• Fortnite: Battle Royale

    Fortnite: Battle Royale has received a considerable amount of media coverage recently due to growing popularity amongst children – and also emerging safety concerns. The NSPCC have pulled together some information about the game and how to keep your children safe while playing it.

  • Joint US - UK statement on malicious cyber activity carried out by Russian government

    The NCSC, FBI and DHS have issued a joint Technical Alert about malicious cyber activity carried out by the Russian Government.

  • National Lottery customers warned to change passwords

    Camelot, the operator of the National Lottery, has asked all customers to change their passwords as a precaution, following a "low level" cyberattack that affected some 150 accounts.

  • NCSC Cyber Security - Small Business Guide

    Cyber security can feel like a daunting challenge for many small business owners. But it needn’t be. Following the five quick and easy steps outlined in the guide below could save time, money and even your business’ reputation.

  • The Little Book of Cyber Scams

    The Eastern Region Special Operations Unit (ERSOU), Eastern ROCU, are pleased to present you with our 'Little Book of Cyber Scams', reproduced with kind permission of the Falcon Protect team at the Metropolitan Police.

 

Cyber security basics.

Fri 22nd, Sep


Just a few handy things to know about cyber security.

What is cyber security?

Cyber security consists of technologies, processes and measures that are designed to protect systems, networks and data from cyber crimes. Effective cyber security reduces the risk of a cyber attack and protects entities, organisations and individuals from the deliberate exploitation of systems, networks and technologies.

What are the consequences of a cyber attack?

A cyber attack is usually intended to inflict damage or expropriate information from an individual, organisation or public entity, for the purpose of theft (of payment card data, customer details, company secrets or intellectual property), unauthorised access to networks, compromise of official records or financial and/or reputational damage.

Why are cyber crimes increasing?

1: Cyber criminals are indiscriminate. Where there is a weakness, they will try to exploit it. Due to the massive financial gains being made, cyber crime has become a multibillion pound industry.

2: Cyber crimes are constantly evolving. Cyber attacks are becoming more complex and organisations are struggling to keep up with the pace of change.

3: Cyber attacks come in various forms and are designed to not only target technological weaknesses (for instance, outdated software) but also exploit people (for instance, uninformed employees who click on malicious links) and a lack of effective organisational processes and procedures.

Cyber criminals use a variety of malware and vectors to attack their targets. Malware is a type of software designed to allow criminals to achieve their objectives, and can be categorised as follows:

Ransomware - is a type of malicious program that demands payment after launching a cyber attack on a computer system. This type of malware has become increasingly popular among criminals and costs organisations millions each year.

Viruses - A virus is a small piece of code that can replicate itself and spread from one computer to another by attaching itself to another computer file.

Worms - Worms are self-replicating and do not require a program to attach themselves to. Worms continually look for vulnerabilities and report back to the worm author when weaknesses are discovered.

Spyware/adware - can be installed on your computer when you open attachments, click on links or download infected software.

Trojans - A Trojan virus is a program that appears to perform one function (for example, virus removal) but actually performs malicious activity when executed.

Attack vectors - There are also a number of attack vectors available to cyber criminals that allow them to infect computers with malware or harvest stolen data, such as:

Social engineering – An exploitation of an individual’s weakness, achieved by making them click malicious links, or by physically gaining access to a computer through deception. Phishing and pharming are examples of social engineering.

Phishing – An attempt to acquire users’ information by masquerading as a legitimate entity.

Pharming – An attack to redirect a website’s traffic to a different, fake website, where the individual’s information is then compromised.

Drive-by – Opportunistic attacks against specific weaknesses within a system.

Man in the middle (MITM) – An attack where a middleman impersonates each endpoint and is able to manipulate both victims.

.

Previous Newsletters