Cyber Month: Thursday Thoughts with Thijs: phishing & ransomware
27/10/2022
The observant reader may now be thinking but 'what about the two central themes that the European Union Agency for Cybersecurity (ENISA) had chosen? Thijs still hasn't actually mentioned them?!'. Until now.
Of course, we're going to explore phishing and ransomware! The fact that these topics are now recurring themes for the month isn't really a surprise as they're both increasingly common, and we're certainly hearing more about them in the news and their consequences. Whilst phishing and ransomware might seem like two different ideas, they're actually linked to each other more than you realise. For instance, a phishing campaign - where someone is hoping you'll take the bait in exchange for your personal data - might trick an employee in an organisation into opening a file and unknowingly opening a door for a hacker, who could then make their next move by blocking certain files and only granting access back to the organisation in return for a large sum of money, AKA a ransom. That said, it doesn't necessarily mean that when phishing is involved, a ransomware attack will also happen - the two aren't mutually exclusive.
Phishing is everywhere, with new campaign styles and themes developing all the time - think about when most of the world was in lockdown and phishers decided to benefit from that. Anyway, I thought it might be worthwhile to give you some pointers on how to recognise most phishing campaigns. If you fancy talking it through in a bit more detail, feel free to give me a call .
Something quick and easy that you can do at first glance: check language use and spelling - is the company name correct? Has the sender attempted to disguise similar looking letters to deceive you (such as nn' for m' or capital Is in place of lower-case Ls?). Regarding language use bear in mind that phishing attempts aren't always constructed logically, with sentence structure occasionally being a bit off. This might imply that the sender has used an online translation for a website which was of limited quality.
Yet another aspect to consider is the URL the criminal wants you to click on. More times than not, the sender's domain won't match the link in the e-mail - so keep a close eye on this!
Consistently within phishing attempts is a sense of urgency; a request that must be actioned within a certain timeframe or face a consequence such as a fine, bad rating, etc. Simply ignore such requests and report the e-mail (as per your organisation's policy) to the responsible team who can then determine whether it is indeed a phishing e-mail and what you need to do, if anything.
Maybe you've already clicked on something in a lapse of concentration that you now think could have adverse consequences? Maybe? Don't be afraid to inform the responsible team, immediately! The sooner the team is informed, the sooner they can take (technical) measures and will be eternally grateful to you and learn from this for the future.
Possibly, this phishing incident could have turned into ransomware. If so, speed (and time!) is of the essence. The faster systems can be (controlled) shut down, the less recovery work will be required.
Besides quick reporting, what else can you do to prevent these kinds of incidents? Well, it may seem obvious, but often employees still use unfamiliar USB devices because it's just a bit more convenient' - FYI, it's not. How do you know that someone hasn't tampered with your USB when you weren't looking? You could plug that into your machine and it be taken over by ransomware or malware that begins ravaging your network. Instead of using USBs for sending or receiving files, use file exchange software provided by your organisation. If your organisation hasn't made these tools available yet, ask for them!
Criminals also simply exploit (known) vulnerabilities in applications, operating systems, and the like. Make sure you keep on top of your updates for these applications, therefore reducing the chance of an attack by criminals. Easy, right?
As a side note, you may remember that I pointed out in a previous blog post that, as an ICT/security team, you cannot entirely rely on colleagues who may or may not (accidentally) click on a link or open a file - you need to deal more in absolutes.
It's important to know and be able to recognise the different types of incidents, events, or scenarios, before they even happen. So go through all the different types, list the corresponding technical measures needed to resolve them, and use this for the basis of your incident response plan.
Think about a good backup and restore strategy (also tested and approved, of course), and make this part of the incident plan too. It's absolutely, and I can't stress this enough, imperative that you go through your incident response plan at least once, so you know whether it works. Let's be honest, we all like surprises from time to time, but not in cyber. Then you avoid surprises as much as possible.
Finally, some thoughts that I'd like to leave you with about preventing incidents:
No single organisation is the oracle. Procedures and measures are often ignored in large-scale cybersecurity incidents because of the stress they cause - don't be reluctant to seek external expertise (as the old saying goes, a problem shared is a problem halved). Make this part of the incident plan as well.
Be as clear, straightforward, and transparent as possible in communicating to your stak
LINK: | https://www.resillion.com/cyber-month-thursday-thoughts-with-thijs/... |
See more stories from eurofins |
More from Eurofins
04/10/2023
Strengthening Your Digital Barriers: The Vital Importance of Regular Pen Testing and Vulnerability Scanning
In today's digital landscape, where businesses rely heavily on technology to...
19/09/2023
Resillion: Supporting Energy Digitalisation
The global energy industry faces immense challenges: Net Zero targets are driving many types of energy consumption to electricity at the point of use instead o...
31/08/2023
New 4K restoration of Terrence Malick's 1978 classic, Days of Heaven, performed by Resillion to premiere at Venice Film Festival in September.
Resillion's best in class digital film restoration team has played an integr...
29/08/2023
Resillion to Serve as Exclusive CI Plus 2.0 Test Partner
As of May 2023 - Eurofins Digital Testing has changed its name to Resillion UK Limited, this name change has been reflected below in the press release from 2019...
25/08/2023
The legend of Tom, Dick or Harriet: a tale of physical security and social engineering
The following is based on real events; names and other details have been changed...
25/08/2023
DPIA - the scary elephant in the data protection room
Data Protection Impact Assessment, or DPIA for short. Even the acronym can strike fear into the hearts of those struggling with data protection compliance. But ...
22/08/2023
CPE and Home Gateway testing: what is it and what are the challenges?
High data rates for residential users have always been hindered by the last-mile bottleneck, i.e., low data rates on the last mile of the access network towar...
22/08/2023
Why you don't call your insurance provider when your house is up in flames
Your house is on fire what do you do first? You wouldn't call your insurance company to let them know your house was ablaze whilst watching the flames furt...
07/08/2023
US government launches cyber security labelling scheme for smart devices
On July 18th, 2023, the US Government announced a cybersecurity certification and labelling program for connected devices. This US Cyber Trust Mark will allow...
31/07/2023
How to implement automation when developing tests in parallel with development sprints
by Dan Martland, Technical Testing Director As we undertake many test automati...
31/07/2023
A guide to the new NIS directive (NIS2)
We previously released some guidance around the new Network and Information Security Directive (NIS2), which you can read here. NIS2 has many different areas to...
25/07/2023
Goodbye 90's QA Health Check Hello Optimisation
By Rich Mort In a past life, some years back, I attended a sales call as a Test Consultant with a fresh faced new go gettem' salesman who was determined t...
20/07/2023
Escalating privileges in Citrix ADC
Part of Citrix's solution line-up, Citrix ADC (formerly NetScaler ADC) is an application delivery and load balancing solution. In March 2023, two of Resill...
17/07/2023
Debunking the myths around Test Automation and how to supercharge your Digital Transformation Programme
Recently, Resillion ran a webinar exploring the myths (or misconceptions) around...
14/07/2023
A Look Behind the Scenes of an Intern Jonas Claes
Hello everyone, my name is Jonas Claes, a 21-year-old coffee enthusiast and software aficionado from Belgium. I'm currently pursuing a degree in computer sc...
03/07/2023
Exciting times ahead for Qi 2.0 and Ki
By Glenn Koninckx, Technical Sales Another face-to-face edition of the Wireless Power Consortium (WPC), this time in the beautiful city of Copenhagen, Denmark...
16/06/2023
NIST Consumer IoT Cybersecurity Labelling
NIST - the US National Institute of Standards and Technology has been examining labelling schemes for the cyber security of Consumer IoT products. Learn more ab...
13/06/2023
QA - Can it really drive Digital Transformation Success?
Recently Resillion ran a webinar with two of our Digital Transformation experts discussing how QA can drive digital transformation success. Although this works ...
09/06/2023
Four takeaways from the OpenADR++ Users Conference Europe
by Bill Chard Resillion was pleased to sponsor and attend the OpenADR Alliance's User Conference Europe, held in London on June 6th and 7th. Over two full d...
31/05/2023
Scaling into infinity part II
In the first part of this series, I started looking at the key components of performance when building and scaling large cloud estates. Now, I'd like to del...
30/05/2023
Interoperable Demand Side Response
Over the Winter of 2022/23, a series of significant events in the UK's electricity supply network featured in the national news. Run by the Electricity Syst...
25/05/2023
Cyber Security vs Incident Response
Your house is on fire what do you do first? You wouldn't call your insurance company to let them know your house was ablaze whilst watching the flames fur...
10/05/2023
Scaling into infinity Part I
The digital revolution has brought myriad exceptional benefits, but the one I'd like to focus on is the unifying force of shared common services; the idea t...
30/04/2023
Nulmeting en terugkerende pentesten: cruciaal voor de beveiliging van jouw organisatie.
Tegenwoordig is het geen vraag meer of je wordt getroffen door een cyberaanval, ...
11/04/2023
NIS2 what's new?
The NIS, originally adopted in 2017, has already put certain measures on the table to improve the cybersecurity of European companies that are considered critic...
16/03/2023
Matter: the new standard for Connected Home Devices
Resillion is an enthusiastic supporter of Matter, the industry-unifying standard for Connected Things, and the Certification Scheme that will underpin its succe...
04/02/2023
Navigeren in de wereld van penetratietesten: De voordelen van het CCV-keurmerk
Er zijn vele aanbieders van pentesten en onderwerpen als ethical hacking en cybersecurity in het algemeen zijn onderdeel van diverse (hogere) beroepsopleidingen...
24/01/2023
Consortium led by Resillion wins Demand Side Response testing project in the UK
Resillion announced a new project funded by the UK Department of Business, Energy and Industrial Strategy (BEIS), focused on the performance testing of Demand S...
09/01/2023
Resillion: a new name and a company with a passion for making IoT work.
London, 9 January 2023: We are pleased to announce the launch of our new company, Resillion. Combining the best-in-class expertise across Digital Testing, Cyber...
08/01/2023
Data Privacy Matters good practices by Gert-Jan
Once again, on 28th January, it is Data Protection Day - hasn't it come round fast! This was originally created by the EU back in 2007 to raise awareness of...
12/12/2022
Hacker delivers households Christmas cards via printer (NL)
Den Haag, 13 december 2022 - In 2021 waren bijna 2,5 miljoen Nederlanders slachtoffer van online criminaliteit.* Via slecht beveiligde slimme apparaten kunnen h...
08/12/2022
Hacker delivers households Christmas cards via printer (Eng)
The Hague, 13 December 2022 - In 2021, nearly 2.5 million Dutch people were victims of online crime.* Using poorly secured smart devices, hackers can penetrate ...
17/11/2022
Resillion achieves CREST SOC accredited status
Commissum is proud to announce that it has been CREST accredited for Security Operations Centre (SOC) services, further strengthening its current CREST accredit...
27/10/2022
Cyber Month: Thursday Thoughts with Thijs: phishing & ransomware
Cyber Month is coming to an end, hasn't it absolutely flown by! During this 10th anniversary of cyber month, a plethora of activities have taken place acros...
20/10/2022
Cyber Month: Thursday Thoughts with Thijs: account management
It's already the third week of this cybersecurity month . Time flies when you're having fun! That means it is also time for my third musing. During C...
13/10/2022
Cyber Month: Thursday Thoughts with Thijs: Awareness
Just because you don't immediately think of it, or can't physically see it, doesn't mean it doesn't exist - out of sight, out of mind' is a...
07/10/2022
Resillion supports the launch of Matter 1.0 and offers Certification Testing
The Connectivity Standards Alliance has this month released the Matter 1.0 standard, and a new certification program for products that connect with Matter. Sma...
06/10/2022
Cyber Month: Thursday Thoughts with Thijs: Supply-chain attack
All businesses have suppliers, fact. But have you ever considered the associated risk of a cyber-attack to your suppliers? Commonly known as either a supply cha...
04/10/2022
Ensuring smooth TV content globally
For World Testers Day, 9th September, we sat down with Programme Manager, Peter Shorrock, of our devices practice, to discuss how we make a difference in the br...
09/09/2022
International Testers Day - finding testers in times of shortages
Richard Mort, a senior consultant at independent Quality Assurance, (QA), testing and cyber security for software systems and devices company, Resillion, here e...
25/07/2022
Why is the NEXTGEN TV Logo critical to the success of ATSC 3.0 deployments in developing countries?
Dr Bob Campbell recently wrote an article about the importance of ATSC 3.0 deplo...
22/07/2022
Virtual Security Officer
When asked about my job at - say - at a birthday party, or other social event and I tell them, people pause for a few seconds, then, usually with a puzzled expr...
18/07/2022
Resillion chosen by the Connectivity Standards Alliance to host Europe's first Matter Specification Validation Event
Resillion is partnering with the Connectivity Standards Alliance (CSA), to exten...
07/07/2022
NextGen TV Logo New Updates
Resillion, in partnership with the Consumer Technology Association (CTA) and National Association of Broadcasters (NAB), is pleased to announce the release of ...
09/05/2022
Virtual Security Officer Need to Know
Protecting your organisation from outsider threat should be of utmost importance - effective cyber security measures keep both your data and systems safe and en...
07/04/2022
Is Basic Authentication too basic?
With various authentication methods available, which exactly is the best? We delve into authentication, authorisation and discuss whether Basic Auth really is j...
06/03/2022
Protected: Resillion Matter 1.2 Specification Validation Event
This content is password protected. To view it please enter your password below: Password: lang: en_GB Our Accreditations and Certifications...
12/10/2021
Eurofins and WiSA Association partner on Soundsend'
Eurofins are pleased to be working with WiSA , the Wireless Speaker and Audio Association to offer state-of-the-art testing for their award-winning SoundSend ...
27/08/2021
Behind the scenes of an Automation Engineer
Hi! My name is Kevin Vissers and I've been working at Eurofins for six years, of which the last three years as Automation Engineer at one of our clients, KB...
19/08/2021
Behind the scenes of a Senior Test Consultant (UK)
Hi! I am Andrew Taylor, Senior Test Consultant at Eurofins Digital Testing (UK). My first proper' job was as a trainee COBOL Programmer for a major Govern...