Cyber Crime – How to deal with the Threat

The digital world is an enigma to many, a mysterious space that is dominated by innovative organisations and unscrupulous cybercriminals. Each side is in a constant struggle between performing cybercrime and preventing its damage, a battle played out across a global stage and one that is worth huge sums to both those who benefit and those who suffer.

The ingenuity of the ‘cloud’ and the constant evolution of how we use online tools has increased our reliance on digital platforms, encouraging us to share sensitive information under the illusion of ‘protection’. Cybercriminals see this collection of data as a safe to be cracked, with theft becoming less a physical act and more a reimagined ‘Corporate Espionage’. Corporate espionage isn’t new, but now instead of infiltrating an organisation, or breaking into their facility, a cyberattack is an easier option. With so many ways into a network it can sometimes even go undetected. Whereas once a bank robber would need to bust the vault, now they simply find the back door whilst sitting in front of a screen miles away.

Cybercrime is costing literally billions in stolen ‘secrets’ every year, prompting new laws to be introduced in an attempt to stem the flow of stolen data. When the leader of the free world, Mr Obama himself, becomes a target, the seriousness of the situation becomes clear. But what can be done? As security evolves, so does the hackers ability to breach it. It isn’t just criminals either, but hacktivist groups and foreign governments too. So if introducing new laws isn’t going to work then how can corporate espionage be overcome?

Where things get difficult is the accountability of attacks. Being able to trace the culprit is often impossible. You may find the hacker themselves, but truly determining who they were working for is more challenging. At Digital Pathways we have seen a tangible increase in the willingness of foreign governments to be involved in commercial cyber espionage, as a means to supporting the domestic business of their country. Techniques include spear phishing, water-holing, APT and air-gap bridging malware, which emits a high frequency sound through an infected computers’ speakers in order to infect others whose microphones are on.

These techniques may not be revolutionary in terms of effectiveness, but they do put added pressure on businesses, making them have to spread their security more widely to cover all eventualities. Cybercrime in reality is the same as theft. If a painting is worth something then it will be stolen and sold for profit. Data is just the same. One person might think their database is not overly valuable or even interesting, but to others that database is an introduction to phish for soft targets. It is preparation therefore that is important. With a 91% increase in cyberattacks on private companies over the past two years, it is highly likely that you will be affected. Managing the attacks and training your staff to follow certain protocol is where the tide can shift in your favour.

From the bottom to the top, everyone’s actions leave a business open to cybercriminals. Therefore as well as traditional anti-virus software, at Digital Pathways we also recommend Computer Server Cloaking, a system that enables only authorised users to access your servers and minimises the risk of hacking. We know of design data, tenders and proposals which have been stolen and are sure the thefts were committed to order. By masking the server these type of targeted attacks can be reduced, ‘you can’t hack what you can’t see’.

Insurance cover against attacks is another must have. Take patented designs for example. Should those be stolen the cost in damages could be worth millions in terms of potential turnover. There can be difficulties in claiming, as proving the theft of intellectual property to an insurer may not always be easy, but having cover can help to soften the blow. There are specialists out there who deal in cyber insurance cover, and our team would be more than happy to refer you.

So the differences between those on the side of cyberattack prevention and the criminals who perform it are vast. The hackers are looking for a single entrance, whereas organisations are having to cover thousands of potential entries. If you truly value your data then prevention is the first step, followed by attack management should you be affected. Some organisations do not use specialist data security companies to properly deploy security. Often they use their suppliers of other services, such as telephone systems to ‘bundle in’ security, and that is where things go wrong. You wouldn’t have your GP perform brain surgery, even if he is medically trained, you would instead go to a specialist. The same should be true for data security.

So if you are one of the 552 million companies who have been breached since 2013 then get in touch today and let us take all the precautions necessary to secure your digital identity.

Internet of Things issues
Strong Encryption Software – Defending Free Speech or Enabling Crime?