What are the most prevalent cyber-threats right now? And what are the latest security product updates from UKFast?
Find out the latest insight and advice from UKFast security expert, Sean.
Phishing: The type of phishing emails we’re seeing now are more complicated and sophisticated than ever before.
The most common tactic is for a cybercriminal to create an email chain seemingly involving three board members. Once a conversation has been fabricated, the victim is added by one of the ‘board members’ and asked to pay or take action immediately. Because the victim can see an entire conversation, they can be convinced that the matter is urgent and legitimate and so the money is paid to the hacker.
Ransom emails: These are also common cyber-threats at the moment. The criminals claim to have private videos or information from your device and if a ransom is not paid these will be publicised. Because it invokes fear and there is no way of telling if the threat is real, the hacker often wins.
DDoS attacks: At UKFast, we’ve seen some very large DDoS attacks against our own servers and our clients’ this month. Fortunately, we’re in a position to absorb these attacks using our global DDoSx® network.
With malicious DDoS-as-a-service technology now so easy to access, attacks are cheap and effective for attackers to carry out. The devices used to carry out these attacks are so widely distributed that it’s nearly impossible to identify an attacker. This makes DDoS attacks the perfect anonymous crime.
We have recently made improvements to our Threat Monitoring service.
UKFast Threat Monitoring has a file integrity monitoring feature, which means that any change to a file on your network causes an alert. Previously, this alert notified the user that a change to a file had been made, with no other information. This meant you had no idea from the notification if the change was malicious or not without investigating.
Now, the alerts include the file that has been changed and a short description of how it has been changed. This means the process is much simpler and quicker, with no investigation required unless the description is interpreted as a malicious change.
I’m also pretty excited about the new security service we’re introducing to our clients at the moment – phishing-as-a-service. But I’ll go into this in more detail next month!
There are so many attacks that can catch us out, as employees and employers. Every single business and organisation can always do more training to strengthen the weakest link in their defences – people.
Cybersecurity is essential in every sector, whether you’re working in the public sector, in education, in construction or manufacturing. It’s not just technology companies that need to worry and it’s not just your non-techie people who need training. In my experience, even highly technical people still need ongoing cybersecurity training just as much as anyone else.
There’s so many activities and campaigns you can implement to get your team up to speed with being safe online. The best time to start is now.
Until next time, stay safe out there.
How can you ensure your business is as secure as possible?
Explore our wide range of security products and get up to £10,000 towards your cybersecurity with UKFast’s BASEfund.