Cyber Security is an increasingly discussed topic but it can feel like a minefield to navigate. As part of Cyber Security Month, we held a live hack with Wolfberry Cyber Security in partnership with Barclays Eagle Labs to uncover how to better protect ourselves and our businesses against the most common cyber attacks.
Cyber Security is an increasingly discussed topic but it can feel like a minefield to navigate. As part of Cyber Security Month, we’re asking, why should we care about cyber security?
First, let’s look at the facts. Malware is software intentionally designed to cause damage to an organisations security and you might be startled to learn that malware increased by 358% in 2020 alone. Phishing also increased by 27% between January 2020 and January 2021. If you’re not sure what phishing is yet, don’t worry! We’ll get to that, but it’s how 80-90% of hacks start.
We asked Tramshed Tech tenants PureCyber (previously Wolfberry) to teach us more about how these cyber-attacks happen and how we can protect ourselves against them. For those who don’t know, Wolfberry were named the most Innovative Cyber Security Business in the UK by LiveWire and with over 23,000 nominations, this win was no mean feat.
During the session, which you can watch in full on our Youtube channel, CEO Damon Rands and his Senior Testers Tom and Ben walked us through a live hack. This allowed us to get into the head of a hacker and understand the kinds of techniques they use to trick the unsuspecting.
What is phishing?
Phishing is the most common way that organisations are hacked, with 80-90% of hacks starting with a phishing email. This can be seen when criminals impersonate a legitimate organisation via digital means such as an email or text message.
Thanks to opensource software, code is publicly accessible for anyone to modify, manipulate and distribute. This holds great opportunity, but in the wrong hands it can cause catastrophic damage and cost businesses billions.
The Live Hack
During the hack Tom and Ben demonstrated how easy it is to create highly believable and authentic looking phishing emails. They then discussed a variety of methods that hackers use to predict passwords; a technique known as a credential/password reuse. Here are just a few ways that passwords can be predictable:
- Passwords tend to relate to a business
- The first letter of a password tends to be a capital letter
- Number 1 or the calendar year are the most common numbers used in passwords
- 90% of the time the symbol used is an exclamation mark
With this predictability in mind, hackers can create software and set rules to hack a person or organisation over a long period of time. Once one person in an organisation is effectively hacked, a plethora of sensitive information is now accessible. Once a hacker has this level of access, they can then begin to target other more senior members of an organisation by acting as a trusted colleague.
This is a smart and effective way to access sensitive information and use weaknesses within a business to reach more senior members of staff. This highlights the value of having watertight security at every level within an organisation. If you’re looking to level up your cyber security, get in touch with PureCyber. They are industry leaders and take the complexity out of keeping your business safe.
