Chip Epps, HID Global : Best practices to deal with top cyber crime activities
Modern businesses are quickly wising up to the dangers presented by an always-on business model. Customers are increasingly using online tools to access accounts, services, or expertise, and employees are looking to connect to their organisation’s networks remotely at any time. This has driven the desire for daily access to be easier and more convenient. However, with this agility comes a measure of concern. Hackers are also taking notice and creating viruses and malware for malicious purposes. With the U.K. based Office for National Statistics recently revealing that there were more than 5.8 million incidents of cyber crime in the past year, it is crucial for organisations to protect staff and customers data from cyber crime activities.
So, what are the top cyber crime activities businesses need to watch out for, and what can be done to combat them?
Malicious social engineering
In the digital age, the use of social engineering has become a pressing issue. With the Internet providing a shroud of anonymity for fraudsters, it is important that companies holding sensitive customer data are aware of the most common practices performed by social engineering hackers.
Phishing is perhaps the most well-known form of false trust hacking. It describes the attempts by fraudsters, who generally cast a wide net to acquire sensitive data such as usernames, passwords and payment details by masquerading as a known or trusted organisation over email or another form of digital communication. More recently, cases of spear phishing – a far more targeted attack – where hackers pose as a trusted individual are on the rise. When successful, customer data or a business’ sensitive documents and as a result the company’s reputation – are at risk. Indeed, research by Get Safe Online indicates phishing-related fraud contributed to UK organisations losing over £1 billion over the past year due to cybercrime.
Vishing and smishing are the telephone and SMS messaging variations of phishing. Either option can provide a fraudster access to your customers’ or your business’ sensitive information. The use of social engineering by cybercriminals can have devastating effects on modern businesses, and are certainly activities that business owners, and IT leaders, need to watch out for.
Just as social engineering can negatively impact businesses from the outside, there is reason to be wary of internal threats as well. Your personnel can have heightened privileges for accessing sensitive information, and can use such privileges to negatively impact your organisation. Alienated employees, visiting contractors or on-site maintenance staff could also pose such a danger to your business.
The problems caused by malicious insiders might not be immediately obvious, but they should not to be ignored. For instance, consider an employee who has just been made redundant or otherwise removed from their role in a business. They may feel angry at this decision and wish to vent their feelings towards their departing company. If they still have access rights to the shared storage or documents, they have the ability to change, delete or otherwise tamper with highly sensitive information. Similarly, an on-site contractor who has been given a temporary password without restrictions for a short period may be equally dangerous. Whether corrupting or sharing financial records, client information or perhaps authentication rights, the actions from such rogue individuals can wreak havoc on businesses of all sizes.
However, just as with social engineering dangers, knowing and understanding the threat from ill-tempered insiders can be half the battle in preventing businesses falling prey to cyber crime activities. IT leaders and business owners need to remain vigilant that users only have the access rights they need and be wary of new developments in fraudulent techniques to make sure their businesses stay ahead of cybercriminals malicious intentions.
How to fight back
The fight against cyber crime is set to dominate business leaders’ conversations and strategic plans in the coming years. In order to stand the best possible chance of coming out on top, there are several steps that organisations can take.
1. Move past simple passwords to strong authentication in the enterprise: When hackers steal an employee’s user name and password, they can then often move through the network undetected and upload malware programmes or steal or capture data. Organisations should protect systems and data through strong authentication that relies on more than just something the user knows (passwords.) There should be at least one other authentication factor, such as something the user has (i.e. a computer logon token) and/or is (i.e., a biometric or behaviour-metric solution.) Or consider moving past passwords altogether by combining cards, tokens, or biometrics.
2. Take advantage of the improved convenience of a mobile strong authentication model: Users increasingly want a faster, more seamless and convenient authentication solution than possible with dedicated hardware one-time passwords (OTPs,) display cards and other physical devices. Now, mobile tokens can be carried on the same card used for other applications, or combined on a phone with cloud application single-sign-on capabilities. Users simply tap their card or phone to a personal tablet, laptop or other endpoint device to authenticate to a network, after which the OTP is unusable. There are no additional tokens to deploy and manage, and the end-user only has one device to carry and no longer must remember or type a complex password.
3. Employ a layered IT security strategy that ensures appropriate risk mitigation levels: For optimum effectiveness, organisations should take a layered approach to security starting with authenticating the user (employee, partner, customer), then authenticating the device, protecting the browser, protecting the application, and finally authenticating the transaction with pattern-based intelligence if necessary. Implementing these layers requires an integrated, versatile authentication platform with real-time threat detection capabilities. This platform, combined with an anti-virus solution, provides the highest possible security against today’s threats.