CRIBB Q2 2020 Round Up
Today we take a look back at the blog pieces published over the past few months here at CRIBB Cyber Security, diving back into the ones which were most read by you, our loyal followers. Remember, here on theICEway we value your input, and would welcome the opportunity to answer any questions you may have – simply contact us today or post a comment below!
April 7th – Interpol V’s Cyber Criminals using Ransomware
A couple of months ago, with COVID-19 getting into full stride, we were very disappointed to learn of an increase in cyber-attacks against companies and organisations within the healthcare industry. In a piece entitled, “Critical healthcare institutions targeted by Cyber-criminals”, we specifically looked at Interpol’s Cyber-crime Threat Response team and how they were monitoring the rise in threats and preparing for a response.
The article featured excerpts from a conversation with our very own cyber security expert, Patrick Carolan:
“Interpol have been fairly swift in their response so now it is a question of stemming the attacks. From what I have heard, the cyber-attacks have been carried out through ransomware emails, so those being targeted must ensure that all hardware and software is up to date, with essential files backed up and stored separately away from their main systems.”
Fortunately, there have been fewer such stories in the news since, but cyber security threats continue to multiply, so it is imperative to have robust security policies and frameworks in place – which is where our experts can help. In the meantime, there are numerous steps that can be taken to protect your systems from ransomware:
- Use the latest anti-virus software and secure your email systems
- Use robust password policies
- Open emails / download applications or software from trusted sources only
- Do not click links or open attachments in emails from unknown senders
- Backup important files regularly
- Store important files away from your system (in the cloud, for example)
May 12th – CRIBB & ECSA
Last month, CRIBB’s Patrick Carolan passed the EC-Council Certified Security Analyst v10 theory exam, bolstering the Penetration Testing offering from he and CRIBB Cyber Security (the ECSA is more advanced than programmes enabling you to become a certified ethical hacker).
He was obviously delighted with this result, and the resulting Q&A session was both revealing and entertaining – take this edited excerpt, for example:
“This is quite an achievement then?
“It is but now there is a tougher examination, which requires me to complete a full penetration test on a virtual environment under EC-Council restrictions. My findings must then be documented in an LPT Penetration Report.
“That sounds… fun.
“I think it will be!”
June 2nd – The Supplier Chain & External Threats
Another Q&A session with Patrick took place at the start of this month, in a piece that looked into the various threats posed by attacks carried out on systems via the access of outside providers or partners.
Another interesting conversation outlined supplier chain attack examples (such as that against Equifax three years ago), whilst also unearthing tips on how to manage third-party risk that included being very thorough when analysing security and privacy policies for existing and potential suppliers.
CRIBB Cyber Security is the governance, certification and data protection arm of theICEway ecosystem of companies, deploying a ‘Security by design’ approach wherever possible and helping clients in healthcare, cruise, travel, and retail in the battle against cyber criminals.
Interpol – The International Criminal Police Organisation enables police co-operation and crime control around the world
Ransomware – Malware that threatens to publish data or block access to it unless a ransom is paid
COVID-19 – A new illness that affects the lungs and airways and is caused by coronavirus
ECSA – EC-Council Certified Security Analyst certification, a programme based around licensed Penetration Tester methodologies and advanced security techniques
Our experts are always focused on cyber resilience, constantly looking to improve their own knowledge so that in turn, they can help you in your own efforts. Call today to speak with them and take your first steps along theICEway…