Category: Cyber Security

Why is cyber security so important?

We’re more reliant on technology than ever these days. And, with this almost complete reliance on IT, comes the escalation in cyber security threats.

So let’s look at exactly why cyber security is so important for the modern business.

Cyber security is critical for modern businesses to survive

Cyber security is no longer a nice-to-have—it’s essential. Not just to help your business grow, but for it to survive.

It’s all about protecting your business’ information, technology, IT infrastructure, and users against both immediate and potential threats. The right cyber security solution safeguards your business’ essential data, and that of your customers and clients, against a range of cyber threats, which can originate from a variety of sources.

External cyber security threats

External cyber security threats are one of the biggest risks businesses face these days. Hackers, cyber criminals, malicious actors—whatever you choose to call them, these are the external parties actively attempting to infiltrate systems and access your business’ data.

They do so via a startling array of methods, ranging from phishing and malware attacks, to ransomware attempts, denial of service attacks, and SQL injections. Their goal is to gain access to your business’ systems and databases and retrieve information, money, or generally cause havoc.

Internal security threats

While external cyber security threats are one of the greater threats to be aware of, businesses can also be vulnerable to issues created inside their organisation. Yes, this can include disgruntled employees with an axe to grind, but it’s much more likely to be your own software and platforms letting you down.

Poor internal security protocols such as weak passwords, a careless approach to email safety, and unprotected systems all leave your business’ network open to attack. You may be using old and outdated software, or running an antivirus and firewall that haven’t been patched against the latest cyber security threats.

Human error

Data loss isn’t always malicious: it can all come down to simple human error. Not saving information in the right place, forgetting to save documents, deleting the wrong file, or simply leaving external devices lying around for anyone to easily pick up and run away with.

Disaster situations

As we’ve seen across Australia in the last 18 months, disaster can strike in a variety of shocking ways. Instances like fire, flooding, extreme weather, and even earthquakes in some cases, can all have a huge effect on your IT systems. Servers can be lost to office fires. Backups can be affected by a leaking roof. Extreme weather can shut off the power and damage your hard drives.

Advances in technology means advances in cyber security threats

It’s crucial for businesses and individuals alike to understand the implications of advancing technology, in order to see just how important cyber security is for your Brisbane business.

Take AI, for example. Machine learning and AI is fantastic for businesses, but it’s also a boon for cyber criminals. Instead of individual users and professional groups being the operators behind cyber security threats, we’re likely to see software programs and AI scripts delivering these attacks on their behalf.

Phishing attempts will get smarter, more targeted, and more tenacious. Malware will get more insidious, hiding even deeper in legitimate-looking ads and links. These attacks will be undertaken at a speed, ferocity, and breadth not available to the human user, and performed on a global scale.

5G means faster internet speeds—and faster cyber criminals

The 5G network will increase internet speeds to lightning fast response times. But as the world moves to faster internet, this also means that we’ll see an increase in associated cyber security threats.

Cyber criminals will move quickly to exploit security threats as they appear. Zero-day attacks have the potential to increase, as new software becomes available on the market. And, while the world upgrades to 5G networks, many users will still be connecting to older networks, and any unresolved flaws in these networks will still be vulnerable to attack.

Cloud computing and cloud access is a massive shift for businesses that brings fantastic benefits. However, with an increase in cloud services comes the increase in potential for cyber attacks. Vulnerabilities in cloud networks, platforms, and software have greater potential to be discovered and exploited.

An increase in IoT-connected devices further expands the playing field for cyber security threats. After all, more devices means more opportunities, more entry points, and more undiscovered vulnerabilities.

The right cyber security solution gives you peace of mind that your business is secure

Cyber security is important because we live and work in a connected world, and the right cyber security solution ensures your business’ technology and data doesn’t fall into the wrong hands.

At GPK Group we provide full-scope IT cyber security solutions to keep your business protected as cyber threats evolve. Get in touch with us today to discuss a cyber security solution for your Brisbane business.

How to conduct a cyber security audit for small businesses

What is a cyber security audit?

A cyber security audit is a comprehensive review of your business’ IT infrastructure and systems. It enables you to identify any weaknesses in your security protocols, uncover any vulnerabilities in your software, and highlight any high-risk practices in your business’ IT use.

By identifying this information clearly, you’re able to create a list of areas that need attention, and formulate a plan for how to achieve this.

A cyber security audit is crucial for small businesses to identify gaps in your business’ cyber security systems, and ensure you’re protected against cyber security threats and attacks.

Here’s how to undertake a cyber security audit for your Brisbane business

Step 1: Plan for the worst

It’s not a particularly positive sentiment, but for most Brisbane businesses a cyber security attack is an unfortunate predetermination. It’s a matter of when, not if. So to ensure you have the tightest cyber security measures in place for your business, assume that it’s going to happen, and plan to be prepared.

Step 2: Review your existing IT infrastructure and security protocols

Performing a full review of your IT network and systems gives you a complete picture of your IT architecture. This review enables you to understand the extent of your network, and the systems you have in place.

By compiling a complete list of all applications and programs you use, all user who have access to your systems, and the full suite of hardware and devices available, you map out exactly how far your network extends.

This allows you to understand every available touchpoint that can come under threat from cyber attacks.

Step 3: Perform a vulnerability assessment

A vulnerability assessment is probably the key step in undertaking a cyber security audit for your Brisbane business. When performing a vulnerability assessment, you’re:
Checking your current security practices and determining whether or not they’re up to scratch; and
Reviewing your cyber security software to ensure it’s patched with the latest security updates. This includes your critical antivirus software and firewall.

This step allows you to identify and uncover any hidden flaws or gaps in your existing security systems, and uncover any weaknesses that could be targeted and exploited by cyber criminals.

This step should always be undertaken by a cyber security professional. They have the specialised software and knowledge to scan your system and security protocols for vulnerabilities, and have the ability to test for weaknesses from both inside and externally to your business’ network.

Step 4: Identify network access points

A vulnerability assessment enables you to determine any potential access points to your business’ IT network. Once you know what’s vulnerable, and how it can be breached, you know how to address these issues.

Step 5: Network penetration testing

Network penetration testing is effectively putting your IT security systems through a trial run.

During network penetration testing, an IT cyber security expert will act as a cybercriminal and attempt to breach your business’ IT security systems. They’ll use the latest hacking methods and processes to probe your security system, and identify vulnerabilities and weak points across your whole network. This can include your operating systems, antivirus software, suite of business applications, cloud infrastructure, and any devices connected to your network.

This works to determine how easy your network’s vulnerabilities are to exploit—and you’d be surprised just how easy this is.

Step 6: Perform a risk assessment across your entire IT system and network

Once you’ve mapped out the entirety of your IT infrastructure and identified all potential vulnerabilities and weaknesses, you’re able to assess the potential risk against each discrete part of your network.

Whether it’s the risk of cyber security attacks, system or hardware failure, vulnerability to natural disaster, or simply human error, you can weigh each risk against its potential and estimate the likelihood and impact of each one. You’ll be able to determine which assets are more at risk, and which are more or a priority to safeguard.

Step 7: Recommendations

Once you’ve undertaken a cybersecurity audit of your IT infrastructure, you’ll be able to compile all the data and results and create a report of the recommendations to solve these issues within your network.

This gives you a roadmap to work towards to improve your Brisbane business’ IT security. When and how you implement these actions is up to you, but the important thing is that you’ve taken the first step to improving your business’ security posture.

Let GPK protect your Brisbane business against cyber security threats

GPK Solutions provides IT risk assessments to review the cyber security for your Brisbane business. Get in touch with us today and we’ll ensure your business’ IT systems and network is as safe and secure as possible.

Common Cyber Security Threats And How You Can Protect Yourself Against Them

Cyber security threats are insidious, so it’s important to know what you’re up against.

We’ve compiled a list of the common cyber security threats your Adelaide business may face, and some pointers on how to protect yourself against them.

Malware

Malicious software, commonly known as malware, is the bane of every user’s existence. It covers a host of nasty little pieces of software, including spyware, ransomware, worms, and a  multitude of computer viruses. Malware is designed to access your systems and network through vulnerabilities in your IT security.

It operates simply. A user clicks a link, downloads an email attachment, or clicks an on-page ad, and this downloads and installs malicious software onto their device. Once installed, the software can begin directly attacking different components within your system, crippling it. Or, it can remain on your system, secretly retrieving and sending data to an external party.

Ransomware

Ransomware is a particularly vicious cyber security threat. When downloaded and installed on your computer, this malware attacks and locks access to specific systems and data. You will receive a notification asking for a ransom in order to unlock it. And honestly? There’s not much else you can do.

Often, if you pay, they do come through on their word and unlock your system. If you don’t pay, though, this data gets thoroughly and irreversibly wiped. Ransomware is one of the key drivers to ensure your business has secure cloud backup services enabled.

Phishing and spearphishing

Phishing is one of the most common types of cyber security threats out there, to the point that it’s become an automated and ubiquitous part of everyday life. It takes a broad-based approach, where cybercriminals send emails and that look and sound like they’re from legitimate and trustworthy organisations. This then directs the user to a website, or to simply reply, with sensitive information such as bank details, user login credentials, or even request payment on the spot.

Spearphishing delivers a persistent, highly personalised attack against individuals, using repeated methods of communication to try and access their information. As automation software and AI becomes more powerful, this method is only likely to become more prominent.

Denial of service (DoS) and distributed denial of service (DDoS) attacks

Under a DoS attack, cybercriminals overwhelm the targeted computer network, system, or server with repeated traffic and data until the bandwidth is exhausted. This results in the system, whatever it may be, rendered unable to action legitimate requests, forcing it to effectively become inoperable. 

But these all typically come from one computer source. A DDoS attack is a similar threat, but on a broader scale. Multiple systems attack the one target, delivering a more forceful DoS attack. These types of attack can be extremely damaging financially, as they effectively shut down your business systems until the attacks ease.

SQL injection

SQL, or Structured Query Language, is a specific programming language that can be used to change and retrieve data from a specific database. This makes an SQL injection a particularly insidious cyber security threat. 

An SQL injection attack works by an external source inserting, or ‘injecting’, an SQL query via a data input channel. So, for example, your business might have a login screen on your website. Cybercriminals would go to this page, type in a SQL query into the input section, and use this to access your system. 

If they add the right SQL statement, they’re able to gain access to your website, database, system, network. They can then use further code to retrieve sensitive data, modify data, perform administration operations on your database, and other malicious activities.

Zero day attack

This cyber security threat refers to the situation where a new vulnerability is discovered within a system, piece of software, or database. As it’s only new, there’s no security patch to fix the issue—there’s been zero days to fix it.

Upon discovery, hackers leverage these vulnerabilities, and create code that can exploit these vulnerabilities before a security patch is created. When inside the system the hacker then has access to achieve whatever nefarious ends they’re aiming for.

How to protect your business against cyber security threats

The first step to creating a strong cyber security posture for your Adelaide business is to get the essentials right. You can read our blog on that here.

But in summary, make sure you have the following in place.

• Secure your devices with antivirus software and a VPN, and keep them up to date. This is your first line of defence against cyber security threats. So keep them up to date to ensure the latest protection for your business.
• Practice email safety. Use common sense: don’t click any suspicious links or emails, and change your password regularly.
• Practice password safety. We’re likely all guilty of this one, but it’s crucial to ensure your passwords are strong. Make them a minimum of eight characters, upper and lower case, numbers, and other characters and symbols.
• Ensure your business systems and software is up to date. Updating your systems and software to the latest versions ensures they’re protected against the latest vulnerabilities.
• Set up regular cloud backups of your data. Backing up regularly in multiple locations ensures all your business data remains safe and secure, up to date, and easily accessible should any ransomware attacks wipe out parts of your system.

We’ll help you stay protected against cyber security threats

GPK Group provides cyber security services to Adelaide businesses, to ensure you remain safe and protected against the rising risk of cyber attack.

Get in touch with us today for a free, no-obligation IT security discussion. We’ll talk about your current systems, and discuss how our robust cyber security solutions ensure your business remains safe against these common cyber security threats.

The Essential Small Business IT Security Checklist

When it comes to cyber security threats, you can never be too careful. To ensure you’re safe against rising cyber security threats and hacking attempts, we’ve compiled this essential small business IT security checklist.

It covers the essential things you should check when looking at cyber security for your Adelaide business.

Check your physical security

While it’s not strictly part of your IT, your building’s physical security is just as important to consider. A data breach can be as low-tech as an unauthorised person entering your office and stealing a thumb drive they see lying on a desk, or running off with an unsecured tablet or smart device.

To start with the essentials, it’s crucial that your business has the right physical security measures in place. Things like a staff ID tag-in/tag-out system, device tracking, and security cameras.

Secure your wifi

An unsecured wifi connection isn’t a big deal to the average person, although it does mean free browsing. To a hacker, however, an unsecured wifi connection is the open window into your business. So check to make sure that your business’ wifi connection is secured, and be sure to change your wifi passwords regularly.

If your business does offer free guest wifi, ensure it’s a different network to your business’ one.

Choose the right antivirus platform

When looking at cyber security for your Adelaide business, starting with the basics means ensuring you have robust antivirus software installed. There are many good options around, so it really depends on what works for your business.

Whichever you choose, make sure you update it regularly. Antivirus companies are updating their software to protect against the latest cyber security threats.

Set up your firewalls correctly

A firewall is unobtrusive, working in the background of your operating system as a filter to inspect all data and traffic that enters and exits your computer. If it detects any suspicious-looking packets of data, it stops these from entering your network. This also works to block any hacking attempts. 

Similarly, a firewall edge solution is a whole-of-network security system, that operates in much the same way. But instead of protecting just one device, it works to keep your entire network secure, and sits in front of your router to filter traffic into and out of your network from the internet.

Ensuring a comprehensive firewall is set up on all your devices, and potentially on your network too, is a strong step towards improving your cyber security posture.

Invest in a VPN

The next step in improving the cyber security for your Adelaide business is to set up a VPN, or Virtual Private Network.

VPNs are exactly what they sound like. It’s a private, secure, encrypted network, that can only be accessed by people with the right access credentials. It effectively acts as a tunnel, keeping all your business data and browsing activity hidden from prying eyes, only visible to other people also on your network.

A VPN can be set up both for business security, and to enable secure remote access for your teams. 

Enable two-factor authentication

Two-factor authentication creates an added layer of cyber security for your Adelaide business. It’s easy to set up, too.

When set up, your staff will log into your business systems and be required to receive a notification by either email, text, phone call, authentication app, or to a special USB drive, which contains their additional login code. They’re the only one that receives this code, so as well as creating an added security step, it effectively acts as an alert should anyone else try and access their account.

Monitor all BYO devices

It sounds simple, but does your IT team have a log of all devices that are authorised to access your network? This way you’ll know if any unauthorised devices are gaining access.

Provide comprehensive cyber security training

Delivering regular cyber security protocol training ensures your staff are up to date with the latest cyber security threats. It helps to keep cyber security top of mind, and reminds them about creating strong passwords, and demonstrating safe email practices.

It’s a good reminder that common sense isn’t always common sense.

Update your systems

If your operating systems and software aren’t updated, this means that they’re not patched against the latest cyber threats. This leaves them vulnerable to attack. So make sure you update your important systems and software on a regular basis.

Backup your data

If there’s one absolutely critical thing to remember, it’s that you should regularly back up your business data. This ensures you have the latest information available securely in the case of cyber attack, and you can get back up and running sooner.

We recommend having multiple backups, whether it’s on-site, external back-ups, or cloud data backups.

Ensure your business’ safety against cyber security threats with an IT risk assessment

GPK Solutions provides IT risk assessments to review the cyber security for your Adelaide business. So contact us today and we’ll help you make your business is as secure as possible.

Recent Cyber Attacks in 2020

As the dust settles, the industry is uncovering even more evidence of rapid growth of cybercrime during the upheaval created by 2020’s pandemic. Cybercriminals were indiscriminate in their attacks, targeting businesses and platforms of all types.

Cybercriminals targeted the ways we connect in a pandemic

In a time when online connection became so important, opportunistic cybercriminals were quick on the uptake to attack social platforms.

Telegram

Telegram, the cross-platform messaging software service, was attacked in September 2020. In this campaign, hackers were able to access the email data of some important players in the cryptocurrency space using the Signaling System 7 (SS7) protocol, which is used for connecting mobile networks worldwide.

It’s believed they attacked this platform to access two-step authentication codes, in order to get access to cryptocurrency safely secured within digital wallets worldwide.

Zoom

A more well-known and wide-ranging incident occurred to the workhorse of the COVID era, Zoom. This high-profile attack saw hackers access approximately 500,000 Zoom user accounts, passwords, credentials, and meeting URLs.

And it wasn’t a particularly sophisticated attack, either—but it was persistent. The hackers gained access via credential stuffing, one of the most common methods of cyber attack.

Essentially a scaled-up version of trying to guess a friend’s password, hackers use the information in stolen lists of usernames, passwords, and email addresses, under the logic that people commonly reuse these credentials. A stress-testing tool then deploys multiple bots at different IP addresses using combinations of these login credentials. All details met with a positive login attempt were then collated and sold on the dark web.

Zoom has since put in place stronger security measures, but it was a big blow during the initial pivot to working from home.

Software providers weren’t immune

One big cyber attack in October 2020 saw German software vendor Software AG hit with the Clop ransomware, with a cybercrime syndicate demanding a $20 million ransom.

While service to their customers remained unchanged, this attack ended up disrupting Software AG’s internal network, and casting a pall over their security protocols.

The scope of cyber attacks in 2020 broadened significantly

The December 2020 SolarWinds breach was one of the biggest cyber attacks of 2020, both in breadth and ferocity.

In this incident, hackers took advantage of malicious code that was inserted into the SolarWinds Orion network management software, targeting the server that provided access to patches and updates for these tools.

This enabled the hackers to infect multiple clients at once—clients who were part of some of the largest organisations in the world.

The US Departments of Treasury, Commerce, Energy, and network of the National Nuclear Security Administration all were breached. Even the US Department of Homeland Security found itself under threat. Fortune 500 companies across Asia, Europe, and the UAE came under attack, with tech firms like Microsoft becoming involved in the breach.

This attack was so large, and so wide, that security experts are still unsure of the full extent and scope of this threat.

Hackers enjoyed irony, too

With patrons worldwide distancing themselves from cruise ships in 2020, cybercriminals found their opportunity to take advantage of cruise lines.

Carnival Corporation, one of the largest cruise line operators in the world, found themselves victims of a massive data breach in August 2020. Hackers breached their network and encrypted their IT infrastructure, accessing confidential customer, crew, and employee information.

While there hasn’t yet been any flow-on effects from this attack, it still demonstrates the widespread effects that cyber attacks can have on businesses.

Close to home

Australia wasn’t without its significant cyber attack incidents, either.

Toll Group, the giant logistics company, was hit with ransomware attacks not just once, but twice, the incidents occurring within three months of each other.

In February, 1,000 of Toll’s servers became infected with the MailTo( Netwalker ) ransomware variant. This effectively shut down their supply chain, interrupting deliveries and services across the country. While it was discovered that no personal details had been leaked, it still had a chokehold effect on the business.

The second ransomware attack saw them fall victim to a different ransomware strain, known as Nefilim. This attack allowed the perpetrators to access a Toll corporate server, from where they were able to steal information about commercial agreements, and staff information.

We’ll help you stay protected against cyber security threats in 2021

GPK Group provides cyber security services to Brisbane businesses, to ensure you remain safe and protected against the rising risk of cyber attack.

Get in touch with us today for a free, no-obligation IT security discussion. We’ll talk about your current systems, and discuss how our robust cyber security solutions ensure your business remains safe in 2021—and help keep you out of this list for 2022.

Top 7 Cyber Security Threats for 2021

Cyber security threats skyrocketed in 2020. And as 2021 rolls along, they’re becoming even more sophisticated, persistent, and much more widespread. So it’s less a matter of if a cyber attack will happen, and more about when.

Our goal is to ensure that your business is kept abreast of the latest trends in cyber security, so you can work with us to put systems in place to keep your data secure.

So, here are seven of the top cyber security threats for 2021 that your Brisbane business needs to be aware of.

Ransomware attacks

Ransomware attacks are still one of the most common cyber security threats in 2021. This is because it’s effective—and small businesses are going to bear the brunt. They’ve got more to lose, and therefore are more likely to pay the ransom.

Cybercriminals know that these types of businesses are less likely to have complete data backups, and less contingency systems in place.

The key to staying safe against ransomware attacks is to be prepared, and have the right data backups in place. To ensure your business is protected against potential ransomware attacks, get in touch with GPK to find out how we can help you with your backup solutions.

Zero-day vulnerabilities

Zero-day vulnerabilities occur when new weaknesses in software and systems are discovered, allowing cybercriminals to access these systems before organisations have a chance to create a security patch.

A recent example is the Microsoft Exchange zero-day vulnerability. At the time, an unnamed cybercriminal group discovered an unpatched weak spot in the Microsoft Exchange server. This enabled them to access details and information for over 30,000 businesses and organisations using the server, and in some cases deploy malware and web shells, a hacking tool that provides attackers with administrative access to the organisation’s server.

Advanced persistent threats

One of the most insidious cyber security threats in 2021, advanced persistent threats enable cybercriminals to attack business systems from the inside.

It works in a similar way to a zero-day vulnerability: cybercriminals identify and exploit hitherto undiscovered weak spots in a business’ security network. But they don’t immediately act on it. Instead, they plant subtle code within the system—the IT equivalent of leaving the back door unlocked from the inside.

Hackers can then leave this code dormant for months, and when the time is right, access the business’ systems and make their move.

Mobile cyberthreats

As the world adjusts to hybrid working environments, cybercriminals are still taking advantage of dispersed networks and at-home setups. And, instead of directly attacking businesses themselves, they’re taking advantage of the vulnerabilities within home computer networks.

These attacks can take many forms. It could be with phishing attempts, directed at the employees themselves. Or it can be discovering and exploiting vulnerabilities in misconfigured antivirus software or an employee’s VPN, and entering the business’ system that way.

Mobile and remote work has provided cyber criminals with a broader playing field. Businesses need to ensure their employees’ remote security protocols are robust and up-to-date, they understand password safety—and they’re sensible about the links they click.

Spearphishing

While phishing attempts are on the rise, one concerning increase is in the number of spearphishing attacks.

While quite heavy-handed in name, spearphishing takes a more targeted approach to generic phishing attacks. Using this method cybercriminals target individuals, repeatedly and persistently, with malicious links disguised as emails from reputable sources.

And, as automation software becomes more sophisticated, the volume of these attacks is only set to increase.

Insider threats

With the rise of remote working, we’ve seen more and more traditionally face-to-face practices be conducted online. Cybercriminals are now taking advantage of this. And while this manner of attack may sound like material for a fictional spy drama, it’s most definitely real, and potentially damaging.

And it’s a long game, too. In this case cybercriminals are targeting the recruitment processes. They actively apply for job openings, follow the recruitment process, and use their advanced systems and vulnerabilities in remote recruiting to game the system and land the role. Then, once they’ve been onboarded, the user is free to access sensitive company information, get what they need, and disappear.

Vulnerabilities in IoT devices

From home devices like fridges, TVs, and assistants like Alexa and Siri, through to security equipment, factory production lines, and autonomous cars, the increase in internet-enabled, Internet of Things (IoT) technology has allowed us to become much more connected.

But this increase in connection points means we’re likely to discover an array of security vulnerabilities and threats, which will become a playground for the modern cybercriminal.

The old adage, forewarned is forearmed, has never rung truer

At GPK Group we provide robust cyber security for Brisbane businesses. Our goal is to ensure you’re aware of any potential cyber security threats, and help you put processes in place to protect your network, systems, and data.

Get in touch with us today for a free, no-obligation discussion on how we can help keep your business safe and secure in 2021 and beyond.