Search for anything.

Your search for: "" revealed the following:

Search...

Consider IT
  • Home
  • About Us
        • About Us

          • Our Locations
          • Our Clients
          • Awards / Accreditations
          • Work For Us – Careers
          • Meet The Team
          • Environmental and Social Responsibility
  • Our IT Approach
        • Our IT Approach

          • IT Support For Start-Ups
          • Working With Your IT Teams
          • Replacing Your Existing IT Team
  • Our IT Services
        • IT Support

          • Managed IT Services
          • Co-managed IT Support
          • IT Strategy
          • IT Consultancy
          • ICT Project Delivery
          • IT & Communication Procurement
          • Business Continuity
        • COMMUNICATIONS

          • Connectivity And Internet
          • Microsoft Teams Talk
          • Phone Systems
          • Phone Services
          • Audio & Video
          • Business Mobiles
        • CYBER SECURITY

          • Cyber Essentials
          • Vulnerability Testing
          • Penetration Testing
          • Incident Response
          • Compliance
          • Free Risk Assessment
        • Cloud Technology

          • Critical Web Hosting
          • Colocation
          • Microsoft Partner
  • Microsoft Services
        • Microsoft Services

          • Microsoft Licensing
          • Endpoint Management
          • Endpoint Security
          • Cloud Identity Management
          • Email Security
  • Resources
        • Resources

          • Client Case Studies
          • Blog & News
          • E-Books
  • Quick Quote
  • Contact Us

Consider IT
0131 510 0110Contact Us For A Free Quote
[email protected]Consider IT Limited, Waterview House, Edinburgh, EH6 6QU
  • Home
  • About Us
        • About Us

          • Our Locations
          • Our Clients
          • Awards / Accreditations
          • Work For Us – Careers
          • Meet The Team
          • Environmental and Social Responsibility
  • Our IT Approach
        • Our IT Approach

          • IT Support For Start-Ups
          • Working With Your IT Teams
          • Replacing Your Existing IT Team
  • Our IT Services
        • IT Support

          • Managed IT Services
          • Co-managed IT Support
          • IT Strategy
          • IT Consultancy
          • ICT Project Delivery
          • IT & Communication Procurement
          • Business Continuity
        • COMMUNICATIONS

          • Connectivity And Internet
          • Microsoft Teams Talk
          • Phone Systems
          • Phone Services
          • Audio & Video
          • Business Mobiles
        • CYBER SECURITY

          • Cyber Essentials
          • Vulnerability Testing
          • Penetration Testing
          • Incident Response
          • Compliance
          • Free Risk Assessment
        • Cloud Technology

          • Critical Web Hosting
          • Colocation
          • Microsoft Partner
  • Microsoft Services
        • Microsoft Services

          • Microsoft Licensing
          • Endpoint Management
          • Endpoint Security
          • Cloud Identity Management
          • Email Security
  • Resources
        • Resources

          • Client Case Studies
          • Blog & News
          • E-Books
  • Quick Quote
  • Contact Us
Consider IT
Consider IT
  • Home
  • About Us
        • About Us

          • Our Locations
          • Our Clients
          • Awards / Accreditations
          • Work For Us – Careers
          • Meet The Team
          • Environmental and Social Responsibility
  • Our IT Approach
        • Our IT Approach

          • IT Support For Start-Ups
          • Working With Your IT Teams
          • Replacing Your Existing IT Team
  • Our IT Services
        • IT Support

          • Managed IT Services
          • Co-managed IT Support
          • IT Strategy
          • IT Consultancy
          • ICT Project Delivery
          • IT & Communication Procurement
          • Business Continuity
        • COMMUNICATIONS

          • Connectivity And Internet
          • Microsoft Teams Talk
          • Phone Systems
          • Phone Services
          • Audio & Video
          • Business Mobiles
        • CYBER SECURITY

          • Cyber Essentials
          • Vulnerability Testing
          • Penetration Testing
          • Incident Response
          • Compliance
          • Free Risk Assessment
        • Cloud Technology

          • Critical Web Hosting
          • Colocation
          • Microsoft Partner
  • Microsoft Services
        • Microsoft Services

          • Microsoft Licensing
          • Endpoint Management
          • Endpoint Security
          • Cloud Identity Management
          • Email Security
  • Resources
        • Resources

          • Client Case Studies
          • Blog & News
          • E-Books
  • Quick Quote
  • Contact Us

Your search for: "" revealed the following:

Search...

Posted by stuart.gilbertson

HomeArticles Posted by stuart.gilbertson
Recent Posts
  • Cyber Risks for Charities: How to Safeguard Your Organisation
    Oct 24 2024
  • Upcoming Cyber Essentials Changes in April 2025
    Sep 27 2024
  • Consider IT is now a certified B Corp Text on Blue and Orange background
    Celebrating a New Milestone: Consider IT Becomes a Certified B-Corp
    Jun 04 2024
  • Consider IT blog title: Over 19000 sensitive documents stolen in Volkswagen breach overlayed on orange and blue gradient background
    Volkswagen Group has over 19,000 sensitive documents stolen in Cyber Attack
    Apr 24 2024
  • Blog Title 7 strategies to combat malware and ransomware on a blue and orange gradient background
    Staying Ahead of the Game: 7 Strategies to Combat Malware and Ransomware
    Apr 19 2024
  • Blog title The cost of a cyber attack on a blue and orange gradient background
    Counting the Costs: Understanding the Financial Impact of Cyber Attacks on Businesses
    Mar 19 2024
  • Blog title The Importance of Cyber Security Awareness training on a blue and orange gradient background
    The Importance of Cyber Security Awareness Training
    Feb 28 2024
  • Blog title Why choosing and independent IT support provider trumps big corporations on a blue and orange gradient background
    The Personal Touch: Why Choosing a Local, Independently Owned IT Support Provider Trumps Big Corporations
    Jan 10 2024

Apache Log4j Vulnerability

What is it?

Log4j2 open source logging framework for Java is subject to a vulnerability which means untrusted input can result via LDAP, RMI and other JNDI endpoints in the loading and executing of arbitrary code from an untrusted source.

CrowdStrike has identified exploitation of log4j vulnerability by threat actors that more closely resembles targeted intrusion consistent with advanced attackers, such as deploying web shells and conducting lateral movement.

The vulnerability impacting Apache Log4j versions 2.0 through 2.14.1 was disclosed on December 9, 2021. The flaw has been dubbed “Log4Shell,”, and has the highest possible severity rating of 10.

Where is it used?

Log4j 2 is an open-source Java logging library developed by the Apache Foundation. It is widely used in many applications and is present in many services as a dependency. This includes enterprise applications , including custom applications developed within an organisation, as well as numerous cloud services.

The Log4j 2 library is frequently used in enterprise Java software and is included in Apache frameworks including:

  • Apache Struts2
  • Apache Solr
  • Apache Druid
  • Apache Flink
  • Apache Swift

Other large projects Including Netty, MyBatis and the Spring Framework also make use of the library.

An application which consumes untrusted user input and passes this to a vulnerable version of the Log4j logging library may also be exploited.

Version 1 of the Log4j library is no longer supported and is affected by multiple security vulnerabilities. Developers should migrate to the latest version of Log4j 2.

What do we need to do?

The NCSC recommends following vendor best practice advice in the mitigation of vulnerabilities. In the case of this vulnerability CVE-2021-44228, the most important aspect is to install the latest updates as soon as practicable:

  • If you are using the Log4j 2 library as a dependency within an application you have developed, ensure you update to version 2.15.0 or later
  • If you are using an affected third-party application, ensure you keep the product updated to the latest version
  • The flaw can also be mitigated in previous releases (2.10 and later) by setting system property “log4j2.formatMsgNoLookups” to “true” or removing the JndiLookup class from the classpath

What are Consider IT doing?

We’re currently working our way through all supported endpoints to verify whether they are affected or not. For those with a remediation available, we are applying it immediately. For any servers where remediation is not as easy and could cause other issues, we’ll be in touch in the next day or two (if we haven’t already contacted you over the weekend).

The really technical details

On versions (>= 2.10.0) of log4j that support the configuration FORMAT_MESSAGES_PATTERN_DISABLE_LOOKUPS, this value is set to True disabling the lookup mechanism entirely. On older versions, the payload searches all existing LoggerContexts and removes the jndi key from the Interpolator used to process ${} fields.

Do not rely on a current Java version to save you. Update Log4 (or remove the JNDI lookup). Disable the expansion (seems a pretty bad idea anyways).

Mitigation

Other than patches it is possible to mitigate through configuration change.

For AWS WAF and CloudFront (be mindful of bypasses):

  • https://github.com/OllieJC/aws-log4j-mitigations

Finding vulnerable hosts:

JAR file hashes

  • https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes

Class file hashes (2.15.0 is not vulnerable but included)

  • https://gist.github.com/olliencc/8be866ae94b6bee107e3755fd1e9bf0d

JAR and Class hashes

  • https://github.com/nccgroup/Cyber-Defence/tree/master/Intelligence/CVE-2021-44228

Go vulnerability scanner using .class hashes

  • https://github.com/hillu/local-log4j-vuln-scanner

PowerShell

gci 'C:\' -rec -force -include *.jar -ea 0 | foreach {select-string "JndiLookup.class" $_} | select -exp Path

a highly parallel PowerShell from u/omrsafetyo :

  • https://github.com/omrsafetyo/PowerShellSnippets/blob/master/Invoke-Log4ShellScan.ps1

Linux

find / 2>/dev/null -regex ".*.jar" -type f | xargs -I{} grep JndiLookup.class "{}"

A set of YARA rules for detecting versions of log4j which are vulnerable to CVE-2021-44228 by looking for the signature of JndiManager prior to 2.15.0.

  • https://github.com/darkarnium/CVE-2021-44228

Log4j detector

  • https://github.com/mergebase/log4j-detector

Using Canary tokens to detect susceptibility

  • https://twitter.com/ThinkstCanary/status/1469439743905697797

ActiveScan++ 1.0.23 added Log4Shell detection for Burp:

  • https://github.com/PortSwigger/active-scan-plus-plus/blob/master/activeScan++.py

Online reflective vulnerability tester:

  • https://log4shell.huntress.com/

NMAP NSE:

  • https://github.com/Diverto/nse-log4shell
stuart.gilbertson
December 13, 2021
0
Share:

Coronavirus Announcement: Business Continuity Plan

This page will be updated regularly as the situation changes.

Page Last Updated: Friday, 27/03/2020 at 8:15pm.

As you no doubt are aware, the current novel coronavirus (COVID-19) outbreak, which began in December 2019, presents a significant challenge for the entire world. In the event of the outbreak worsening, or a severe prolonged pandemic, the response will escalate. During this phase, the pressures on services and wider society may start to become significant and clearly noticeable.

It is almost inevitable that the UK Government will require businesses to force staff to work from home.

As part of Consider IT’s Disaster Recovery and Business Continuity plans, we are well prepared for allowing our own staff to work from home at very short notice.

Should we need to work from home, client site visits will, unfortunately, have to be cancelled or postponed. You will receive formal notification of us activating our Pandemic Business Continuity Plan, potentially with little notice.

Updates:

[16/03/2020 @ 09:30am]
We have now implemented the second stage of our Business Continuity Plan for pandemics. 50% of our workforce will now work from home until further notice. All site visits have now been postponed and we’ll be in touch regarding this on an individual basis. Site visits deemed critical will be decided on a case-by-case basis. Drop-offs of hardware etc. will be decided on a case by case basis.

[16/03/2020 @ 11:30am]
Please be aware that we are seeing unprecedented ticket volume, specifically clients looking to make changes to their home working setup or squash issues. In some cases, clients are ordering laptops and other hardware. Stock levels of laptops have dwindled and we are doing everything we can to source appropriate hardware. Please bear with us whilst we prioritise the incidents. It may be that your support times increase slightly over this busy time.

[23/03/2020 @ 11:00pm]
The UK and Scottish Government have instructed people to stay in their homes. From this evening people must stay at home except for shopping for basic necessities, daily exercise, any medical need and travelling to and from essential work. Consider IT staff are classed as Category 3 key workers, but we will only be attending site in genuine emergencies. One member of staff being unable to work is not an emergency. Minor inconveniences or delays in your working as a result of working-from-home are not emergencies. Please respect our necessary decision to avoid site visits for the sake of our, and your staff’s, health.

[27/03/2020 @ 8:15pm]
We are seeing the influx of support requests reduce back to normal levels. Almost all clients are now working from home where possible. Site visits are still cancelled/postponed with the exception of emergency cases. Responding to site visits is solely at our discretion and the safety your and our staff remains the priority.

 

 

stuart.gilbertson
March 11, 2020
0
Share:
August 1, 2019

Microsoft pulling the plug from Skype for Business Online

Come September, onboarding of new Office 365 users will automatically include Teams as the new normal.

The consumer version of Skype is not affected by these changes and there are no public plans to switch off the Skype for Business Server.

Skype for Business Online will be retired on July 31, 2021, and after that date the service will no longer be accessible. Between now and then, current Skype for Business Online customers will experience no change in service, and they’ll be able to continue to add new users as needed. However, starting September 1, 2019, Microsoft will onboard all new Office 365 customers directly to Teams for chat, meetings, and calling.

Since its introduction in 2014, Skype for Business has been a valuable tool for millions of people around the world. By combining instant messaging, calling, and video into a single app, the product established an exciting, new vision for business communications. Microsoft Teams is the next chapter in that vision, and with today’s news Microsoft are not only announcing the retirement of the Skype for Business Online service, we’re also communicating our confidence in Teams.

After more than two years in market, Teams is ready for our most demanding customers – and Microsoft are convinced that you’re going to love it! If you’re a current Skype for Business Online customer, start planning your migration today. We’re committed to helping you every step of the way, and we can’t wait for you to experience the new way to work.

stuart.gilbertson
August 1, 2019
0
Share:
May 14, 2019

A WhatsApp call can hack your phone – update now

It has been confirmed today that hackers were able to remotely install software on phones and other devices using a major vulnerability in messaging app WhatsApp. The surveillance software involved was developed by Israeli firm NSO Group, according to a report in the Financial Times. On Monday, WhatsApp urged all of its 1.5 billion users to update their apps as an added precaution.

The victim doesn’t need to do a thing other than leaving their phone on. To carry out the attack, a hacker has to manipulate data sent during the process of beginning a voice call with the target. Once the packets are received by the victim’s device, a memory buffer within WhatsApp is forced to overflow, overwriting other parts of the app’s memory and leading to the hacker gaining access to the chat application.

The NSO group, an Israeli-based but American-owned company, specialises in creating what it calls tools against crime and terrorism. But the security researchers call them something else: a cyber arms dealer.

WhatsApp said it was too early to know how many users had been affected by the vulnerability, although it added that suspected attacks were highly-targeted. According to the New York Times, one of the people targeted was a London-based lawyer involved in a lawsuit against the NSO Group.

How to update WhatsApp

On Android

  • Open the Google Play store
  • Tap the menu at the top left of the screen
  • Tap My Apps & Games
  • If WhatsApp has recently been updated, it will appear in the list of apps with a button that says Open
  • If WhatsApp has not been automatically updated, the button will say Update. Tap Update to install the new version
  • The latest version of WhatsApp on Android is 2.19.134

On iOS (iPhone, iPad)

  • Open the App Store
  • At the bottom of the screen, tap Updates
  • If WhatsApp has recently been updated, it will appear in the list of apps with a button that says Open
  • If WhatsApp has not been automatically updated, the button will say Update. Tap Update to install the new version
  • The latest version of WhatsApp on iOS is 2.19.51

 

stuart.gilbertson
May 14, 2019
0
Share:

Cyber Essentials £1000 Voucher Scheme

UPDATE:

As of 27th February 2020, the Scottish Enterprise funding has been depleted and the voucher scheme is no longer taking applications.

Building a Cyber Resilient Scotland

In late 2018 the Scottish Government, in partnership with Scottish Enterprise, released a new action plan to encourage the growth of Scotlands Cyber Security overall. Scottish Enterprise received just over £1 million to help drive growth in the cyber security industry. £500,000 of this investment went into a Cyber Essentials Voucher Scheme for small and medium private and third-sector organisations.

With Consider IT now being one of only a handful of IASME approved Certifying Authorities in Scotland, we are in a great position to advise on this scheme and assist clients with the process of becoming Cyber Essentials accredited.

The procurement landscape is changing. If you’re bidding for contracts, you need this. The Scottish Government recently launched its public and private sector action plans on cybersecurity. 1 in 10 small businesses in Scotland and the North East say they aren’t prepared for a cyber breach. Source: KPMG – Small Business Reputation & The Cyber Risk.

How the scheme works

You must be able to fund the Cyber Essentials costs up front. You will need a copy of your invoice from your chosen Certifying Body to receive the grant. Once you’ve received confirmation of the voucher, Scottish Enterprise reimburses the costs up to the value of £1000.

You must meet the following criteria to be able to apply for the £1000 voucher:

  1. Your company is defined as a small or medium enterprise with fewer than 250 employees;
  2. You have a registered base in Scotland;
  3. Your company is currently trading;
  4. You’re able to provide an ‘SC’ company number to Scottish Enterprise;
  5. Your business has an Internet connection;
  6. You do not currently, and have never had in the past, the Cyber Essentials accreditation (the scheme is open to new applicants only).

There is a finite amount of money available to the voucher scheme, so it’s a first-come-first-served system. You’re not guaranteed to be accepted for a voucher.

How to apply for a CE Voucher

Scottish Enterprise is managing the scheme. When you are ready to proceed, fill out their enquiry form at the following link: https://www.scottish-enterprise.com/learning-zone/business-guides/components-folder/business-guides-listing/keep-your-business-cyber-secure/cyber-security-voucher-enquiry

You’ll need to provide them with the following basic information:

  • First and Last Name
  • Company Name
  • Company’s Registered Postcode
  • Email Address
  • Phone Number
  • A Brief Message Regarding Cyber Essentials Voucher

How to get Cyber Essentials certified

As one of only a handful of IASME-accredited Certifying Bodies in Scotland, Consider IT are well positioned to take you all the way through the certification process. If you’re unsure where to start, talk to us about our Pre-Assessment Service where we’ll scope out the process from start to finish and identify any key areas of improvement before you apply for certification. Click here to find out more about Cyber Essentials.

Want to start the journey to certification? Call us today:

0131 510 0110

Or click  here to get in touch.

 

stuart.gilbertson
May 3, 2019
0
Share:
April 30, 2019

Vodafone confirms backdoors in Huawei equipment

For a long time now, Huawei Technologies Co. have been accused of planting backdoors into their equipment to enable them to steal trade secrets from a business partner and to enable Chinese spying through the telecom networks it’s built across the West.

Now Vodafone Group Plc has acknowledged to Bloomberg that it found vulnerabilities going back years with equipment supplied by Huawei for the carrier’s Italian business.

Huawei, the world’s biggest producer of telecoms equipment, is under intense scrutiny after the United States told allies not to use its technology because of fears it could be a vehicle for Chinese spying. Huawei has categorically denied this.

Huawei said it was made aware of historical vulnerabilities in 2011 and 2012 and that they had been addressed at the time.

Australia and New Zealand have already blocked telecoms companies from using Huawei equipment in 5G networks, while Canada is reviewing its relationship with the Chinese telecoms firm.

Vodafone said:

The issues in Italy identified in the Bloomberg story were all resolved and date back to 2011 and 2012.

The ‘backdoor’ that Bloomberg refers to is Telnet, which is a protocol that is commonly used by many vendors in the industry for performing diagnostic functions. It would not have been accessible from the internet

Bloomberg is incorrect in saying that this ‘could have given Huawei unauthorised access to the carrier’s fixed-line network in Italy.

Several European telecoms operators are considering removing Huawei’s equipment from their networks.

 

stuart.gilbertson
April 30, 2019
0
Share:
April 25, 2019

Consider IT joins SBRC Trusted Partner scheme

Consider IT is proud to announce that we have been accepted to join the Scottish Business Resilience Centre‘s (SBRC) Trusted Partners scheme.

Trusted Partners is the group of companies working in Scotland who have passed the advanced status of being Cyber Essential Certifying Bodies. This scheme also carries the endorsement of the SBRC’s core partners in Police Scotland.

The scheme was set up as a way to advise and support SMEs in Scotland to reach a basic standard of cyber security. The group have all passed advanced checks into their technical abilities to offer Cyber Essential accreditation and have Certifying Body status.

The Scottish Business Crime Centre was established in 1996 and has evolved since then to reflect the changing needs of business and of their members. They are funded by a range of Private and Public Partners including the Police, Scottish Government, Association of Scottish Clearing Banks, the Drinks Industry, Scottish Fire and Rescue Service, and a wide range of business investors and members across Scotland.

 

 

stuart.gilbertson
April 25, 2019
0
Share:
April 18, 2019

Consider IT becomes CREST member

Consider IT becomes CREST member

Consider IT is proud to announce that we are now a member of CREST following an extensive and rigorous assessment of our internal business processes, security methodologies, and overall data security. This further highlights our commitment to cyber security and to our clients.

Stuart Gilbertson, Managing Director of Consider IT, said: “For years, Consider IT has acknowledged that more responsibility needs to be taken by IT Support companies. There are no barriers to entry and no formal requirements to become an ‘IT Support Company’ or ‘Managed Service Provider’. Therefore, the only way to affirm quality within the business is to achieve membership or certification from recognised third-party bodies or standards. I’m delighted to confirm that today we achieved yet another milestone in our long-term plans to be superior. Our team adopt an innovative and rigorous approach to security and as such we have been acknowledged for doing so. We plan on rolling out Cyber Essentials to all clients as standard, and moving onto penetration testing when the time is right.”

As a result of the recent membership, Consider IT is now an official Certifying Body for the Cyber Essentials scheme.

About CREST

CREST is a not-for-profit accreditation and certification body representing the technical information security industry. CREST provides internationally recognised accreditation for organisations providing technical security services and professional level certifications for individuals providing penetration testing, cyber incident response, threat intelligence and security operations centre (SOC) services. CREST Member companies undergo regular and stringent assessment, whilst CREST certified individuals undertake rigorous examinations to demonstrate the highest levels of knowledge, skill and competence. To ensure currency of knowledge in fast changing technical security environments the certification process is repeated every three years.

CREST is governed by an elected Executive of experienced security professionals who also promote and develop awareness, ethics and standards within the cyber security industry. CREST supports its members and the wider information security industry by creating collaborative research material. This provides a strong voice for the industry, opportunities to share knowledge and delivers good practice guidance to the wider community.

About Cyber Essentials

Cyber Essentials helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security. Cyber Essentials is a UK government assurance scheme, based on its 10 Steps to Cyber Security and administered by the NCSC (National Cyber Security Centre). As a Cyber Essentials scheme Applicant, you must ensure that your organisation meets all the requirements. The Cyber Essentials process itself includes a self-assessment questionnaire, and an external vulnerability scan (conducted by our CREST accredited team members). Click here for more information.

stuart.gilbertson
April 18, 2019
0
Share:
April 18, 2019

Government makes CC/BCC e-mail blunder

The Department for Digital, Culture, Media and Sport, who are responsible for data protection laws, have made an “IT 101” basic blunder when sending an email out to 300 recipients.

In the embarrassing incident, the department have sent the email with the 300 contacts in the CC field, rather than the BCC field. The CC field will show all recipients who is on the email chain, whereas BCC (Blind Carbon Copy) will hide that information.

Digital Minister Margot James said “It was an error and we’re evaluating at the moment whether that was a breach of data protection law.”

A DCMS Spokesperson said: “In sending a news release to journalists an administrative, human error meant email addresses could be seen by others. DCMS takes data privacy extremely seriously and we apologise to those affected.”

This isn’t the first time the DCMS have been in hot water over data protection rules. During their recently launched Windrush compensation scheme, they inadvertently shared the contact details of migrants in an email about the scheme. Five batches of emails, each with 100 recipients, were sent out.

In that case, Immigration Minister Caroline Nokes apologised for what she put down as an “administrative error”, rather than lack of staff training or incompetence.

 

 

stuart.gilbertson
April 18, 2019
0
Share:
December 27, 2018

2019 Cybersecurity Predictions – From an IT Support Company’s perspective

You’ll have probably read the Forbes 2019 predictions, or the Symantec predictions, or the Malwarebytes, or Webroot, or FireEye… but which ones are the most likely? Which ones are going to cause you and your business the most pain and downtime? We’ve published below a list of what we believe to be the most likely issues a business will face in terms of Cyber Security in 2019.

Remember: there’s no magic mirror or crystal ball we can use to determine what’s going to happen. The best course of action you can take is still preventative. Maintain a secure and regularly patched network, protect your endpoints as well as your perimeter, and make sure you put in some time to train your staff on best practices. Lastly, back your sh*t up. Don’t just save it to “the cloud”. Put a comprehensive Disaster Recovery Plan into action.

Your Disaster Recovery plan should include what you do to replicate your business data, how you recover your business data, how long it takes, and where you’re recovering to. You should test it at least once every few months (if not more). Understand the cost of downtime to your business. If your online backup platform is going to take you 7 days to download the business data and rebuild your server, is that acceptable to you? You already know the answer to that one.

Anyway, we digress! On to our predictions!

High-profile businesses are going to be compromised more regularly

The most recent high-profile company to fall to its knees on their Cyber cleanliness is Marriott and Starwood. But it didn’t stop there. Saks, Lord & Taylor had 5 million records breached. PumpUp lost 6 million records. Sacramento Bee lost 19.5 million. Ticketfly, 27 million. Facebook lost over 87 million (and probably a hell of a lot more) records. 92 million records disappeared out of MyHeritage’s systems, followed by Under Armour losing 150 million records.

Notice a trend? It’s not that there are more records being lost (although, that’s the case and if we were playing Only Connect, I’d have to give a point). It’s that these breaches are happening more and more regularly to business that should be doing a better job at keeping their network secure.

Disaster Recovery is going to become a necessity, not a differentiator

British Airways learned the hard way when its systems fell flat on its arse when a technician allegedly disconnected a power supply at one of their data centres and when reconnected caused a power surge that wiped out their critical infrastructure for over 75,000 passengers.

So keeping in mind human error being at play, what lessons were learned?

  • Human error happens regularly
  • It can cause widespread issues
  • It’s not the only factor that could bring your business down
  • You must have a plan of action that lets you recover quickly to avoid your clients walking to your competitor

Some of our clients have already noticed the Disaster Recovery questions working their way into their Client “Supplier Approval Questionnaire” sheets. They’re being made to prove they have DR facilities in place. Not just data backups, but a full blown documented procedure for what to do (and in some cases where to go!).

IoT botnets are coming to an incident near you

We saw a massive increase in MicroTik routers being hacked to work at the behest of coin miners. Without their owners knowledge or permission these miners were able to passively use the resources of the routers to mine coins. Don’t think for a second these hackers are manually looking for devices to compromise. They’re automating it. They’re running a scan on the internet and with minimal effort on their side taking over these devices and using them for their own desires.

The above is simply one example of an Internet of Things device being compromised, and it’s just a slither of what’s to come in the new year. As more hardware goes online, more hardware is left un-patched, and more automated attacks will compromise them.

Hackers have seen the value in avoiding detection

WannaCry and the likes of similar ransomware attacks took advantage of letting the user know they’d been hit, and demanded action from them. The new wave of attacks are going to stay hidden, like that pen at the bottom of your handbag you just know is there.

Crypto-miners can be deployed, data can be sold easily, and hackers know that by lying low on your network over a long time, they’ll get much higher Return on Investment (so to speak).

And don’t get us started on hackers gaining access to your Amazon Alexa or your Google audio devices.

2-Factor-Authentication will finally be deployed ‘as standard’

For the love of all that is IT, please deploy 2FA. Are you running Google Apps? Office 365? Xero? Or any other online service that supports 2FA? Please go and deploy it now. If your IT Support company hasn’t already suggested a plan to deploy it, go and chase them up.

2FA is the easiest way to secure your systems with the most minimal effort but maximum gain. Lost your password? Using your password elsewhere? Yeah, it’s not great, but at least 2FA stops that immediate breach and should hopefully alert you (or you’ll have someone auditing your logs for that kind of thing, right?).

stuart.gilbertson
December 27, 2018
0
Share:
1 2 … 14
CONSIDER IT FACEBOOK CONSIDER IT Twitter CONSIDER IT Linkedin

Contact Us

0131 510 0110
[email protected]
Find Us

Customer Service

Contact Us
Our Locations
Case Studies

Information

About Consider IT
Domains
Privacy Policy
Terms & Conditions
Press Enquiries

© 2025 Consider IT Limited – All Rights Reserved
Registered office: Waterview House, 37 Shore, Edinburgh, EH6 6QU. Company Number: SC320341 | VAT number: GB 930 1862 42
Consider IT is a trading name of Consider IT Limited