Year: 2019

Mergers & Acquisitions – The Cyber Risks

by
Mergers and Acquisitions

Mergers & Acquisitions are a complicated process with many facets of risk to consider of the target business – cyber exposures will be one of these but is the correct degree of attention given to this when a multimillion takeover or acquisition is at stake ?

Why are these risks ignored?

Mergers and acquisitions are a very complicated and time consuming activity for a business. Due diligence is undertaken which will involve many facets of the business under consideration. This will include the financial standing, employee numbers and makeup, market share and future prospects of the organisation.

Cyber risk maybe considered during this process but it is doubtful that any in-depth cyber risk management is carried out which could present problems post acquisition / merger.

What cyber security due diligence should be carried out?

  • Examination of the types of privacy risks of the targeted business that they may encounter in their industry.
  • Obtain detailed knowledge of the computer network and passage of date to include the supply chain and use of cloud providers.
  • How data is is managed and in particularly personal data of customers and intellectual property of the organisation.
  • Review of any contractual indemnities with customers and third parties who may suffer a data breach as a result of a cyber security breach.
  • Obtain details of any previous cyber attacks or compromise of data  with details of subsequent measures put in place to rectify similar incidents and improvements in cyber security.
  • Ensure that GDPR compliance has been achieved together with any other relevant regulatory requirements in other geographical locations.
  • Evidence of any cyber insurance being in place and review of adequacy together with details of claims made under the policy.
  • Review of their incident response and business continuity plans with proof of the testing of these.

The Verizon and Yahoo Merger 

In February 2007 Verizon Communications Inc purchased Yahoo Inc’s for $4.48 billion, but lowered  its original offer by $350 million in view of two significant cyber attacks that hit the internet business.

https://www.reuters.com/article/us-yahoo-m-a-verizon/verizon-yahoo-agree-to-lowered-4-48-billion-deal-following-cyber-attacks-idUSKBN1601EK

The takeover agreement included requirements that Yahoo would be responsible for any subsequently discovered cyber incidents.

Cyber Insurance

The existence of cyber insurance will assist with helping to mitigate the cyber risks associated of a proposed acquisition . Insurers will want to know in-depth details of their cyber risk management processes and procedures and only consider inclusion within an existing policy if these are satisfactory.

Image : Shutterstock

GDPR One Year On – What’s Changed?

by
GDPR

GDPR has been with us now for just over a year – so what has changed during this period?

Businesses are now much more proactive in their approach to cyber security instigating robust systems and procedures to combat the threat of hackers.

http://cyberbrokers.co.uk/gdpr-data-protection-but-not-as-we-know-it/

The ICO have just published a report “GDPR – One Year On” which sets out a review of its first year in operation.

https://ico.org.uk/media/about-the-ico/documents/2614992/gdpr-one-year-on-20190530.pdf

Countering the Cyber Security Threat

The risk of a data breach is also now higher than ever with the changing cyber risk landscape. New ransomware strains and malware are evolving so keeping up to date protections in place is vitally important. GDPR is a clear driver of the approach that the C Suite has to instigate to protect and secure their businesses.

Among the many areas that IT Security has focused upon is back-up which is essential in protecting data. This makes it retrievable in the event of a compromise of data due to a cyber-attack.

Change in Philosophy

GDPR was a long time coming and businesses have struggled to find the resource to put in place processes to achieve compliance. Some were ahead of the game and some struggled to meet the deadline of 25th May 2018.

The philosophy to cyber security has also reached an engagement point where businesses are looking beyond GDPR. Businesses are now seeking cyber security accreditation’s such as ISO27001.

Global Effect

Other countries are also taking note of the impact that GDPR is having and bringing in similar legislation of their own.

For example the California Consumer Privacy Act (CCPA) which comes into force on 1st January next year.This provides consumers with certain rights over their personal data which is held by businesses  and is an obvious parallel with GDPR.

GDPR Fines

Regulators to date have issued in excess of 200.000 fines of which 65,000 were related to data breaches . Fines totalled E56M which includes the E50M levied against Google by the Irish Data Protection Commissioner. In this case new users were inadequately advised how personal data was collected and how this was subsequently used.

The fear of potential fines being issued of up to 4% of global turnover of a business by the regulators has not materialised yet. However from a speech made by Elizabeth Dunham , the U.K. Commissioner of the ICO recently stated in a speech that this may be about to change later in the year. The ICO it is understood have a couple of very large cases that are currently being reviewed.

Both Equifax and Uber have been fined over the past twelve months but this was under previous legislation and not GDPR.

The impact of GDPR  does appear to have improved cyber security standards. We are however waiting to see how regulatory bodies will impose the full force of non-compliance in the event of a cyber-attack that results in a significant data breach.

Image : Shutterstock

Airports : The Importance of Cyber Security

by
Airports

With critical infrastructure now becoming a prime target for hackers airports now need to ensure that they have in place a comprehensive cyber risk management program in place.

http://cyberbrokers.co.uk/the-cyber-threat-critical-infrastructure/

The European Aviation Safety Agency (EASA) has estimated that an average of 1000 cyber attacks occur each month on aviation systems which further demonstrates the threat posed to this sector.

Airports are technology dependent sector on which also makes it attractive for a hacker who is likely to have the intention of causing maximum disruption with many facets of an airport to target.

Whilst a number of computer networks may be segregated such as  navigational guidance, immigration and retail outlets there are many areas that could be targeted.

  • The airports core IT infrastructure
  • Self-check-in desks
  • Automated bag drop off systems
  • Smart operated gates
  • Wi-Fi available within the airport lounges

Cyber-Attacks on Airports

We have see cyber-attacks on airports notably Bristol airport in the U.K. and Atlanta airport in the US both of which occurred last year.

The computer systems of Bristol airport were accessed by a phishing attack whereby an employee clicked  on a link which lead to malware infiltrating  their systems. For a period airport staff had to communicate arrival / departures by using a blackboard as the messages boards were inoperable.

https://www.bbc.co.uk/news/uk-england-bristol-45539841

The wi-fi of Atlanta airport was taken down as a result of a cyber-attack. Flights had to be cancelled causing passenger delays and significant disruption to the airport services.

https://www.ajc.com/business/hartsfield-jackson-takes-down-after-cyber-attack-city/

The Data Breach Threat

High volumes of data are contained within the computer systems of an airport and it therefore important that this protected. This would typically include :

  • Boarding card details of passengers
  • Car parking details
  • Health and Safety information
  • Details of disabled individuals
  • Employee personal details
  • Salary payment details of employees

With GDPR coming into force last year all organisations are legally required to store and protect data up to certain standards.

The NIS Directive

This came into force last year and sets out minimum standards of cyber security that need to be in place for operators of essential services systems (OES) which will be applicable to the aviation sector.

One of the keys in preventing cyber attacks is the developing of cyber resilience within an airport once potential threat vectors have been identified and solutions are in place to manage potential threats.

Image : Shutterstock

Are You Checking In With Hackers?

by
Hackers

Are you checking in with Hackers?

The hotel industry has been a prime target for hackers and this trend is likely to continue. So why are cyber attacks so prevelant within this sector?

Volumes of Data

Hotels hold vast quantities of data through many sources such as through their reservation systems for their customers . This will be personally identifiable information that would consist of names, addresss , e-mail addresses and passport details.

Online Payment Processing

Customers will log-in on a hotel website to make a reservation which will require them to provide debit or credit card details. These details could be compromised in the event of a data breach. Payment transactions can also remain exposed for a while on computer systems which presents further opportunity. In 2017 hotels accounted for 92% of all point of sale intrusions.

WiFi

The wi-fi in some hotels can be relatively insecure if their cyber security processes and procedures are not as robust as they should be. This can also lead to their data being compromised.

Symantec released a report this week which revealed that 67% of hotel websites surveyed leaked customer’s booking data. This was over 1500 hotel websites in 54 countries , this equates to two in three websites data could be used by third party sites such as advertisers.

https://www.symantec.com/blogs/threat-intelligence/hotel-websites-leak-guest-data

Supply Chain

Hotels relies on a supply chain which can include a number of contractors, broking and travel agencies . If there is a vulnerability with one of these it is possible that the hotel may be impacted by this causing business interruption or a data loss.

An Attractive Sector

This sector is a target because of the size of the market and the revenue that is generated each year, this provides opportunists threats for cyber criminals and the proliferation of fraud.

Cyber Attacks on the Hotel Industry

There have been a number of high profile cyber attacks on hotels where hackers have sought to steal data or cause disruption to the business.

Marriot International Hotels 

This is the largest data breach in this sector but also one of the largest in the world.

500 million guests were exposed to this cyber attack which included names and addresses and passport numbers. The attack emanated from the Starwood guest reservation database with who they had recently merged.Starwood themselves had previously experienced a data breach a number of years earlier.

https://www.telegraph.co.uk/technology/2018/11/30/private-data-500-million-marriott-guests-exposed-massive-breach/

Hyatt Hotels Corp

Hackers hit the restaurants front desks and parking facilities at 40% of their hotels situated around the world over a four month period.

It is understood that malware was designed to collect cardholder names, numbers and expiration dates.

Hilton Worldwide

Access was gained via the payment card system but on this occasion their was no evidence that data was stolen. The systems were in fact attack twice , cardholder details were again the main target.

As with all business that rely heavily on business via on-line transactions their cyber risk is very high and it is important that cyber risk management is a central focus to management.

Image : Shutterstock

What is Cryptomining?

by
Cryptomining

So what is Cryptomining ? 

This is an emerging cyber threat to businesses where hackers gain access to cryptocurrencies by utilizing a computers’ processing power .

A recent report by Checkpoint Research revealed that 20% of companies are the subject of cryptoming attacks every week and a leading source of malware attacks.

https://www.checkpoint.com/press/2019/cryptominers-hit-10x-more-organizations-than-ransomware-in-2018-but-only-1-in-5-it-pros-aware-of-infections-shows-check-points-2019-security-report/

How is Cryptomining carried out ?

This involves the use of a computers’ processing power to solve very complexed mathematical equations in order to confirm that cryptocurrency transactions are as they should be. As a sign of reward the cryptocurrency provides a specific amount of the cryptocurrency to the user who has verified the transaction the quickest.

The more computers utilized the quicker that it is possible to mine the cryptocurrency in question, this however does generate an enormous amount of actual processing power and bandwidth which in turn requires a great deal of electricity to facilitate this.

Out of the 21 million bitcoins available, 17 million have already been mined leaving just 4 million.

How do Hackers infiltrate the computer system?

  • Hackers can fool a user to download a cryptomining code to their computer system via a phishing attack normally disguised in an e-mail where a link is innocently clicked upon. This will then be activated so that the code can access the computer.
  • An alternative to this is where a user visits a website that contains a code which operates in the background to mine cryptocurrency.
  • Similarly a user could click on an ad pop up where again it operates without the user knowing whilst the code takes advantage of the processing power of the computer.

The principle concern with cryptomining is that these forms of cyber attacks can go undetected for sometime without the user being aware of what is happening to their computer system.

Proactive Risk Management 

When a cryptomining incident has been discovered it is of course too late to do anything about but measures should be put in place to avert a reoccurrence these can include:-

  • Ensure all computer systems are effectively and regularly patched
  • Make regular back-ups are carried out.
  • Improved training of users so that a potential attack can be identified.
  • Implementation of zero day prevention techniques
  • The cloud is a common threat vector for cryptomining and focus should be given on the latest security protection available.

Cyber Insurance

This form of specialist insurance can provide coverage for cryptomining where a business suffers a financial loss arising from this type of cyber attack. Just as important is the vendor services that this policy provides which includes forensic investigation and the use of legal assistance in managing and mitigating this form of cyber attack. 

 

 Image : Shutterstock

The Six Major Cyber Risks of 2019

by
Cyber Risks

What are the six major cyber risks of 2019 that businesses will need to guard against in the perpetual war against cyber criminals.

The cyberthreat landscape is constantly changing with hackers using ever more sophisticated means to gain unauthorised access to computer systems.This coupled with some of the more established tools utilised by hackers produces a cocktail of cyber attacks vectors that provide the ultimate test to cyber risk management of a busines.

Cyber risks come in many shapes and forms and it is likely that we will see the following featuring throughout the world in the coming days and months.

Supply Chain Vulnerbilities

This is proving to be a very real vulnerability with businesses heavily reliant on their suppliers and contractors for services whether this be for the provision of technology services that are fundamental to the effective functioning of the business.

If one of the suppliers systems are compromised this is likely to result if a significant businesses interruption loss where income will be lost and reputation damaged.

http://cyberbrokers.co.uk/how-secure-is-your-supply-chain/

Mobile Applications

We are are all reliant on our smart phones and laptops and end to end encryption of these is therefore of paramount importance. Confidential information and personal data is in abundance on these devices and a hacker will no doubt target such devices that do not have the appropriate security in place.

With the emergence of 5G this it will become increasingly harder to protect mobile applications.

Phishing Attacks

These are well established methods that hackers use to overcome human vulnerabilities.

This is carried out by e-mail compromise where uses click on a link that leads to malware being spread resulting in crippling the computer system or falsely changing a clients bank details to one set up by a hacker which leads to a loss of funds.

Ransomware Attacks

There have been a number of high profile ransomware attacks namely WannaCry and Non-Petya that impacted many countries around the world. Business affected by these include WPP, Maerck and the National Health Serice in the U.K.

A ransomware attack can be very cleverly disguised with many means available to gain access to a computer network. Over the past twelve months ransomware attacks have declined but they still remain a very real threat with different strains of malware emerging. This will only increase and make detection harder awareness of new methods and defense of these will therefore be vitally important to mitigate this on-going threat.

The Morrison’s Effect

As a result of a Morrison’s employee stealing salary details and distributing these to a number of newspapers Morrisons were sued for damages by a number of the affected individuals.

As a result of this it was found after appeal that Morrison’s were vicariously liable for the employees’ actions. The court also stated that the affected individuals could claim for financial loss and emotional distress. It is therefore conceivable that this could open the flood gates for class actions against other such businesses in similar circumstances.

https://www.bbc.co.uk/news/business-45943735

Artificial Intelligence and Internet of Things

Artificial Intelligence (AI) is now developing at an alarming pace as businesses recognized the benefits that machine learning can bring such as increased efficiency in manufacturing and data analysis. this however brings increased cyber risks. It is possible for inter-connectivity to take place which leads to communication with other devices called the Internet of Things (IOT) the result of which can lead to a compromise of systems , loss of data or even physical damage.

Cyber attacks backed by AI would be far greater than a conventional human lead cyber attack causing more damage for longer periods. This is a new emerging cyber threat but it could be one of the most dangerous and damaging as cyber security has not kept pace with the ensuing risks.

Cyber attacks will undoubtably become more sophisticated with the cyber risk landscape becoming more unpredictable and difficult to assess the threat vectors that develop.

Image : Shutterstock