Category Archives: Information Security Incidents

Why basic cyber security could save you a lot of wonga

Wonga cyber attack

 

 

 

 

 

 

 

Another week, another embarrassing cyber attack. This time it’s payday lenders Wonga who are the latest high profile business to fall victim to hackers with reports suggesting 270,000 customers’ details have been stolen (of which 245,000 are in the UK) – including the last four digits of bank cards.

For a business named after the slang for money, it’s ironic that, when the dust settles – the attack may cost them a tidy sum of their own wonga – just as it did for TalkTalk. Continue reading “Why basic cyber security could save you a lot of wonga” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Cyber security in perspective – a look back at 2016

Year 2016

 

 

 

 

 

 

 

 

As we reflect on 2016, there are two stand out events that dwarf every other piece of news this year – the decision of the UK to leave the EU and the election of one Donald J Trump.  Both put cyber security in the spotlight in 2016 for different reasons – from the confusing to the bizarre.

But it wasn’t just the changing political landscape that caught our eye. Many organisations were affected by ransomware attacks and one high profile business discovered just how costly the on-going fall-out from their data breach would turn out to be.

So, let’s look back at 2016 through the cyber security lens of Ascentor. Continue reading “Cyber security in perspective – a look back at 2016” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Ransomware – Back up or Pay up – Top Tips for SMEs

Ransomware

 

 

 

 

 

 

 

 

Part 2 in a series of blogs on ransomware. In the first blog we covered some basic cyber hygiene as well as providing 6 top tips for single home computer backups. This second blog takes it up a level and is aimed at Small and Medium Enterprises (SMEs).

Ransomware is the installation you really don’t want – it’ll encrypt your files and you’ll be blackmailed in to paying a ransom for the recovery key. What’s more, it’s a fast growing menace. New data from Intel Security shows a 24 per cent increase in this kind of malware in the first quarter of 2016 alone.

By restricting the ability of systems to operate, ransomware has the capacity to cause long-term damage to the reputation and profitability of any business. However, due to their size, SMEs don’t always have the resources to counter the damage that an attack can cause. We hope that, by following these six tips, SMEs will be better prepared to prevent attacks or respond with confidence, should the worst happen. Continue reading “Ransomware – Back up or Pay up – Top Tips for SMEs” »

avatar

Paddy Keating

Director and Government Service Manager at Ascentor

More Posts

Follow Me:
Twitter

Share

Ransomware – Back up or Pay up – 6 tips for single computer backups

Symbol of internet security with binary character hand and padlock to represent ransomware

 

 

 

 

 

 

 

 

Part 1 in a series of blogs on ransomware. The number of ransomware attacks is on the increase with cyber criminals using this tactic in “alarming” numbers – according to security researchers quoted on BBC News.

Wikipedia defines ransomware as a type of malware that can be covertly installed on a computer without knowledge or intention of the user that restricts access to the infected computer system in some way, and demands that the user pay a ransom to the malware operators to remove the restriction.”

A conservative estimate is that about two thirds of all new malicious code releases include some form of ransomware. The tools are now easily available, the risks of being caught are comparatively small and the profits are huge. To top it all, the main defence is the human user and we all know how unreliable that can be.

The question is no longer how you prevent the infection, but what you have to do to recover from it without having to pay up. Continue reading “Ransomware – Back up or Pay up – 6 tips for single computer backups” »

avatar

Paddy Keating

Director and Government Service Manager at Ascentor

More Posts

Follow Me:
Twitter

Share

The Human Face of Information Risk Re-visited

Screen Shot 2015-11-04 at 12.45.52

Back in July 2012, Ascentor published our own research into employee behaviour and how it relates to Information Risk. We called it ‘The Human Face of Information Risk’.

One of the most alarming findings was that over half the respondents (57%) said that there were circumstances in which they would deliberately sabotage or compromise their employer.

With the additional potential for unintentional data loss through employee negligence and error – the impact of what has become known as ‘the Insider Threat’ poses a huge issue for information risk.

Were we right to focus on the insider threat in 2012?

Fast forward to 2015 and there has barely been a week without a data breach involving some aspect of human involvement. For all the security measures that might be in place, the incidents of real people causing costly and embarrassing data compromises are still all too common. Continue reading “The Human Face of Information Risk Re-visited” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Do you need to TalkTalk about cyber security?

Screen Shot 2015-10-23 at 08.31.01

 

 

 

 

 

 

 

Another week, another high profile example of cyber crime, this time at telecoms company TalkTalk who have had what Police describe as a “significant and sustained” cyber-attack.

TalkTalk has 4 million customers in the UK, all of whom must be concerned about the safety of their personal data. The company has said that potentially all customers could be affected but it was too early to know what data had been stolen.

The TalkTalk attack is a prime example of why organisations that hold large amounts of customer data are so attractive to attackers. The list of customer data that may have been compromised is listed on the TalkTalk website – it makes for scary reading. Continue reading “Do you need to TalkTalk about cyber security?” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

The State of Information Security in 2013 – Survey Results Out

The Department of Business, Innovation and Skills has released the 2013 Information Security Breaches Survey. It makes for pretty depressing reading. It seems that cyber criminals are lasering in on both large and small businesses, with SMEs increasingly vulnerable.

This infographic by Via Resource counts the cost of a “worst-case” breach for both small or large businesses.

Infosec breaches 2013 infographic

A clarion call for SMEs to up their game

In all areas the number of attacks and, more importantly, the cost of these attacks has risen but the major impact is the cost on SMEs who are now seeing incident levels only previously seen by large organisations.

This is a worrying trend but perhaps not surprising. In general SMEs spend the least on protecting from an information security incident and are therefore an easier target.

Doing the basics can really help (see our previous blog – Protect Your System From Cyber Threat With These 7 Basic Security Controls) but lots of SMEs are not applying best practice advice. Until they do it is likely the 2014 report will look even worse.

Cyber attacks are here to stay until we can protect ourselves appropriately. All organisation need to up their information security game. It’s not all bad news though. As you secure your information you’ll strengthen your business in the process.

Get the full report

avatar

Dave James

Information Risk Management expert and Managing Director of Ascentor

More Posts

Follow Me:
Twitter

Share

Don’t Panic!

A frightful February for high profile cyber attacks

Emergency Light

Over the past few years there have been a number of high profile cyber attacks against companies, but this month we have seen an unprecedented level of sophisticated attacks against some of the really big players. Apple, Microsoft, Facebook and Twitter in close succession, announced that they have been the victim of cyber attacks. Add to this the attacks against the NYT and the report by the US security firm Mandiant Corp that China is to blame for the majority of attacks. With a month like this it would be surprising if you were not starting to get a little concerned about your exposure to a cyber-based attack.

Who should be most concerned? Continue reading “Don’t Panic!” »

avatar

Dave James

Information Risk Management expert and Managing Director of Ascentor

More Posts

Follow Me:
Twitter

Share

How Predictable is your PIN Number?

How secure is you PIN number? An enlightening new study reveals that many PIN numbers are shockingly predictable and far too easy to guess.

Is it about time you changed your PIN?

Psst – I wanna tell you a secret

The most infrequently used and therefore arguably the best PIN is 8068. Well it was until it was revealed in the recent study of PIN usage by Data Genetics. This fascinating and statistical study also reveals the most commonly used PINs and therefore the ones most likely to be guessed.

What makes a poor PIN choice?

Continue reading “How Predictable is your PIN Number?” »

avatar

Paddy Keating

Director and Government Service Manager at Ascentor

More Posts

Follow Me:
Twitter

Share

The ICO Man Cometh!

The UK Information Commissioner’s Office (ICO) has been increasingly active over the past couple of years in levying fines on various organisations, both government and commercial, for breaches of the Data Protection Act (DPA) 1998 by failing to protect personal information adequately.

Why should I care?

Failure to protect personal information could result in a number of consequences for an organisation. Arguably the least of these is a fine from the ICO which can be up to £500,000. There is also the reputational damage of ‘naming and shaming’ on the ICO website and ‘the press’. In addition there is pressure from some legal quarters for fines against an organisation to be passed on to Third Party Suppliers if they were found to be directly responsible for a data breach. Continue reading “The ICO Man Cometh!” »

avatar

Steve Maddison

Director and Principal Consultant

More Posts

Share

Latest Insights

Recent Comments

    • Barry Harvey: It is perhaps surprising to hear that a generation we think of as being tech savvy is anything but....
    • David Conway: I can imagine that, even at this stage, many businesses will still be blissfully unaware of this...
    • Sonja Jefferson: Are you going to be offering that training for ‘normal, non-techie people that now have...
    • Dave James: @Colin Robbins: Yes, Its really illumintaing isnt’t it. Provides a bit of context to the recent...
    • Colin Robbins: Very interesting report. I find it staggering that 26% of companies had not briefed their boards on...
  •  
    Buy Cialis in UK