Daily Archives: July 10, 2015

Don’t you know there’s a war on?

Screenshot 2015-07-10 08.42.58

There is a war on and it may not be a ‘hot’ war in the same way as WW1 and WW2 but make no mistake this is a World War, there is no sign of peace, it won’t be over by Christmas and at some point, if it hasn’t already, it is likely to impact directly on you!

This is the Cyber War! Attacks, such as the alleged North Korean attack on Sony, hit the headlines from time-to-time but this war is being fought intensely second by second. Take a look at the real time Norse Attack Map.

The Attackers

Attacks come primarily from four types of entities: –

  1. State and state sponsored organisations (though no state is likely to admit the full extent of this)
  2. Hacker groups such as Anonymous, the Chaos Computer Club, the Cult of the Dead Cow or the Honker Group. Often they will have political agendas and will be responsible for coordinated attacks
  3. Cyber criminals, organised, well funded and often backed by more traditional organised crime syndicates
  4. The ‘lone geek’, stereotyped as a lone guy operating out of his bedroom or the basement of his parents house but capable of doing real damage to an organisation or individual

The Attacks

Long gone are the days when the worst that could happen is that your website may be defaced. Attacks now include (but not limited to): –

All devices and operating systems are subject to attack (it’s not all about Windows PC’s!). Our increased use of mobile devices has led to a corresponding increase in attacks against these devices. And as we attach more and more devices to our networks, the Internet of Things (IoT) will offer more channels for cyberattacks. The potential for attacks against cars, medical equipment, transportation and critical building systems should now be viewed as a present threat.

Some Attack Statistics from 2014 (source: Symantec)

  • 60 percent of all targeted attacks struck small and medium sized organisations – it’s not all about Government and big business!
  • Ransomware attacks grew by an incredible 113 percent!
  • 317 million new Malware Variants added
  • 1 in every 1,126 websites were found with Malware
  • 76 percent of scanned websites were found to have vulnerabilities, 20 percent of which were critical

The USA is the country that suffers the most cyberattacks while the UK has the most cyberattacks in Europe.

Incoming, take cover!

Given the above statistics it is a wonder that the attackers don’t do more damage than they already do. The fact that attackers do not is a testament to the professionalism of those involved in IT security.

But unless you are in IT security (or you are a hacker) then it is likely that you are a civilian in this war. We don’t want to become a casualty of this cyber war and like all responsible citizens it is our responsibility and duty to do what we can to protect ourselves.

What can we do as civilians?

Well we could unplug everything and go off grid I guess….or

  1. Where possible ensure that your device has up-to-date anti-virus software permanently running. Set the software to do a regular full scan of the device.
  2. In addition to anti-virus ensure that your operating system and applications are regularly updated and patched.
  3. If possible encrypt the data on your device.
  4. Do not click on links in emails, texts, social media etc unless you are confident that the source is safe.
  5. Do not open attachments unless you are confident that the source is safe.
  6. Set secure strong passwords, don’t share them with anyone and do not use them on multiple sites. Do not write down your passwords – if you forget them then there is usually an easy way to reset or recover them.
  7. For mobile devices where there is the ability to wipe data remotely ensure that this option is enabled and that you know how to to this quickly.
  8. Take regular backups. If you are hit by Ransomware one of the quickest and cheapest ways of recovering your data is to restore from a backup.
  9. When surfing the web take every ‘warning box’ that your device displays seriously.
  10. Monitor. If the performance of your device suddenly degrades or you start seeing unusual activity on your email or other accounts then take action immediately. Run full anti-virus scans, change your passwords and if necessary consult a professional, the supplier or your work security team for advice.

The Cyber War maybe not be a war that we will ever win but it is a war that cannot be lost. Those businesses that are responsible for creating this wonderfully connected world have a duty to adequately protect its inhabitants and those that don’t may themselves become a casualty of war.