Secure websites a cyber security risk for Irish businesses
Secure websites present one of the biggest headaches for Irish companies looking to protect themselves from potentially crippling online attacks, a top cyber security expert has claimed. “Most traditional firewalls allow all traffic coming from secure websites straight into your network, presenting a huge opportunity for cyber criminals,” said cyber security expert James Canty of Magnet Networks.
“Unfortunately, secure sites account for between 60-70% of all internet traffic for Irish businesses today, leaving network access open to attack and making most firewalls unfit for purpose. “If cyber criminals have potential access to your network and staff are not cyber aware, then the potential is there for disastrous consequences such as we recently saw in the UK and US health services.
“Business owners need to ask the person responsible for their cyber security questions about how effective their firewall is, even if it was just recently installed, as the onset and adoption of cloud technologies has made most firewalls pretty worthless.
“Unfortunately, we are finding that just because you have a box in the corner that the IT calls a firewall doesn’t mean you are protected.
“Software patches and security updates are what make traditional anti-virus solutions ineffective as they are constantly playing catch up, leaving unsecure software vulnerable to attack.
“Companies need to have a next generation application-aware firewall along with advanced endpoint protection and local real-time analysis on each machine.
“No business using this system, which Magnet Networks employ, would have been affected in any way by the recent cyber attack.”
Ransomware is displacing other cybercrime business models as criminals have realised that this is a lucrative business with low barriers to entry. “Nearly all computers or devices with an unsecured internet connection are potentially victims of ransomware, which is a more urgent concern with the rise of the internet of things (IoT) and the proliferation of additional devices, such as wearable tech and home appliances,” said Canty.
“Ransomware acts quickly and it is imperative that businesses act and deploy zero-day protections and controls that mitigate or prevent attack.
“Education and awareness are key as most attacks are triggered by unsuspecting individuals opening either exe files or documents, which can look quite convincing.
“These have no known signatures or behaviours so that most existing enterprise security systems must allow the malware to run, so they can then recognise them and are effectively playing catch ups with cyber criminals.
“There are certain stages that malware must go through in able to function, and businesses need to employ real time protection that can identify, isolate and educate on each new piece of malware as it happens.
“Owners also need to ask if their IT departments can provide reports showing all the activity on the network, on the basis that if you don’t know what is coming in and out of the business, then how can you protect yourself?
“If needed, system administrators should be able to see a report detailing all activity on a per user basis across the network.
“Businesses should also look at reviewing their network drive permissions to minimise the impact a single user can have, and ensure that administrators are assigned separate normal restricted accounts separate from their highly privileged accounts.”