was the biggest UK cyber-attack this year and maybe even in the UK history of cyber-attacks.

WannaCry asked for a ransom, however the UK government advised all companies to not pay up and eventually this strategy worked, companies got their data and systems back. However, the damage was still there and had to be fixed, causing problems for smaller companies.

In the UK, this year, 590 cyber-attacks were classed as significant by the National Cyber Security Centre (NCSC). 30 were classed as ‘category 2’ which was serious enough to warrant a cross departmental response in government. Along with the WannaCry attack, another attack which took place is the Tesco bank hack, which saw £2.5million stolen from 9,000 customers was one of the category 2 attacks and had to have serious talks by the government.

WannaCry exploited a vulnerability in Microsoft which released a software that needed to be updated. However, many companies didn’t update their software and so the ransomware was able to hack into the systems and gain personal information, data and log into the IT systems.

Upcoming and new cyber-attacks on the horizon?

However, the UK needs to be aware of upcoming and new ways in which cyber-attacks can happen. It is thought that another big cyber-attack is soon to happen, which will be bigger than WannaCry’s. So, companies need to be aware that this may happen, and need to be prepared. Being prepared is essential, and there are many ways in which you can be ready.

Take a look at our other blogs to find out what you can do, or get in touch and we will be happy to assist.

The post Wannacry – The UK’S Biggest Cyber-Attack This Year appeared first on Wriggle Security.

Deloitte Have Revealed Its Cyber Breach

Wriggle — Thu, 27 Sep 2018 08:45:24 +0000

THIS COULD BE EMBARRASSING! DELOITTE HAVE REVEALED ITS CYBER BREACH

16/10/17

Deloitte, the globes largest cyber security consultant has just announced that they have fell victim to a major cyber-attack. Deloitte are famous for their protection of cyber security for firms.

This attack happened around October 2016, however, Deloitte were unaware of the attack for around 6 months. And has only been brought to the public’s attention now. It is thought that the hackers have accessed information like usernames, passwords and personal details from the firm’s clients. It is also believed that the hackers have access of up to 5 million sensitive company emails and documents across all the sectors in the company.

As Deloitte don’t know the exact harm the hackers have done, it is even more concerning for clients and themselves as the information is unclear as to what the hackers actually know.

However, we do know that emails from the 244,000 staff who work there have been hacked into. As their email system is based and stored in the Azure cloud service which could be easily hacked into by the security breach.

HOW THE ATTACKERS GOT IN?

Deloitte still to this day do not know the full extent of the attack. In April 2017, they hired a major US law firm to help investigate the breach. Through this we know that the hacker managed to get into the system through an administrators account, which gave access to the company’s IT system. It was also found that the administrators account only had a single password and not a two-step verification. This goes against what they preach and therefore has cost them their reputation and clients details.

They have stated that it has only affected a few clients, and notified them as soon as they found out. In addition, it is thought that it is only the US who were affected by this attack.

The post Deloitte Have Revealed Its Cyber Breach appeared first on Wriggle Security.

Small And Medium Sized Businesses

Wriggle — Thu, 27 Sep 2018 08:43:05 +0000

SMALL AND MEDIUM SIZED BUSINESSES

16/10/17

Small and Medium sized businesses (SMEs) are becoming easier for hackers to target, this is due to them not having sufficient security defences put in place. Despite nearly three quarters of SMEs came under attack in the past year.

WHY ARE SMES A TARGET?

SMEs are a target due to the fact they don’t believe they are a target in the hacker’s eyes. Most SMEs believe that hackers are not bothered about small businesses and only focus on the bigger companies. However, this couldn’t be more wrong, as hackers pray on this and attack these companies.

SMEs tend to have less protection on their IT systems, making it easier for them to become under attack, and help the hackers gain access to their companies’ data.

The Federation of Small Businesses (FSB) found that only one quarter of SMEs have a strict password policy, making it easier for hackers to gain access into SMEs IT systems rather than the bigger companies who would tend to have more protection.

WHAT IS THE MOST COMMON TYPE OF ATTACK?

The FSB found that the most common types of attacks on SMEs are phishing emails, malware attracts and ransomware.

Phishing emails are a way of accessing your identity. An email will come through to your business email, asking you to update a piece of information. The email will look legitimate with a link enabling users to follow through onto a page which they believe is to update their information.

Whereas it is actually a page which the hackers have created enabling them to intake all the personal data the customer has provided. This is a simple yet effective way for the hackers to gain access to your information. Therefore, make sure you know it is a legitimate website and one which you know and trust before you start entering personal and confidential information.

Malware attacks occur if someone clicks on a link or downloads a file unknowingly, which will allow the hackers to gain access into the device. This is something which someone may do without even knowing, and allowing the hackers to intrude in your companies’ system to either steal information, extract money or send unwanted advertising from your companies’ brand.

Ransomware attacks happen when a hacker takes control of your IT system, enabling them to undertake any action they wish on the companies’ system. They will then ask for a ransom in return for the full access of the IT system back. This makes it extremely hard for SMEs to gain back the full system as they don’t have the money required.

The post Small And Medium Sized Businesses appeared first on Wriggle Security.

How To Stay Protected In The Cyber World

Wriggle — Thu, 27 Sep 2018 08:41:00 +0000

HOW TO STAY PROTECTED IN THE CYBER WORLD – 5 TOP TIPS

16/10/17

Cyber-crime is a massive issue in the world of the internet and data protection. There are cyber breaches happening to small, medium and large companies. Yet some companies are still not doing anything about this increasing issue even with the damaging consequences.

If you own a business, then it is vital that you keep your businesses data secure. Which is why we have created these 5 top tips to help you protect yourself against cyber-crime and safeguard your online assets.

#1 PASSWORD PROTECT YOUR DEVICE

This may seem like an obvious solution, yet you will be surprised how many people don’t have a password on their device, in fact 33% of Android users do not have a password on their phone.

Additionally, the most common password on any device is either ‘123456’ or ‘Pasword123’. These types of passwords are prone to cyber-attacks.

#2 DO NOT USE PUBLIC WI-FI

It is tempting to use public Wi-Fi when on the go. However, it can be a very dangerous game, as this is one of the most common ways hackers can hack in to your computer and access data. Where possible use a secure access, this way it will be harder for hackers to access information from your device.

#3 KEEP UP TO DATE

Make sure your company is keeping up to date with the latest software updates. This will ensure minimal attacks as the software is aware of the latest attacks and will be able to protect your device from this malware software.

#4 HAVE CYBER LIABILITY INSURANCE

Ensure you have cyber liability insurance with a reputable insurance company. This will give you the peace of mind that if you do unfortunately end up on the receiving end of a cyber-attack then you will be covered for the damage.

#5 BACK UP DATA REGULARLY

Making sure you back up your data regularly is crucial. In case you do happen to have a breach of data you can always go back to the previous point you backed up, making it easier to recover lost information.

For more hints and tips, then don’t hesitate to get in touch with us.

The post How To Stay Protected In The Cyber World appeared first on Wriggle Security.

How To Create A Strong Password?

Wriggle — Thu, 27 Sep 2018 08:38:52 +0000

HOW TO CREATE A STRONG PASSWORD?

16/10/17

One of the easiest ways to protect your data and the security of your IT system is to create good, strong and difficult passwords. In order to help you try and keep on top of your security. Saying this, creating passwords is one of the simplest things you can do, however, every small step will help your system become a safer.

SO WE HAVE CREATED THESE 3 TIPS TO HELP CREATE A SECURE PASSWORD.

1. 12 characters’ minimum

We would suggest for your password to be at minimum 12 characters and any more is even better! Up to 16 is considered a strong password. Therefore, the more characters the better.

2. Include numb3r5, $ymßøls, CAPITAL LETTERS and lower case letters

It is important to make sure you don’t just use letters; most systems won’t allow you to use just letters anymore. Ideally you should use $ymßøls to try and make it harder for hackers to get into the password.

When using numbers, try not to put them at the end of the password in a sequence like ‘123’ or ‘321’. This is a common occurrence and hackers are familiar with this and will use it when trying to hack into your system.
Do not switch symbols or numbers for letters, hackers are aware of this and it will make no difference. For example, do no use ‘0’ for the letter ‘o’

3. Don’t use a dictionary word

When creating a password, try not to use words, it is much safer to have a string of letters rather than a word, as this makes it harder to hack into.
However, if you are using a word, try to add a few words at the end. But ones which do not make sense, in a phrase which you wouldn’t understand if you were reading it. For example, ‘LaptopAppleHappy’.

Trick for remembering your difficult passwords

A good and useful trick to help you remember a password with capital letters, symbols and numbers is to try and think of a phrase. The first of each letter will become your password. This will help you remember a strong password, and you only have to recall one phrase for it.

For example, ‘My mum loves her present! And it only cost me £50 too!’
You can make this into a strong password by using the first letter of every word. This would make the password become; Mmlhp!Aiocm£50t!

This password is 15 characters long, it contains capital letters and symbols. It also is not a word which makes it more safe!

For more hints and tips, get in touch with us, we are always happy to help.

The post How To Create A Strong Password? appeared first on Wriggle Security.

Cyber-Attack On Equifax

Wriggle — Thu, 27 Sep 2018 08:35:06 +0000

CYBER-ATTACK ON EQUIFAX

16/10/17

A cyber-attack can hit any size of business, whether it be a big international brand or a small independent company, it can hit any size business. The most recent attack which took place is the cyber breach on Equifax.

Equifax is a consumer credit reporting agency based in the USA. Equifax collects and aggregates information on over 800 million individual customers and more than 88 million businesses worldwide. With around 400,000 Britons affects too. Therefore, this is a huge cyber breach which will affect many businesses and individuals in the UK and worldwide.

Details which were stolen by the hackers are personal information like names, social security numbers, birth dates, driving licence numbers and many more personal and confidential information. Including credit card numbers for around 209,000 US consumers.

THE AFTERMATH OF THE ATTACK

Critics have heavily criticised the way in which the data breach was handled. Consequently, Richard Smith, the chief executive has stepped down. This was just days before he was due to testify in Washington about the breach. However, this has caused an outcry as customers and critics say that this is not enough.

Due to this sudden change, Equifax are looking to take on board a new chief executive, and are considering candidates internally and externally. This will try and lead the company forward, however, it will be a difficult approach due to the extent it has caused.

After the breach, Equifax’s stock dropped 13% now making it worth $124.10 in extended trade. Three Equifax executives selling their shares worth a combined total of $1.8 million. This was just days after it had discovered the breach. Yet they have said that they “had no knowledge that and intrusion had occurred at the time they sold their shares.” Due to the company revealing the breach to the public days after they discovered it.

For more information on how you can protect your business, just get in contact with us.

The post Cyber-Attack On Equifax appeared first on Wriggle Security.