cyber presentation webinar 2...2020/05/07 · 29% staff get any kind of training only despite...
TRANSCRIPT
CYBER PRESENTATION(Advice for Business)Chris White CISMP
Police Cyber Security Advisor
Presented 7/5/2020
WHO ARE WE?
Common Themes
❖ Poor Passwords
❖ Lack of 2FA
❖ Vulnerability to Phishing
❖ Lack of training
❖ Lack of self-preservation / motivation to care
Problem Exists Between Keyboard And Chair
The Stats Page
32%UK businesses had a cyber security breach or attack in last 12 months
1 in 2 Businesses close within 6 months of a cyber attack
23days
Average time –ransomware recovery
£4180 Average annual cost to businesses (all sizes)48% Of those had at least one
breach or attack per month
32% Needed new measures to prevent further attacks
33% UK organisations have a cyber security policyYET ONLY
29% Staff get any kind of training
ONLY
DESPITE
>72% Of all attacks starting with PHISHING
Why
Action Fraud receive 23,000 Phishing reports a month - 1 in every 11 recorded crimes is a Cyber Crime
As of Monday, 4th May, 2020….• 400% increase in phishing emails since March 2020• 1,425 victims have lost a combined total of over £2.9m to
scams• Received 5,880 reports of phishing emails• COVID-19 related fraud is around 3% of all fraud reports
https://serocu.police.uk/covid19/
TRENDS & THREATSCyber Security Breach Survey 2019
Phishing
8 million still get OPENED
16 million pass the technical filters
156 million phishing emails DAILY
Do you know the sender of the email?
If yes, continue to be cautious before clicking a link.If no, do not click any links
Have you checked the header?
Mouse over the link and check the URL. Does it look legitimate or does it look like it will take you to a different website?
Are there any attachments in the email?
If so, do not click on the attachment before contacting the sender to verify its contents.
If you have a relationship with the company, are they addressing you by name?
If so, again contact the sender to verify it.
CYBER ATTACK RANSOMWARE
April 2020 most reported type of RANSOMWARE to law enforcement was Sodinokibi, Trickbot & Wannacry
Bitcoin Price www.preev.com/btc/gbp 7/5/20 £7,535
PASSPHRASE NOT PASSWORDThe 20 worst passwords of 2019 …
123456123456789
Qwertypassword
111111112345678abc1231234567
password112345
1234567890123123
000000Iloveyou
12341q2w3e4r5t
Qwertyuiop123
MonkeyDragon
For exampleTo add complexity
Or
LONDONBEACHMUSICLO7DO7B3ACHMUSIC3redhousemonkeys!
But how long does it take to crack these passwords?
QwErTy987123! CoffeeTinyFish CoffeeTinyFish#9
A strong password uses 3 RANDOM WORDS at least 13 characters longTo add complexity, convert letters to numbers and add special charactersTo help, save your password in your browserYou must have a SEPARATE PASSWORD FOR YOUR E-MAIL ACCOUNT
SECURE DEVICE MEANS• Auto updating OPERATING SYSTEM & APPLICATIONS
• Auto updating BROWSER
• Auto updating fully operational ANTI-VIRUS
• Auto updating fully operational ANTI-SPYWARE
• Auto updating fully operational FIREWALL
• Has 2 FACTOR AUTHENTICATION turned on
• Auto updating fully operational VIRTUAL PRIVATE NETWORK
• Using a PASSWORD MANAGER and / or saves password to BROWSER
• Has SCREEN LOCK turned on (PIN / Pattern / Fingerprint / Facial)
• Auto BACKING UP your data
• NOT USING PUBLIC WI-FI for sensitive browsing
WWW.NCSC.GOV.UK1 2
8765
43
NATIONAL CYBER SECURITY CENTRE FREE PRODUCTS & SERVICES
Service Information
Who Can apply?
Central Government
Local Government
Emergency Services
National Health Service
State Schools,
Academies & Colleges
Charities Private Sector
Mail Checkwww.ncsc.gov.uk/information/mailcheckPlatform for assessing email security compliance. It collects, processes &analyses DMARC reports from across the public sector
Yes Yes Yes Yes Yes No No
Web Checkwww.ncsc.gov.uk/information/web-checkService that helps you find & fix common vulnerabilities in UK public sectorwebsites
Yes Yes Yes Yes No No No
Exercise in a box
www.ncsc.gov.uk/information/exercise-in-a-boxService that helps your organisation find out how resilient you are to acyber attack & practise your response in a safe environment
Yes Yes Yes Yes Yes Yes Yes
Protective Domain Name
System
www.ncsc.gov.uk/information/pdnsService that offers a reliable internet accessible DNS service that protectsusers from threats posed by known malicious malware
Yes Yes Yes Yes No No No
Cyber Security
Information Sharing
Partnership
www.ncsc.gov.uk/cispJoint industry & government initiative set up to exchange cyber threatinformation in a confidential environment, increasing situational awareness& reducing the impact on UK business
Yes, subject to conditions
Yes, conditions
apply
Yes, conditions
apply
Yes, conditions
apply
Yes, conditions
apply
Yes, conditions
apply
Yes, conditions
apply
Cert-UK Network
Reporting Service
www.ncsc.gov.uk/cispService that scans for network abuse events & vulnerable networkservices on an organisation’s Internet-facing services & [email protected]
Yes, must be a CISP member
Yes, must be a CISP member
Yes, must be a CISP member
Yes, must be a CISP member
Yes, must be a CISP member
Yes, must be a CISP member
Yes, must be a CISP member
Cyber Essentials
www.ncsc.gov.uk/cyberessentials/overviewHelps you to guard against the most common cyber threats anddemonstrate your commitment to cyber security
Yes Yes Yes Yes Yes Yes Yes
FUTURE THREATS ARE... INTERNET OF THINGS
Insecure Devices can be compromised Change default passwords / Software update / 2FAwww.ncsc.gov.uk/blog-post/fixing-all-things
YOUR SAFETY
www.internetmatters.org/parental-controls/social-media
www.haveibeenpwned.com allows you to check if personal data has been compromised
"Notify me" allows you to subscribe to future breaches which often alerts you to breaches long before it reaches the news meaning you can take action immediately instead of your
accounts being at risk for months without you knowing
DATA BREACHESGeneral Data Protection Regulation became enforceable on 25/5/18
Possible fines of 4% of global turnover or €20M by the Information Commissioners Office
www.Ghostproject.fr is a free database lookup of recent password breaches allowing searches by emails or usernames
Helpful NCSC Guidancewww.ncsc.gov.uk/ ...
Bring your own device /collection/mobile-device-guidance/bring-your-own-deviceDigital service security: /collection/digital-service-securityDistributed denial of service /collection/denial-service-dosguidance-collectionBulk personal data: /collection/protecting-bulk-personal-dataMalware and ransomware: /guidance/mitigating-malware-and-ransomware-attacksPatching: /blog-post/the-problems-with-patchingPhishing: /guidance/phishingStaying safe online: /collection/top-tips-for-staying-secure-onlineSupply chain security: /collection/supply-chain-securityVirtual Private Networks (VPNs): /collection/mobile-device-guidance/virtual-private-networksVulnerability management: /guidance/vulnerability-managementWorking from home: /guidance/home-workingVideo conferencing: /blog-post/video-conferencing-new-guidance-forindividualsand-for-organisations
References:Cyber Security Breach Survey (CSBS) 2019ONS Crime Survey for England and Wales (CSEW) 2019
https://cybergamesuk.com/
The Case of the College Ransomware
➢ FE College in the SE of UK (1000s of students and 100s of staff)➢ Full infection of ransomware (TBs of data)➢ All systems offline (payroll, pension, course work, exam results, emails,
printers, smart boards, lunch payment systems, etc…)➢ Onsite backups also infected➢ Ransom paid & CERT’s bill➢ Files manually decrypted➢ Recovery was over 3 months➢ Notifications - ICO, Dept of Education, Action Fraud
Thank you – Any questions?Protect Team Email: [email protected]
Individuals Organisations
https://serocu.police.uk/talk/ https://serocu.police.uk/presentation/
Data Protection is the last line of defence
The future of Data Management and Protection.
© 2018 Redstor | www.redstor.com | Confidential2
Access Adoption Local Data Lead Times
Microsoft’s own Services Agreement, Section 6 states that:
‘We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services’
© 2018 Redstor | www.redstor.com | Confidential3
30%Of organisations DO NOT have a disaster
recovery plan
90%Of said companies will
go out of business in the event of a disaster
12%Of companies could not recover data lost
due to an incident
58%Of companies have no back and recovery plan
for data loss
68%Of SMB companies
have no disaster recovery plan
Ransomware costs on average $500 per machine to get data back–if you
can get it back at all.
Data breaches cost from $36,000 for small merchants, up to a whopping $3.62
million for large enterprises.
An hour of downtime costs $100,000 on average.
© 2018 Redstor | www.redstor.com | Confidential4
1) They are backing up the right data
“Along with defences, having the ability to recover from backups is vital…”
Ask your IT Team or Provider to confirm;
2) That the backups are held offline
3) Prove the ability to recover data and services from backups
Redstor
© 2018 Redstor | www.redstor.com | Confidential
End-to-end encryption ensures your customers data is protected!
If customers are impacted, Instant Data allows you to stream data on-demand
Flexible retention points ensures customers are can always roll-back to a time before the virus hit
© 2018 Redstor | www.redstor.com | Confidential6
79%Of organisations don’t have a backup and recovery plan for data loss that
complies with GDPR Article 32
Security of processing data
Article 32 sets out conditions for the security of processing data under the GDPR and is vital for customer-facing organisations, service providers and suppliers.
The data controller must have:
(c) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
(d) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
© 2018 Redstor | www.redstor.com | Confidential
Thank you for joiningAny Questions?
cyber.protect@[email protected]