Blog

Six security threats every Kiwi business should have on their radar

2nd of August

Written by Origin IT

They say that knowledge is power, and in the case of cybersecurity, it couldn’t be truer. Knowing what to look out for, and where your risks lie, could save your business from irreparable financial loss, data theft, sullied reputations and so much more. 

So here are six security threats that are on our radar and which are putting everyday Kiwi businesses like yours at risk. Simple in execution, devastating in their impact, these threats target commonly-occurring network vulnerabilities, business software, applications and practices (such as the use of BYOD devices). They’re worth knowing about, because if there’s one thing we know for sure, every business is a target. But not every business has to be a victim.

  1. Third-party file-sharing of confidential information


    How does it work?
    Third-party file sharing on applications such as Dropbox risks allowing staff to share potentially sensitive information with the outside world. This can occur by accidental or malicious means, including via data exfiltration methods used by attackers. 


    What does it mean for your business? You’ll lose private and/or sensitive business data which may be released to the public, fall into the hands of a competitor or be encrypted and held to ransom or on-sold by a malicious third party. 


    How can you mitigate this risk? Adopt a policy to ban the use of public file-sharing services, and if you have the technology, block access to this type of site. If you need a way to store or share files externally, use a secure service such as Microsoft OneDrive, or Blackberry Workspaces.
  2. Peer-to-peer software downloads of unregulated or illicit material


    How does it work?
    Peer to peer software enables the download and distribution of unregulated, illicit or illegal material onto company devices. The downloaded content is often bundled with Malware, giving attackers access to everything on the compromised device including company data and resources. Attackers can use your organisation as a pivot point to launch further attacks which will be attributed to you.

    What does it mean for your business? You’ll lose private and/or sensitive business data which may be released to the public, fall into the hands of a competitor or be encrypted and held to ransom or on-sold by a malicious third party. 


    You’ll also no longer be able to trust the data in your systems, and your suppliers or customers may also be attacked through your company. 


    How can you mitigate this risk?
    Adopt a policy to ban the use of peer to peer software on your network, and if you have the technology, block access to this type of site.

  3. O365 account compromise


    How does it work? 
    Attackers can gain access to your employees’ O365 accounts by brute force or stolen credentials. Once logged into the compromised account, they have access to sensitive information and can often impersonate the user to whom the account belongs.

    What does it mean for your business? You’ll lose control over your sensitive and/or private business data, and attackers may carry out further attacks using this information such as sending out fake invoices or creating requests for services.


    How can you mitigate this risk?
     Turn on multi-factor authentication on your Office 365 accounts and for additional security, configure conditional access rules.

  4. Cloud misconfiguration


    How does it work? 
    Cloud services are often more vulnerable to attack than on-premise services because they lack the traditional border protection that comes with the latter. Whilst cloud services typically have robust security features, this security is often taken for granted and misconfigurations, such as admin access being made available to the public, are common.

    What does it mean for your business? The keys to your castle in the cloud may be left in the door without anyone noticing. An attacker would have the ability to disrupt or compromise all the information you hold in the cloud. Access to sensitive data could be completely denied to legitimate users.


    How can you mitigate this risk?
     Review your security configuration on any cloud services. AWS, Azure and Google Cloud all have in-depth security features available, but they need to be configured correctly to be effective. If you do not have the skills or knowledge in-house to do this, contact Origin Security or your existing security provider for assistance.

  5. Malware introduced by BYO Devices


    Details:
    Users often connect personal devices to company services such as email and cloud storage. They also often load their own apps onto company devices which are sometimes malicious and have the ability to steal data and credentials directly off the device, monitor all ongoing communications, forward communications, and even spread to other devices while on the corporate network.

    Impact: Credentials to corporate resources are stolen. This can lead to commercially sensitive data being lost, stolen or held to ransom, and business devices or accounts being hijacked, allowing malicious third parties to impersonate staff. This leads to loss of confidence from suppliers and customers, and loss of productivity.


    How can you mitigate this risk?
    Implement a policy to control the use of personal mobile devices. If possible, use a Mobile Device Management system to enforce this policy on all connected devices.

  6. Employee account details in the wild


    How does it work?
    Stolen credentials often end up on the dark net, either freely or for sale. Hackers will use these credentials to execute a direct attack or extort the user into providing money or further information on the company. Users aren't sure how to respond and often don't report such extortion attempts.

    What does it mean for your business? These attacks place extreme psychological strain on staff which often impacts productivity. There’s also the potential for more information to be stolen through blackmail, leading to further losses.


    How can you mitigate this risk? 
    Implement a policy that bans the use of company credentials for personal use (e.g. registering for online shopping sites, social media platforms etc). Ensure your people are aware of and understand this policy, and educate them on safe online working practices. Commission a report to identify any leaked credentials and change the passwords for any accounts that appear in the report.

Implement these mitigation recommendations and you’ll be on your way to a safer, more secure environment. If you’re interested in improving your information security even further, or have specific concerns that aren’t addressed above, contact an Origin Security representative today.

IT is changing everything. Join us on LinkedIn to keep up to date with what’s happening now and what’s coming next in the world’s most exciting industry.

Join The Common Room
Join us once a month in The Common Room and find out what's happening now and what's coming next in the world's most exciting industry.