Today we take a look back at the blog pieces published over the past few months here at CRIBB Cyber Security. We also dive back into the ones which were most read by you, our loyal followers. Remember, here on theICEway we value your input, and would welcome the opportunity to answer any questions you may have. Simply contact us today quoting ‘CRIBB Q2 2020’, or post a comment below!
April 7th – Interpol V’s Cyber Criminals using Ransomware
A couple of months ago, we were disappointed to learn of an increase in cyber-attacks against organisations within the healthcare industry. In “Critical healthcare institutions targeted by Cyber-criminals”, we looked at Interpol’s Cyber-crime Threat Response team. The main focus was on how they were monitoring the rise in threats and preparing for a response.
The article featured excerpts from a conversation with our very own cyber security expert, Patrick Carolan:
“Interpol have been fairly swift in their response so now it is a question of stemming the attacks. From what I have heard, the cyber-attacks have been carried out through ransomware emails, so those being targeted must ensure that all hardware and software is up to date, with essential files backed up and stored separately away from their main systems.”
Fortunately, there have been fewer such stories in the news since, but cyber security threats continue to multiply, so it is imperative to have robust security policies and frameworks in place – which is where our experts can help. In the meantime, there are numerous steps that can be taken to protect your systems from ransomware:
- Use the latest anti-virus software and secure your email systems
- Use robust password policies
- Open emails / download applications or software from trusted sources only
- Do not click links or open attachments in emails from unknown senders
- Backup important files regularly
- Store important files away from your system (in the cloud, for example)
May 12th – CRIBB & ECSA
Last month, CRIBB’s Patrick Carolan passed the EC-Council Certified Security Analyst v10 theory exam, bolstering the Penetration Testing offering from he and CRIBB Cyber Security (the ECSA is more advanced than programmes enabling you to become a certified ethical hacker).
He was obviously delighted with this result, and the resulting Q&A session was both revealing and entertaining – take this edited excerpt, for example:
“This is quite an achievement then?
“It is but now there is a tougher examination, which requires me to complete a full penetration test on a virtual environment under EC-Council restrictions. My findings must then be documented in an LPT Penetration Report.
“That sounds… fun.
“I think it will be!”
June 2nd – The Supplier Chain & External Threats
The last month of CRIBB Q2 2020 saw another Q&A session with Patrick. This piece looked into the various threats posed by attacks carried out on systems via the access of outside providers or partners.
Another interesting conversation outlined supplier chain attack examples (such as that against Equifax three years ago), whilst also unearthing tips on how to manage third-party risk that included being very thorough when analysing security and privacy policies for existing and potential suppliers.
CRIBB Cyber Security is the governance, certification and data protection arm of theICEway ecosystem of companies. We deploy a ‘Security by design’ approach wherever possible and help clients in healthcare, cruise, travel, and retail in the battle against cyber criminals.
What was your favourite article released by CRIBB Q2 2020?
Glossary
Interpol – The International Criminal Police Organisation enables police co-operation and crime control around the world
Ransomware – Malware that threatens to publish data or block access to it unless a ransom is paid
COVID-19 – A new illness that affects the lungs and airways and is caused by coronavirus
ECSA – EC-Council Certified Security Analyst certification, a programme based around licensed Penetration Tester methodologies and advanced security techniques
Top Tip
Our experts are always focused on cyber resilience. They are constantly looking to improve their own knowledge so that in turn, they can help you with your efforts. Call today to speak with them and take your first steps along theICEway…