Modern Threats
A brief description of some of today’s most prevalent and dangerous cyber security threats
Cyber-crime Criminal activities carried
out by means of technology, that is not only limited to computers and the internet
Smart home technology New technology that is connecting homes, via means of automation that poses a new threat to reputation and privacy
Ransomware
A form of malware whereby data is held to ransom
Social engineering A form of cyber-attack that involves the specific targeting of an individual
Phishing
A form of social engineering attack whereby a legitimate looking email scam is sent
Intelligence databases Holdings of publicly available data on organisations and individuals that can be used to inform a social engineering and/or phishing campaign
What is important is that the
incident-response plan is bespoke
Response plans should not be overly
prescriptive, with the real value coming from getting individuals ready and rehearsing so that they know how to respond. Also, says Magnus Boyd, another
Schillings partner, these response plans will vary from organisation to organisation. “There are fixed things that need to be
reported, but while in one organisation it might be appropriate for the in-house lawyer or general counsel to coordinate the response, somewhere else it might be the communications person,” he says. “We go into an organisation and look at
various factors … What is important is that the incident-response plan is bespoke.” One issue cyber-attack victims may face is
how to respond to a ransomware attack. If the data is worth more than the
ransom, paying up may be the better option, although there are important caveats to this. If handled incorrectly, a payment may
lead to a demand for more money, or the individual demanding payment may not have the decryption tools to allow the victim to regain access to their information. The process of trying to decrypt data
can provide useful intelligence. It may indicate whether the cyber criminals have a serious, sophisticated operation or are less experienced. This, in turn, may determine whether it is worth paying a ransom. While conceding it may seem a harsh
statement to make, Stillig points out that an organisation that has to consider paying a ransom demand “has done everything wrong”. It should never have let itself get into this position.
“All you need to mitigate a ransomware
attack is to have a decent back up of your data,” he says. The cost of dealing with a data breach is
always likely to be greater than the cost of putting in place measures to prevent such a breach, he says. When the real cost of a data breach is
factored in—like clients whose data has been leaked not returning—the difference is even more stark. “It may be a very small data breach, but
as soon as you inform your clients, they may decide to take their business elsewhere, for good,” says Stillig. “It is not so much about the immediate
investment in new hardware—that is peanuts. It is what happens afterwards.” As Boyd puts it, for most single family or
multi family offices, a loss of data “will be an existential threat”. “You have got to appreciate the value of
information and the consequences if it is lost,” he says.
46
CAMPDENFB.COM
ISSUE 72 | 2018
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54 |
Page 55 |
Page 56 |
Page 57 |
Page 58 |
Page 59 |
Page 60 |
Page 61 |
Page 62 |
Page 63 |
Page 64 |
Page 65 |
Page 66 |
Page 67 |
Page 68 |
Page 69 |
Page 70 |
Page 71 |
Page 72 |
Page 73 |
Page 74 |
Page 75 |
Page 76 |
Page 77 |
Page 78 |
Page 79 |
Page 80 |
Page 81 |
Page 82 |
Page 83 |
Page 84 |
Page 85 |
Page 86 |
Page 87 |
Page 88