Freely subscribe to our NEWSLETTER

Chris Vaughan, Area Vice President of Technical Account Management for EMEA at Tanium focuses on the importance of employee education and how simple steps can secure a company against cyber attacks.

Matt Aldridge, Principal Solutions Consultant at Carbonite + Webroot, has also commented on the attack focusing on the need to boost security strategies through the right technology.

Chris Vaughan, Area Vice President of Technical Account Management for EMEA at Tanium
“This attack on the Foreign Office demonstrates how crucial it is for institutions that hold sensitive data to keep it private and stored securely. Cyber attackers are becoming increasingly more targeted and sophisticated with their methods of attack. If sensitive government data falls into the hands of malicious actors, there is no control on where the data might end up and what it might be used for.

It’s vital to be aware of the simple steps that can be put in place by any company or government department that experiences a data breach to help prevent it happening again. This includes ensuring a complete view and knowledge of company endpoint devices and securing cloud networks to block unauthorised access to customer and citizen data. This will help them identify any weaknesses that could increase the likelihood of a cyberattack being successful, such as unpatched devices or users adopting risky behaviours. Another measure that will help negate these attacks is a thorough cybersecurity training programme for staff. This may seem obvious, but many security breaches start with a user clicking on a malicious link – often in a phishing email.

With such sensitive data being stored, it is an essential requirement for organisations to follow these steps, to have greater visibility and control over their data and minimise the likelihood of breaches occurring again.”

Matt Aldridge, Principal Solutions Consultant at Carbonite + Webroot

“This attack is a clear indication that cyber-attacks are becoming increasingly targeted at government critical infrastructure. It’s now impossible for IT and security teams to address these attacks with any single approach, process, or technology. Sensitive information held on critical government infrastructure is likely to be very valuable to organised criminals and nation-state actors alike. Such data could command high prices on the dark web, may be used for criminal activities or sold to other unscrupulous government entities, via intermediaries, wishing to acquire information related to foreign affairs or intelligence activities.

It is imperative for government agencies to boost their security strategies to ensure sensitive, valuable data remains safe and protected. To limit the impact of these attacks, national institutions that hold private information should ensure they have clearly defined security policies and procedures to avoid any leak of information. This starts with employee education, which underscores all effective cyber resilience and data protection strategies.

Security awareness training programmes can now inform and educate employees on the latest threats in real-time, including information security, social engineering, malware, and industry-specific compliance topics. Attack simulations can also be used to automatically send users for re-education should any training issues be identified.

The fact that the Foreign Office were aware that there was unauthorised malicious activity going on inside their environment is reassuring, showing that detection systems and processes are doing their intended job. Equally, the fact that they were able to extend their agreement with their cybersecurity services partner as an urgent response shows that the value of incident response planning and of building the right services network to support your organisation’s security.

Having a partner already in place who can respond in a time of need is a very important consideration, and Managed Detection and Response (MDR) services are thus becoming very popular. Finally - data, especially when sensitive, must always be securely backed up, so systems can be restored if needed, and multi-layered cybersecurity controls must be deployed to help detect or block anything that breaches the first line of defence – the people of the organisation. Government bodies can use these tactics to improve employee vigilance and defend systems from attacks in the future.”