November Cyber Bytes - Your Monthly cyber snap shot from Protection Group International.....
We hope you have been enjoying our monthly Cyber Bytes series.
Keep an eye on our social media channels for ongoing news from the world of information security and PGI.
What would we do without the internet while we’re abroad? Whether it’s looking up directions to the next meeting or trying to find the best place to stop for lunch, we’re always connected.
Business travellers can be up against some unique cyber threats, as our devices—smartphones, laptops and tablets—are often the gateways to sensitive business information.
The most common risks
With this in mind, PGI’s Cyber team have put together a list of the key cyber security risks you should be mindful of while travelling:
Unsecured Wi-Fi networks
Prone to being attacked by hackers who can gain access into your devices. If a network does not ask for a password, then do not use it.
Publicly-shared computers
Often not protected with antivirus software. Your browsing history may be visible to the next user and if you’re using a USB drive, your files are in danger of being corrupted; try to avoid using them if possible.
Fake hotspots or Bluetooth connections
Used by hackers to deceive you into connecting your device to a malicious network. Bluetooth connections may expose your username, password, credit card or bank information. It’s important to always verify that the network that you’re connecting to is…
The Bank of England is testing the UK’s ability to withstand a major cyber-attack on financial institutions.
The Bank of England is testing the UK’s ability to withstand a major cyber-attack on financial institutions.
PGI says…
This is not the first time such an exercise has been carried out. It’s designed to test resilience and responsiveness – to look at how the different organisations react and work with each other. It’s also an opportunity to identify weaknesses in processes and documentation, and to remediate those before needing them in anger. This sort of exercise is vital in mitigating the risks to the UK’s financial sector in the event of a large cyber-attack, on one or more of the organisations involved.
Being prepared for the worst, understanding the various interdependencies between internal staff and also third parties, is becoming a critical aspect of an organisation’s preparedness. We live in a world where attacks and breaches will happen (if they haven’t already), so it makes sense to have well thought out plans, and to test them. They ensure that your staff know who is responsible for what, who will be involved in recovering from the incident, and means there will be less confusion and (possibly) panic when an incident happens.
Exercises don’t have to be done on this scale. For example, they can work as a tabletop discussion between teams dealing with a scenario in one small part of an organisation, but plan to run some kind of simulation across the whole business over a year or so.
One really important thing to bear in mind, when carrying out exercises like this is that failure during the test is good. It gives you the opportunity to fix the problem before needing it for real.
Read the full BBC article here
A location-tracking smartwatch worn by thousands of children has proven relatively easy to hack.
PGI says…
This is the latest in a number of related stories, where internet connected toys and games for children have been sold with little or no security. The researchers in this case said it was the easiest hack they’d ever done, which is particularly worrying given that the devices contain GPS to provide an accurate location for the child. Tellingly, the company that makes the devices no longer seems to be available online.
With the festive season coming up, make sure that before buying internet connected devices for children you check to see how secure they are. Look at customer reviews, but also do a more general internet search to find out how secure they are.
Read the full BBC article here
Because we know how important ongoing GDPR compliance is, we have a special Black Friday GDPR Consultancy offer:
Purchase a GDPR Gap Analysis at £1900 and receive Cyber Essentials for free (valued at £250).
Why do you need a Gap Analysis?
If you have managed your GDPR compliance internally, having an external party conduct a Gap Analysis will ensure you haven’t missed anything. Our GDPR experts will review your existing policies, procedures and controls against Regulation Requirements and then provide a detailed maturity level report and recommendations for mitigating gaps.
Check Your Password Security.
This online service allows you to evaluate the strength of your password.
You can use this checker to see how length and characters such as !&@ all help to make your password more secure from malicious hackers.
Remember, don’t enter your actual password, but use one of a similar length and structure.
For more information on the exclusive services Halcyon Super Yacht Security provide click here