Plain English Cyber in 3 articles, 2 numbers and 1 action.
This week: Police warn SMEs about the increasing threat of ransomware, an Amazon security director reminds us to check the basics, and it hasn’t been a good week for Apple.
This week’s action: Keep up-to-date on software updates my subscribing to my alert list.
If you’d prefer to listen to Cyber 3-2-1: This week’s episode is accessible from https://www.codeinmotion.ie/podcast or wherever you get your podcasts.
1: Police warn SMEs about the increasing threat of ransomware
What? Cyber Ireland recently reported that the “National Cyber Security Centre (NCSC) and the Garda National Cyber Crime Bureau (GNCCB) have warned business owners of an increased threat of ransomware. In a letter sent to Ibec’s Small Firms Association, the NCSC and GNCCB noted that they had observed a ‘a trend of small and medium-sized businesses being increasingly targeted by ransomware groups’. Referring to the advice, Richard Browne, Director of the NCSC, said ‘Whilst we appreciate that many business owners are understandably nervous of the threat ransomware poses, there are some straightforward security measures that can be put in place to ensure that an organisations data and systems remain secure’.”
So what? Cyber attackers know that larger firms probably have the resources (money; people; in-house expertise) to defend against the most common attacks, so they are moving their attention to easier prey – SMEs who do not know about the basic measures that can be put in place to defend themselves. Go here to read about the basics. I’m here if you need help.
2: Amazon security director reminds us about the basics
What? In a recent interview with Adrian Weckler of the Irish Independent, Mark Ryland (Amazon Web Services’ Chief Information Security Officer is quoted as saying “People often want to talk about exciting, emerging threat landscapes. But how about we start with security basics? How are they doing there? Like patching? How are they doing with training people not to click on phishing links? Generally, people don’t do a great job with the basic stuff.”
So what? The basics are your foundation. Without a strong foundation, all that expensive security infrastructure that you’ve built on top doesn’t really matter. Go here to read about the basics.
3: Not a good week for Apple
What? Apple has recently released updates for its iPhones, iPads and Mac (MacOS) devices to address an actively-exploited vulnerability that could enable a bad guy to take full control of an Apple device. Zoom also released a patch for MacOS which could provide an attacker with similar access.
So what? Keeping all software up-to-date is a basic security requirement. The rules aren’t any different for Apple devices. If you have an Apple device, install these updates as soon as possible: Upgrade to iOS version 15.6.1 of iOS on your iPhone / iPad and MacOS version 12.5.1 on your Mac devices. If you use Zoom, you need to force the Zoom app to keep checking for updates until it gets itself to at least version 5.11.6.
Read more: Apple vulnerability is discussed at https://www.theguardian.com/technology/2022/aug/18/apple-security-flaw-hack-iphone-ipad-macs; Zoom vulnerability is discussed at https://www.theguardian.com/technology/2022/aug/16/users-of-zoom-on-macs-told-to-update-app-as-company-issues-security-fix
1: $190 million
What? Capital One, a US bank, has agreed to pay $190 million to customers impacted by a data breach that victims claim could have been prevented if the company had implemented reasonable security measures.
So what? The lack of ‘reasonable security measures’ is the basis for many legal cases. What constitutes ‘reasonable’ may be tough to nail down, but there’s plenty of guidance and frameworks out there to help you – To name just a few – CIS Controls; NIST CSF; ISO 27001. If you’re starting out, start with my basics.
What? 140,000 payment terminals operated by Wiseasy, a popular Android-based payment terminal manufacturer, were accessible to cyber attackers after the password of at least one ‘admin’ account was obtained by an attacker. This admin account provided attackers with the ability to lock each terminal or remove or install apps onto the device.
So what? The issue would have been avoided if this admin account had been protected with multi-factor authentication (MFA). MFA is a basic security measure, it’s usually free and easy to implement, and it is one of the most effective security measures that you can implement. Sometimes, it’s the simple things that are the most effective things.
Read more: https://www.teiss.co.uk/news/news/hackers-accessed-over-140000-payment-terminals-using-stolen-wiseasy-passwords-10549 (free registration required)
1: Keep up-to-date on software updates.
What? I frequently talk about the need to keep all of your software up-to-date. Many attacks succeed because they take advantage of a security vulnerability that was fixed by the software provider many weeks or months before, but which the victim had not yet installed.
So what? I am going to go one step further, assuming enough people think it would be useful. I will maintain a list of the most common applications (e.g. Windows, MacOS, iOS, Android, Adobe, Microsoft Edge, Mozilla Firefox, Google Chrome, Zoom) and the latest version that you should be running for each. On at least a monthly basis (and whenever a major alert is issued by a software provider), I will send you an email containing the most up-to-date information. To receive these emails, you can sign up here.