7Safe Cyber expert Aleksander Gorkowienko gives advice to UK organisations
The threat level is mounting.
Chancellor of the Exchequer, George Osborne, has said that Islamic State militants are trying to develop the ability to launch deadly cyber-attacks on UK targets such as air traffic control or hospitals.
In a speech from inside GCHQ, Mr Osborne outlined plans to make Britain the best protected country in cyber space, announcing that he is prioritising security in his Spending Review next week. He paid tribute to the work of intelligence services in foiling plots against the UK – suggesting that we are already under sustained cyber-attack by hostile forces in addition to horrific threats of the type experienced in Paris last week.
1,900 new staff will be recruited across the three intelligence agencies and the first National Cyber Centre will be home to the country’s first dedicated ‘cyber force’.
The Chancellor, who chairs the government’s committee on cyber, outlined details of a new National Cyber Security Plan, put together to ensure Britain can keep itself safe from a rising tide of attempted online attacks against business, infrastructure and individuals, and ensuring we remain at the cutting edge of the global cyber economy.
[Source: Chancellor sets out vision to protect Britain against cyber threat in GCHQ speech]
The Cyber Warriors and Cyber CSI’s are clearly part of the life of our Nation from hereon, but what can UK organisations do to protect themselves from cyber-attack?
I asked Aleksander Gorkowienko, Lead Penetration Tester and Cyber expert for 7Safe, what organisations could do to guard against a determined cyber-attack?
“Raising awareness of existing cybersecurity threats with personnel (I think awareness is a key point here). Teach them about threats, phishing, hackers, etc.”
Are there really many people in business who are not sufficiently ‘cyber-savvy’?
“A great many. I would risk saying too many. The traditional IT department approach to information security was outmoded a decade ago. The model of firewalling and AV scanning without a proper understanding of modern threats and adequate countermeasures continues. If you don’t understand risks you will not be able to protect yourself. Whether you like it or not – sooner or later you will pay the price. And by that, I don’t mean that you will fail to prevent an attack. The fact is, you could have already been attacked. It’s just that you probably don’t know it and you would never know.”
Regular security audits / pen testing
So what do you do to fix faulty Cyber Security?
“Regular security audits and pen testing. Businesses should have someone who is capable of seeking out vulnerabilities that need to be closed off. They can best do this with external help in the form of penetration testing. The reports produced by pen testers quite often are the wake-up call. Suddenly you realise that you need to patch, upgrade, resource with new software and hardware, and put in place sufficient technical and procedural security controls protecting your precious confidential data. Because if a pen tester can defeat your security, a malicious hacker can do so for sure.”
Multi-layered security protection
What specific measures will help them to address problems identified in the report?
“Multi-layered security protection of their perimeter (security in-depth principle) with IDS/IPS, AV in place, strong passwords, sensitive data encryption and other security countermeasures. Don’t forget about security embedded into applications they use, with proper alarms and logs handling (in case of incident at least they would know where to look for clues).”
Security policies & defence strategies
How would you manage cyber security within the organisation? Who should do this?
“Having proper security policies and defence strategy in place requires strong leadership. It’s no good dumping the problem on a junior or middle manager and then failing to support their recommendations because you don’t trust their abilities or findings. The corporate strategy should always be supported by the top stake holders.”
Cyber-games put your staff to the test
What can you do in a practical sense to ensure that you have Cyber under control?
“Simulate attacks in controlled environment (cyber-games) on regular basis, learning how to deal with attacks and handle incident responses properly.”
Do you recommend getting help with this?
“Of course I do. Don’t laugh: how can you be certain that you’ve not over-looked something important if you carry out the tests yourself? Diagnosing your own illness is not a best thing to do. You are too closely involved in your own cyber security!”
Will following your advice keep out attackers – even Islamic State cyber-warriors?
“It can help. However you should always remember that security is not a one-time action but a continuous process. Do not under-estimate the efforts made by a determined attacker – particularly if they are out to disrupt critical infrastructure, steal valuable identities, IP, or money in bank accounts. Think in advance and don’t become a valid terror target.
Do not underestimate insider threats either. It’s often much easier to get a job in a trusted position inside sensitive organisations than it is to hack in from the outside. Islamic State have no trouble in obtaining forged passwords and IDs. Ordinary cyber criminals can get hold of these phoney items via the dark web with near impunity. How far have your checks gone to establishing whether your IT contractor is real?”
For all enquiries contact: Michael Shuff, 7Safe, on +44 176 326 7639
Want to get help with Cyber before it's too late?
Looking for Cyber Security Services you can trust – used by Government organisations, the Police, and hundreds of UK private sector companies? Click through to 7Safe’s information pages:
Before your organisation becomes the next high-profile victim of a cyber-attack.
Had a cyber-incident? Need to know who did to this to you?
Perhaps you are concerned about the online activities of a particular employee?
Or collecting evidence that you can take to the Police / use in civil proceedings?
Read about our Digital Forensics Investigation services:
You can speak to one of our experienced cyber security advisers in confidence on:
0870 600 1667