In recent weeks, business continuity has been tested in a manner almost unthinkable in weeks prior. As governments continue to restrict the social and professional interactions of their citizens, companies have been forced, often at great speed and cost, to configure for digital working environments. This presents many more hacking opportunities and creates more vulnerabilities than companies normally manage while employees are at their desks.
At Dryad Global we are very fortunate to have a foundation configured around secure and remote working so as to make full use of a global network of employees and sources. We are also fortunate to partner with world leading Cyber Threat Intelligence specialist, Red Sky Alliance, that allow us to ensure maximum security for our networks and employees.
Unfortunately, for a large number of businesses and individuals this ‘new reality’ has caught many unprepared and as such this period of uncertainty has led to significantly increased risks for which many are unprepared.
We believe that this new reality is not a short term matter; in the UK for instance it is expected that the immediate restrictions will last until October followed by a further 18 months of similar restrictions in place for 2/3 of the time. Whilst it remains impossible to predict the length of time disruption to normal working practises will continue for, it is prudent to ensure that digital office spaces are sustainable and configured for the long term. It is vital that within this, every precaution is taken to secure vulnerable systems and ensure that procedures are as robust as can be.
How much revenue can you afford to lose?
One of the tools that will be taken advantage of by many industries including global shipping, trading and transportation, is teleconferencing software. This includes but is not limited to GoToMeeting, Zoom, Teams, and others. While teleconferencing technology is excellent for remote communications and operations, it presents risks that may not exist when all employees are working in the office.
Recently the teleconferencing technology Zoom was found vulnerable to an exploit which allows attackers to forcibly join meetings, and even activate the webcam (CVE-2019-13450). With the increase in traffic through these types of virtual meeting applications, there will likely be an increase in vulnerable users. Meetings that would normally take place in person are now open to online exposure.
Often enterprise networks have protections such as firewalls, data leak prevention, and scheduled software updates. Employees using their home networks, typically do not have these same protections. If an at home employee experiences a cyber-attack all of their personal credentials could be dumped online, or they may connect to a key-logged web portal, and it all could end up on the Internet. This stolen personal data is “in the wild” and will rarely show up on enterprise network intrusion detection systems. Companies need to be monitoring the web for exposed credentials which may significantly affect the company’s security now, and in later cyber-attacks.
Another aspect of working remote, as compared to normal office operations, is that phishing emails are easier to send when an employee may not as easily follow up with the “sender” not being in person. Threat Recon data available through the Red Sky Alliance RedXRay platform, allows companies to monitor project names, domains, mail server IP’s, and more to check for phishing emails that may not show up on enterprise mail filters.
With COVID-19, our trusted Cyber Security partners, Red Sky Alliance have observed numerous phishing attempts, with one recent example being a “MAERSK shipping notice on Corona Virus Impact”.
Another threat that is exacerbated by the digital office space is the insider threat. Many companies have policies and procedures that would prevent an employee from leaking sensitive, controlled, or proprietary information. Yet again, many employers do not have this protection when employees are working from home and not using their enterprise networks. Sites such as Pastebin are a common place for not only black hat hackers, but insider threat employees who may be tempted to expose valuable company information, due to a high probability they will not be discovered. Red Sky Alliance continue to observe malicious operations on Pastebin and companies now have to deal with a higher risk of sensitive information being leaked on these types of websites.
The International shipping industry is responsible for the carriage of around 90% of world trade and is the root for most global supply chains. This might explain why maritime supply chains are among the most targeted by cyber criminals. Transportation & Logistics and Oil and Gas companies especially have been on the receiving end of many of these attacks. With a typical organization losing 5% revenue due to fraud, the potential for losses across the maritime supply chain is daunting.
It is clear from the significant monitoring power provided by the Red Sky Alliance, RedXRay platform that a number of Cyber Crime networks are intending to focus their efforts on the Maritime domain and new vulnerabilities presented by rapidly constructed digital solutions.
Protect revenue and business with layered defence
Traditional models of defence including Firewalls and hardware have been particularly effective in notifying companies of an attack that has either occurred or is underway. However, as the digital arms race evolves, companies are increasingly required to focus their efforts upstream of an attack. This often involves costly headcount in the form of Cyber Threat Intelligence analysts, or the dual-rolling of valuable key Cyber Security staff to ensure that future threats are clearly identified.
Our trusted partners at Red Sky Alliance, through their RedXRay system provide full and comprehensive monitoring of all future threats to your organisation. This is done by focusing their monitoring on the areas in which Cyber Criminals and the future attack methodologies are located: the Dark Web. The RedXRay system offers a threat monitoring dashboard that is configured to monitor threats bespoke to your organisation.
To date, some of the largest corporations in the world use this tool to enhance their understanding of the specific threats faced to their business. RedXRay; is widely seen as the market leading service that allows your organisation to keep ahead of the threat by looking upstream. This tool is an extremely cost-effective solution and when compared with the costs and consequences of Cyber Crime induced losses this tool presents a highly effective mitigation.