5 Reasons to Choose Seccom Global’s Managed Security Solutions

5 Reasons: Managed Security Solutions

Today’s Information Technology world is completely different than it was even 10 years ago. This can create a big headache for a company that hasn’t re-evaluated its IT security services for a few years. Technology is much more complex and more difficult to run & maintain than it used to be; rather than trying to address all the issues in-house, many businesses are now exploring the option of using managed security solutions.

Here are 5 reasons for Australian companies to consider Seccom Global’s managed security solutions if they’re looking to revamp their level of online security:

1 – Agile – Able to respond quicker than “the big boys” for a higher level of service

This is a primary reason to partner with Seccom Global. We have the ability to provide IT and Information Security Services (ISS) and are able to build out, assist with, and / or support the systems we install with ease and efficiency. Seccom Global provides a very high level of service for our clients’ investment with system-centric solutions for business networks. One of Seccom Global’s most unique features that sets us apart from the competition is our ability to be agile and quick to respond when our clients require our assistance.

2 – Customised Solutions – Not a “one size fits all” model

A successful cyber security company’s speed and agility comes from the systems they put in place and maintain for a business. They are able to customise a solution that meets the needs of the customer without introducing too much overhead. The supplier will be able to determine which features will help a client based on their specific needs, and which features will hinder their operations.

3 – Industry-Recognised Leader – #1 Managed Security Service Provider

Recognised as a leader in the field of Managed Security Service Providers (MSSPs) in Australia, Seccom has participated in such events as the On-line Retailer Conference and the e-Commerce Expo to assist retailers in maintaining digital security. Our presence and leadership at these events has helped strengthen Seccom’s position in the marketplace.

4 – Wide Range of Solutions – Able to meet almost any network security need

Seccom Global provides an extensive list of managed security solutions for clients who want to customise the network services being implemented for their business. Some of our managed network solutions include: managed firewalls and secure Internet connectivity, cloud-based virtual servers and hosting, disaster recovery and back-up services, design of wireless networks, SIEM security, IP telephony design, auditing and consulting, migration and technical support, and more.

The team at Seccom Global are experts in fitting all of these services together into a cohesive managed service that provides exactly what a business needs to move forward.

5 – Trusted by Reputable Companies

Seccom Global is the managed security provider for some of the top business brands in Australia, including Toyota, Breville, the RSPCA, LJ Hooker, the Australian Red Cross, and the Sydney Opera House. These companies trust Seccom Global to ensure their network security needs – and their brand – are protected against security threats.

They also look to Seccom Global for excellent customer support to keep their systems up and running without interruption. Seccom Global will continue to lead in the managed security space with their unique approach, fresh thinking and strong focus on customer service.

Contact Seccom Global about Managed Security Services Today

If you have questions about your organisation’s network security needs, or would like to find out more about Seccom Global’s managed security solutions, why not contact us today on +612 9688 9633 to start the conversation.

Loading...
Play Button Play Button

Arm yourself against CryptoLocker, CryptoWall ransomware with data backup

Malicious software can spread like wildfire on the Internet and encrypt your organisation’s files; unless you pay a ransom. But you can thwart these cyber crooks by having your data backed up at an off-site location.

 

CryptoLocker, CryptoWall, can take over your data before you know it

A nonprofit organisation had been in for an unpleasant surprise after 75 gigabytes of its data had been encrypted– all in just 55 minutes. A ransomware known as “CryptoWall version 2.0” had infiltrated one of its administration workstations unknowingly. Seven servers were at risk of loss, unless they paid a ransom of $500 to get the decryption key. Though the organisation had its backups, it would take days before a full system restore could be completed. Therefore, the organisation opted to pay the price in bitcoin. When the group got the decryption tool, it cost another 18 hours before all 75GB of data were restored.

It’s likely this could happen to your business, but there are steps that you can take to prevent it. But before you do, you need to know what you are up against. A malicious software identified as Troj/Ransom-ACP can take your data captive unless you pay money for it to be restored.

One such malware of this kind is the CryptoLocker, which is classified as a Trojan horse because it can penetrate computer systems undetected. It can enter your computer through email attachments or botnet, which attacks when your system has already been compromised with malware. Once it is inside, the CryptoLocker encrypts document files on your Hard Disks, shared networks and Cloud networks. It then connects to a public server that will yield a public-private key that will decrypt your files. The part of the public code will be sent to your computer, but the hackers that operate the malware will keep the private key. They will only provide it to you in exchange for a ransom, which can be paid in bitcoin or MoneyPak. These cyber crooks also install a clock on the desktop counting down to 72 hours as the time limit. Threatening you to pay within the prescribed time, if you do not agree to their terms they often destroy the key, causing the permanent loss of your files.

The perpetrators behind Cryptolocker and even another type of malware had been taken down in late May of 2014. Moreover, researchers from FireEye and Fox-IT had also been able to get a hold of the private decryption keys used in the Cryptolocker scheme, and help victims restore their files.

But unfortunately it did not end there. After CryptoLocker, a malware of the same strand emerged, known as CryptoWall 2.0. It is known to attack computers through infected online advertising channels on trusted websites. Hackers embed the malware on ads so that they can infiltrate the computers of users even if they have not clicked on anything. Meanwhile, the malware goes past the nose of advertisers due to the rigorous stages of the advertising process. These malvertising campaigns can be seen on websites such as Yahoo, The Atlantic and AOL.

The malicious software looks for a point of weakness in the user’s Flash player and other browser plug-ins, and stages its attack. Aside from this, CryptoWall also uses botnet to send infected email attachments that expand its capacity to infect computers. Unlike CryptoLocker, this malware only encrypts audio and video files, and it takes ransom payments in Bitcoin currency only.

To make matters worse, both CryptoLocker and CryptoWall have undergone developments to make them more destructive. Cryptolocker has evolved from a Trojan horse into a worm, allowing it to replicate itself. The malware can now spread through removable drives, and it could disguise itself as an activator for programs like Adobe Photoshop and Microsoft Office on file-sharing sites. On the other hand, CryptoWall has shifted from the HTTP network to TOR, which makes it more difficult for researchers to track it down.

CryptoLocker has been able to strike over 20,000 computers in Australia, leading some of the victims to pay the ransom. The cyber crooks behind this have become savvier now, posing as legitimate sources like Australia Post and the Australian Tax Office to make people open emails with infected attachments.  In fact, the ABC had to go off the air for 30 minutes due to an invasion of ransomware. This prompted ABC to transfer its broadcasting operations from Sydney to Melbourne. The staff of the news agency was deceived with fake emails from Australia Post.

With reports on these types of ransomware, it may seem like there is no way to escape their attacks. But there is always a way out. All it takes is a bit of vigilance, and backing up your data to protect yourself from these destructive software and those behind it.

So what can you do?

Since these types of malware attack your computer systems unknowingly, the best way to thwart their schemes is to implement a periodic backup of data. You should also have an alternate storage of information off-site, to further prevent invasion. This means using storage devices that are offline or simply those that are not hooked up to your computer. Your backup should have three copies for maximum security. Good candidates for offline storage devices include USB external hard drives or DVD recordable disks for data that do not need frequent updates.

You can also ensure a secure back up as well as recovery for your data through SecureDR. This solution offers off-site and real-time backup for your information depending on the level of protection that you need.Your server can be stored at a local SecureDR appliance, or your data can be duplicated at the company’s Data Centres. In this way, you can insure your business from costly loss of vital files and discourage these crooks from making money off your establishment. You may also ramp up security by minimising browser plugins and providing security trainings for your staff so that they will recognise potential malware in your system.

With the proliferation of these malware, there’s nothing wrong with taking a multi-faceted approach to data security and protection. Certainly, you will not want to abet these criminals in their schemes. Through these measures, you are able to stay one step ahead of these crooks while keeping your business safe and sound.

Fortinet Global Security Survey Report 2014

For the third consecutive year, Fortinet has commissioned an independent survey to get a view on the challenges enterprise IT leaders are facing in protecting their organizations from the unpredictable and increasingly problematic challenges of cyber attack, data theft and other IT security concerns.

Independent market research company Lightspeed GMI polled in August 1,610 qualified IT decision makers (ITDMs) including CIOs, CTOs, IT Directors and Heads of IT working at large organizations (500+ employees) from 15 countries around the world.

The objective of the survey we undertook this year was to explore the current perceptions of IT leaders about the challenge of IT security and the changing dynamics within large organizations driven by emerging technologies, increasingly complex and frequent threats, and the impact of security on IT innovation.

Click the button below to obtain the survey report for you to leverage. Highlights include: the increasing boardroom pressure for IT security; the greater difficulty in securing the enterprise and the compromise between security and innovation; spending plans to address Data Privacy & Big Data security; and ITDM’s attitude towards Managed Security Services.

 

 

I Spy: German malware Finfisher infects devices without being detected

malware infects devices

A German malware known as Finfisher can infiltrate devices without being noticed, WikiLeaks revealed. The exposé hopes to encourage development of better detection systems to stop this kind of intrusion in its tracks.

Evasive malware Finfisher brought out into the open

Whether you like it or not, privacy will now be a fleeting concept in our increasingly-connected world. As technologies become more sophisticated, it is becoming easier to infiltrate computers and mobile devices to access personal files. From private persons to corporate entities, anyone can be hacked. Fortunately, there are means to fight off hackers and computer hackers, but first they have to be detected so that developers can provide the right solution. One such recent attention-grabbing issue is the Finfisher spyware suite  from Germany-based unit of Gamma International. The malicious software can intercept communications from computers and mobile devices from a remote location. It canswipe your keystrokes, peer at your Skype messages and even watch you through your webcam –all without you knowing it! This software can also take a glance at your email messages, chat conversations and turn on your microphone to listen and record your conversations.

Wikileaks exposed that the “weaponised malware” developer sold Finfisher to regimes with poor track records on human rights. The company denies this, saying that it only does business with reputable law enforcement agencies.  Thanks to a hacker that goes by the name of “Phineas Fisher,” the whistle-blowing website had been able to obtain documents identifying the list of countries that bought Finfisher. This list includes: Australia, Bahrain, Bangladesh, Belgium, Bosnia-Herzegovina, Estonia, Hungary, Italy, Mongolia, Nigeria, Netherlands, Pakistan, Singapore, Slovakia, Qatar, South Africa and Vietnam.

The software has been deemed as a tool that allows governments to spy on dissidents, journalists and human rights activists when it was discovered in Egypt back in 2011. Two human rights protesters were able to unearth documents showing that the government’s State Security Investigations service had purchased the software, to breach the email accounts of purported activists.

Finfisher is perfectly capable of bypassing the security systems of OS X, Windows and Linux computers, and is able to penetrate mobile devices using Android, iOS, Blackberry, Symbian and Windows Mobile systems. This basically allows it to infiltrate most of the world’s computers and mobile devices. Fortunately, Wikileaks also released copies of the spyware tool to enable researchers to track down its control nodes and develop better detection systems. This includes the FinFisher Relay, FinSpyProxy, the FinFisherFinSpyPC spyware for Windows and a copy of the code for FinSpy Master.

Among the uncovered patrons of Finfisher is the New South Wales Police Force. This was evidenced through the agency’s support requests and an alleged support ticket for an OS X operating system. The NSW Police purportedly had problems with FinSpy when it was trying to penetrate a Mac computer of a “surveillance target” that was offline. The agency, however, refused to comment when asked regarding the issue.

How Finfisher stealthily takes over your gadgets

The FinFisher Relay and FinSpy Proxy from Finfisher, are capable of surreptitiously gathering data from targeted people and easily deliver these to security agencies.  FinSpy, in particular can take over systems remotely. It can gather data from prospects even if they constantly change their location around the world and encrypt their communication channels.  Before using FinSpy, surveillance agencies will need to purchase licenses from Finfisher because the information they need goes through the servers of the company, before being sent to the agency groups.

Other offerings from Finfisher include the FinFly USB, FinIntrusion Kit and FinUSB suite. With the FinFly USB, security agents with no formal training in IT can obtain data by physically inserting the USB stick into the target’s computer. Then, the device installs the configured software into the system automatically. It can be used to run the same procedure on other several systems as well.

Meanwhile, the FinIntrusion Kit functions as a portable pack containing all the IT devices used for offensive and defensive covert operations.  Along with the malware, this comes with adapters and antennas needed for the undertaking. The FinUSB suite allows surveillance agencies to gather forensic information instantly from computer systems. It comes with ten USB sticks, which are already configured to search for specific data. The devices can also be used to decode and analyse information. Aside from the USB dongles, the package also offers a headquarter notebook.

Teamwork of various sectors can take down Finfisher

Thanks to the exposé of Wikileaks, the public now has knowledge on the capability of Finfisher. The copies of the Finfisher suite and the Finfisher Fin Spy for PC will allow researchers and developers to create the appropriate solution that would detect their invasion. Eventually, they can be eliminated from computer systems, and keep themsecure.

However, users of computers and mobile devices also need to keep an eye out for any unusual activity coming from their gadgets, just as what Bahraini activist Mohammad “Moosa” Abd-Ali Ali had done. The phantom Facebook messages sent from his device alerted him to the presence of Finfisher on his computer. Following this, civil liberties group Privacy International filed a complaint against UK-based Gamma International, on the behalf of Moosa and two others. The High Court also expressed discouragement over the sale of the spyware; and commended pressure groups for taking action against it.

To fight off Finfisher, the public, private and civil society sectors need to team up and address its invasion of computer systems. Like a domino effect, the actions of Phineas Fisher and Wikileaks have set off a wave of opportunities for different sectors to eliminate Finfisher.This multi-faceted approach can ensure that people can be protected from this malicious spyware.

Why a Managed IP Telephony Services is the efficient, secure solution for your business

managed IP telephony services

IP Telephony services enable businesses to streamline and reduce communication costs as compared to the traditional landline telephone system. With a managed IP Telephony service, enterprises can ensure reliable systems, without compromising security.

Better communication without the cost

The Internet age has put almost everything within arm’s reach with only the help of a computer, or a mobile device with a reliable connection to the web. This development even includes telephone calls. What was once the realm of the traditional, public switched telephone network (PSTN) can now be done through Internet telephony or an IP telephone system. This system refers to the technology that supports various real-time communication applications over IP, which include instant messaging and videoconferencing. It also covers the two-way transmission of voice over the Internet, or VoIP.

Developments on IP telephony in the 1990s made it a viable alternative for the traditional landline telephone system, particularly because of its much lower digital requirement when transmitting calls without sacrificing voice quality. It also reduces the cost of international calls as compared to making them via regular telephones, without raising any additional fees for Internet access.

Since the IP telephony system proves to be cost-effective, businesses are getting on board with it, and IP telephony services have emerged as one of the top choices for collaboration technology for several information technology executives. VoIP technology is also being seen as convenient for businesses because some service providers include phones and adapters as part of the contract, and applications could be configured for laptops and mobile devices. Meanwhile, cloud-based IP telephony services enable businesses to enjoy mobility in managing their businesses from different parts of the globe with only the requirement of a reliable Internet connection.

With these advantages, an IP telephony system can easily be considereda worthy investment for companies. It allows enterprises to streamline communications, and in turn, improve their operations. It may even allow them to explore unchartered waters, expand their business and achieve growth in the long run.

Efficient service without compromising security

The use of IP telephony service for enterprises may entail consolidating the IP and telephone services network of a certain company. When IP telephony was in infancy, the IP and the telephone services were on separate networks, with service providers having a background on installing traditional, analogue telephone services. Nowadays, the combination of the IP and telephone services on a single network could compromise an organisation’s information security.

Unlike other providers, Seccom Global incorporates security in its offering of IP telephony service system for companies. It has years of experience providing connectivity and Internet security for several organisations in Australia. This has made Seccom Global a leader when it comes to the field of information and cyber security. Nevertheless, its security services will not in any way impede the quality of IP telephony service provided to various types of enterprises.

A well-maintained system that addresses changing needs              

For an efficient and a reliable IP telephony system, regular maintenance and upgrades must be performed. This can only be carried out by professionals who keep abreast with developments to the technology, and not those who are still left in the dark.  A managed IP telephony service typically means that the design and installation of an enterprise IP telephony system is done by professionals who have adequate skills to ensure that the technology achieves maximum performance. These people are part of the service offered by the provider, and not sourced in-house. They are capable of managing the IP telephony system remote and on-site, round-the-clock to address arising issues promptly and meet the company’s expectations.

The managed IP telephony service offered by Seccom Global ensures that the company’s devices undergo regular updates, to maintain efficiency and protect them from cyber attacks. Furthermore, we can also extend help to organisations planning to build an IPtelephony solution that would be implemented on different platforms to address their needs in the present and in the future.

By having a managed IP telephony service in place, companies can have a system that undergoes regular upkeepwithout having to invest on an in-house team to implement this task. Enterprises would be able to take off their concerns over their technological infrastructure, and focus more on their customers and on growing their business.

More than a dot on a grid – Gartner’s Magic Quadrant

In case you missed it, the 2014 Gartner Magic Quadrant for Unified Threat Management is out. This is something that Fortinet are very proud of and because of its significance; however it is worth calling out a few points relating to this report.

Qualification

– For starters, I think it’s worth calling out that every vendor listed in a Magic Quadrant deserves recognition and reward. It is no easy task, nor is it a trivial manner just to qualify for an MQ, and for this reason, placement in ANY quadrant position – Leader, Challenger, Visionary and Niche – deserves merit. Qualification alone is a testament to a company’s vision and ability to execute in today’s hyper-competitive security market.

Clarification

– Over the past few years, there has been a lot of marketing hype and confusion about the term, “next-generation firewall” or NGFW for short. Let’s be clear about this… a NGFW is nothing more than a firewall with integrated IPS, Application Control and web filtering. Great stuff to be sure, but far less powerful than a UTM. A UTM does NGFW capabilities and more! In fact, Gartner says this in the report:

UTM products must continually add new functions and therefore encompass the feature set of many other network security solutions, including next-generation firewall, secure Web gateway and secure email gateway.

As you can see, a UTM includes next-generation firewalling capabilities. So, the real question you should ask is whether you need a limited functioning firewall, like an NGFW, or a complete and comprehensive firewall, like a UTM?

Performance

– Yes, it is true… performance matters. Especially with a UTM, performance is, and historically has been, the Achilles heel. It’s a well known fact that as more and more security features are enabled, performance degrades. This is why it is critical to utilize independent, 3rd party tests, such as NSS Labs, to verify real world testing environments.

Security for Today AND Tomorrow

– This may be more subtle, but it is a question you should ask… Do you want security from a security company (one that has a threat research lab, and that develops its own hardware and software) or from a networking company? That should be a no-brainer. But, amongst security vendors, dig deeper.

Of those, which vendors have a threat research team? Which vendors rely on other security vendors for IPS or AV signatures? Which vendors are “one-trick ponies” versus those who have breadth and product portfolio depth? Does your security vendor offer DDoS, WAF, and other security products? Or, just ask about the vendor’s business… Are they profitable? Will they be around in a few years, or are they just looking to be acquired?

Bottom line, to be a leader in security is much more, far much more than a dot on a grid.

Fortinet are super-proud to be a “Leader” again in this year’s Gartner Magic Quadrant for Unified Threat Management! It is an incredible testament to the engineers, threat researchers, well, everyone at Fortinet who makes this company what it is today.

So, here it is… your complimentary copy of the 2014 Gartner Magic Quadrant for Unified Threat Management. Enjoy!

MQ - medium

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Banish the Risk of Disaster-related Data Loss with Seccom Global’s SecureDR

disaster recovery

Businesses can now protect themselves from disaster-related data loss with the SecureDR solution from Seccom Global. SecureDR works by backing up local servers, and then duplicating the data at an off-site location to shield companies from massive loss of information.

The Business Case for Data Recovery

Wind storms. Floods. In a changing climate, these events can become quite severe, causing catastrophic damage to properties, livelihood, and even your business. Floods can easily damage physical documents, as well as computer systems and servers where precious data is located, presenting a costly loss of assets to the company.

About 30% of small businesses encounter natural disasters, and lose important data in the process, according to the National Federation of Independent Business. Moreover, about 60% of these enterprises close within six months after data loss, the Washington-based National Archives and Records Administration reported. An unexpected power outage at a data center costs $7,900 per minute, according to a 2013 study of the Ponemon Institute and Emerson Network.

With these statistics in mind, it is encouraged that companies take the necessary steps to protect their data from the impacts of disasters, in order to maintain a smooth running business. Today, various options exist for companies to protect their data and it may tantamount to an oversight if firms fail to implement backup disaster recovery (BDR) systems for their business.

What makes a reliable backup disaster recovery system?

A backup disaster recovery system entails mechanisms for backing up and storing data to prevent their loss during disasters like storms, earthquakes or floods. The Data Center Knowledge states that effective BDR does not only involve technologies to store and preserve data, but alsorequires the people in an organization to be effective.  For a reliable BDR system, companies need to have a plan that would manage their manpower and their resources at hand.  This includes training people, such as in-house IT personnel, to work with third-party vendors that specialize in BDR. It also includes communicating the importance of BDR to employees to gain their cooperation.

Aside from that, companies also need to have management systems in place that would ensure data storage in times of disasters. This may entail having a centralized storage system that employees could access. This type of system may be beneficial for small businesses that would not need to have a large-scale BDR system in place. However, these management systems need to be fully controlled by the company to maintain security and to ensure confidential or important data is not compromised.

Through our SecureDR solution, we provide customers with reliable systems for storing and protecting their data against the perils of disasters.This BDR system renews the protection for corporate data every 15 minutes each day, to minimize the loss should unexpected outages occur. Moreover, it backs up the data in local servers in real time, or through the cloud, in-depth reporting and other options. SecureDR also duplicates the data to an off-site location, to ensure maximum protection against loss.

SecureDRcould ensure reliable protection against data loss for businesses with its layer of backup storage and recovery mechanisms, and enable companies to spring back to business with ease after a disaster, and get ahead of the competition.

Bright skies ahead: What lies in store for businesses with BDR

In an increasingly connected world, customers expect businesses to provide consistent services. According to a CIO interview with Don Williams, VP Asia Pacific & Japan at Veeam, this can only be done if companies establish continuityby having a BDR system in place to ensure their operations willnot suffer the impact of natural disasters. Aside from business continuity, a BDR system will alsohelp companies maintain strong client relations.

Therefore, a BDR system is a win-win solution for businesses that seek to remain strong in a competitive market.

Apple Boost iCloud Security After Celebrity Photo Leak

Jennifer Lawrence - iCloud Security enhanced

As you may have already read or seen, iCloud security has come under question after many accounts were targeted and hacked last week. Hackers were able to gain access to sensitive photographs of a number of female celebrities, including Jennifer Lawrence and Kate Upton amongst others, and leaked them online.

Tim Cook, CEO of Apple, denies the servers were to blame, suggesting hackers correctly answered security questions to obtain passwords or used a phishing scam to obtain user IDs and passwords to access the accounts. Many have criticised Apple’s security flaw, where anyone with your username and password can grab an Apple device and synchronize it with your iCloud account, gaining access to all your private files.

As a step toward strengthening iCloud security, Apple will now notify users via email when someone tries to restore iCloud data to a new device. Account password changes or logging in via unknown devices currently issues a notification as well, and Apple will use ‘two-factor’ authentication on a much wider scale, asking users for a password, an access key (provided during first time sign up) or a separate onetime code.

Apple plans to also make users more aware of the threats posed by hackers. Users will be encouraged to activate the two-step verification on the new iOS 8.

Derek Manky from Fortinet shares his thoughts in the video below, suggesting users should be more educated and aware of what exactly is being enabled on their devices when an application is running.

JPMorgan Chase Hacking Incident Being Investigated By The FBI

Malicious software, more commonly known as malware, is often used by hackers to break into information systems holding sensitive data include personal and financial information. Malware was used last year to break into the US giant Target’s credit card systems and the hackers were able to capture the details of millions of customers.

The Federal Bureau of Investigation is now investigating a possible malware attack of significant breach on JPMorgan Chase, a leading global financial services firm and one of the largest banking institutions in the United States, as well as other US banks.

While major data breaches are becoming more frequent, there are many reasons to be worried about this possible cyberattack. What appears to be a well-coordinated attack is a sign that hackers have the skill to break into one of the most protected computer systems in the American economy.

“Successful attacks against banks are often unusual because the financial sector has perhaps the strongest security of any industry,” claimed Jacob Olcott, a cybersecurity expert at Good Harbour Security Risk Management. “The fact that even these companies can experience a successful attack should definitely raise eyebrows because they spend the most money and have the most sophisticated defences.”

In Australia, infiltrators used a Chinese piece of malware to attempt hack into the Reserve Bank of Australia in May last year. Investigations led to the reveal of multiple compromised computers and malicious emails sent to several staff members including heads of departments, from where the malware were executed. Fortunately, the six workstations affected did not have local administration rights, so the virus could not spread as easily.

JPMorgan is now working with law enforcement to determine how and when the attack began and how much data has been captured. The origins and motives of the hackers are unclear, as well as how many other banks have been compromised. The attack could hold serious consequences depending on what information was stolen. With the right data, hackers could access the banks’ computer systems to take out loans, commit to identity theft, and manipulate the data and change the value of the money as well as undermine the integrity of the institution.

One of the banks attacked believes the offenders were sponsored by the Russian government, and could potentially be related to the U.S. imposed sanctions of Russia. Russian hackers are some of the more sophisticated cybercriminals and are motivated by financial gain, experts say.

The FBI have brought in a number of security firms to conduct forensic studies on the penetrated networks in an attempt to get some answers. Joshua Campbell, an FBI spokesman, said the agency was working with the Secret Service to assess the full scope of attacks. “Combating cyberthreats and criminals remains a top priority for the United States government,” he said.

How To Reduce Phishing Attacks On Your Business

One of the worst cases of phishing occurred in 2007 where an international phishing ring had a significant impact on two banks stealing account details from thousands of people and transferring about $1.5 million into fake accounts they controlled. It took over two years of FBI investigation to charge over 100 people were behind the attack.

What is phishing?

Phishing is a form of online identity theft that works through the gathering of personal information via deceptive emails and websites, and it is has become increasingly common in the digital age we live in.

In the past phishing attempts were more identifiable with obvious grammatical and spelling mistakes, as well as the message itself being out of the norm whether it was offered inheritance from a relative you never had to assisting a business transaction for an individual you’d never met.

Today, phishing emails are remarkably clever, pulling language straight from official company correspondence, avoiding poor typos and being backed by fake websites that are close replicas of the websites being spoofed. Logos, corporate branding and plausible domains like mycommbank.com or paypa1.com (note the 1) make the sites appear real enough and at times, victims are even directed to the real company websites, only to be presented with a faux pop-up form that captures their personal information.

As a company, how can you avoid becoming a victim of phishing?

It’s difficult for a company to eliminate the threat of a phishing attack entirely. However, you can take several measures to reduce the odds of this occurring. One such measure is to have a defined communications protocol on how employees interact with customers via email. Ensuring all emails and webpages share a consistent visual appearance, greeting customers by their first and last name, and never requesting personal or account information by email are ways to educate and train customers of this communication protocol. This makes it easily identifiable when an email appears out of the norm.

Companies should also rethink how customers interact with their website. Users should not be able to simply open a new account with personal and financial information without some form of email verification that acknowledges transactions as well as using secure logins to access e-commerce forms.

Other methods slowly being adopted include better authentication through RSA tokens, biometrics, one-time passwords and smart cards, all of which make the information phishers capture less valuable. Commonwealth Bank uses a combination of online security, Q&A verification along with a 6-digit SMS one-time code sent directly to a users mobile phone before a transaction is made. This makes it difficult for phishers to replicate the process. Another mid-sized bank recently added encoded data on its magnetic strip that helped authenticate ATM transactions. As the data is not visible to the customer, there is less risk in customers accidentally disclosing it.

Establishing an anti-phishing team and a response plan is also key to preparing for a potential phishing attack. The team should include representatives from most departments including IT, marketing, customer service, legal etc. Then identify the following:

  1. A dedicated email account to which customers can forward any questionable emails to (e.g. fraud@yourcompany.com)
  2. Train your employees and call center staff to recognize a phishing attack and prepare the communication between them and customers if one were to occur.
  3. Prepare a timeline of how and when you plan to notify customers that an attack has occurred. The earlier customers are made aware and educated, the better prepared they can be and the less risk there is of more data being captured by phishers.
  4. Outline who to contact and how to get a phisher site down as quickly as possible, as well contacting law enforcement as soon as possible.
  5. Find and shutdown phishing sites before phishers launch their campaigns. You can outsource this to a fraud alert service, who use technologies to scour the web for unauthorized use of your branding and newly registered domains that contain your company name or are similar to. This gives you added time to counteract a phishing attack.
  6. Worked with Managed Security Service Providers to protect your websites from phishing risks. Our SecureSTREAM solution is designed to prevent websites from becoming compromised to phishers.

In the end, it comes down to preparation and educating your customers about online security. They are the first and last line of defense, so by including them in your solution and following the tips above, you can severely reduce the risk of becoming a phishing target.