7 signs that your IT infrastructure is vulnerable to a cyber-attack

7 signs that your IT infrastructure is vulnerable to a cyber-attack

Ransomware attacks have witnessed a staggering surge of nearly 500% since the commencement of the COVID-19 pandemic, highlighting the urgent need for Australian businesses to reassess their IT infrastructure and bolster their security measures. This will enable them to enhance their defences against meticulously targeted cyber-attacks. To determine whether your business requires a security reassessment, here are seven indicators that your IT infrastructure is susceptible to a cyber-attack:

1. Outdated software and hardware
2. Weak passwords
3. Lack of employee training
4. Insufficient network segmentation
5. Lack of patching
6. Lack of back-up and recovery plans
7. Data encryption

Outdated software and hardware

One of the primary methods utilized by hackers to infiltrate a network involves leveraging End of Life (EOL) and End of Service (EOS) hardware and software. EOL and EOS refer to situations where vendors cease providing support for a particular software, resulting in the discontinuation of updates and security patches beyond a specified date. As cyber-attacks continue to evolve and become increasingly targeted, failure to keep hardware and software up to date with rapid changes creates vulnerabilities within the IT infrastructure. For instance, among the approximately 230,000 globally infected computers, it was reported that 98% were running an unpatched version of Windows 7. As Windows 8 was released, the support and patching for Windows 7 naturally diminished, leading some businesses to delay the update due to their busy day-to-day operations. This delay in adopting updated software and hardware exposes businesses to successful attacks.

Organizations must prioritize and proactively manage their software and hardware upgrades. It is imperative to have a dedicated IT team that remains vigilant in conducting regular compliance checks to ensure the company remains ahead of the curve.

Weak passwords

Were you aware that ‘123456’ ranked among the top 10 most common passwords worldwide? According to research conducted by Cyber News Investigation, a total of 15,212,645,925 passwords were analysed, with only 2,217,015,490 of them being unique. Weak and easily guessable passwords pose the quickest and simplest route for cyber-attacks to breach a business’s IT infrastructure. A notable example occurred in 2012 when Dropbox experienced a security breach due to an employee reusing a password at work, resulting in the theft and online sale of 68 million user credentials to malicious hackers. Various companies, including Yahoo, LinkedIn, Adobe, and Equifax, have also faced similar breaches due to inadequate password security protocols.

It is crucial for passwords to be complex, incorporating uppercase and lowercase letters, special characters, and numbers, while avoiding dictionary words. Additionally, it is important to encourage employees not to reuse passwords across multiple sites. Here are some steps that businesses can take to ensure their employees use strong and secure passwords:

  • Employee education
  • Don’t share passwords
  • Get a password manager
  • Change password regularly through business wide policies
  • Make passwords stronger
  • Use two factor authentication

Lack of employee training

Effective training and awareness programs tailored to specific demographics are crucial to prevent successful cyber-attacks. Without such programs, employees may lack the knowledge and skills needed to identify and report potential cyber threats. According to IBM, human error accounts for more than 85% of cyber breaches, making people the primary gateway to such attacks. Employees with low levels of cyber security awareness are particularly susceptible to clicking on malicious links or opening attachments in phishing emails.

In 2020, Marriott Hotels & Resort experienced an internal compromise where hackers accessed two employee passwords, resulting in unauthorized access to 5.2 million private records. Unfortunately, it took two months for Marriott’s cybersecurity systems to detect the breach, highlighting the importance of regular regulatory compliance and cyber security training to prevent such incidents from occurring. With third-party assessments and consultation such as Oreta’s Cyber Training and Awareness solution, Marriott Hotel & Resorts could have reduced the chances of the breach overall.

Insufficient network segmentation

The outbreak of COVID-19 has brought about significant changes in the working landscape, with 50% of companies in Australia adopting hybrid work models. This shift to remote work introduces new challenges, as employees connect to their own unprotected networks, increasing the likelihood of successful cyber-attacks. One vulnerability arises from having a flat network, which provides a large attack surface. When an organization’s network lacks appropriate segmentation, a single compromised device can grant a hacker access to the entire system.

However, by dividing a large network into smaller sub-networks through network segmentation, the attack surface is reduced. This segmentation isolates network traffic within the sub-networks, impeding lateral movement. If a network perimeter is breached, the sub-networks act as barriers, preventing attackers from spreading laterally throughout the entire network. With cyber-attacks growing increasingly sophisticated, network segmentation becomes a vital measure to limit the impact of an attack by making it more challenging for cyber criminals to navigate through your network.

Lack of patching

Over time, it is often necessary to update and test the vulnerabilities of most downloaded software. Security patches are designed to address security gaps that were initially overlooked when the software was launched. It is alarming that approximately 95% of cyber-attacks specifically target unpatched vulnerabilities. Patching plays a crucial role because these vulnerabilities can be exploited by cyber criminals to gain unauthorized access, steal sensitive information, or disrupt operations. By promptly applying patches, organizations can minimize downtime, reduce their exposure to threats, and enhance their overall security posture. On the other hand, neglecting to apply patches can have severe consequences for organizations, including data breaches, system failures, damage to reputation, and financial loss.

Lack of back-up and recovery plans

Data serves as the lifeblood of any organization, underscoring the critical need for businesses to have a comprehensive backup and recovery plan in place. Such a plan ensures operational continuity in the face of unexpected events, which can range from natural disasters and human errors to cyber-attacks. According to the 2020 Cost of a Data Breach Report by IBM and the Ponemon Institute, Australia ranked 13th out of 18 countries in terms of total data breach costs.

Without a backup and recovery plan, organizations lack a clear understanding of recovery times (recovery time objective or RTO) and recovery points (recovery point objective or RPO), both of which are crucial in the event of an attack. RTO represents the maximum acceptable downtime for an application, computer, network, or system following an unforeseen disaster, failure, or similar event. On the other hand, RPO defines the acceptable period within which an enterprise’s operations must be restored following a disruptive event.

Failing to proactively plan for these contingencies exposes businesses to greater losses and long-term consequences, including diminished customer loyalty and damage to brand reputation. Therefore, having a backup and recovery plan in place is essential for safeguarding against potential disruptions and minimizing the impact on the organization.

Data encryption

According to recent statistics from the Office of the Australian Information Commissioner (OAIC), there have been five data breaches in 2022 that have affected one million Australians. This highlights the increasing volume of sensitive data being shared and stored, making encryption a paramount concern for businesses. Encryption plays a vital role in safeguarding sensitive data against unauthorized access, ensuring confidentiality, and meeting regulatory requirements. While no security method is foolproof, data encryption is a crucial component in securing an organization’s data both during transmission and at rest.

Cyber-attacks pose a significant threat to businesses and organizations of all sizes, with cybercriminals showing no discrimination. Recognizing the signs of vulnerability in your IT infrastructure can help you take proactive measures to protect your systems and sensitive data. By identifying weaknesses, implementing robust security measures, and training employees in security best practices, you can reduce the risk of a cyber-attack and mitigate potential damages. It is essential to stay informed about the latest threats and security trends, regularly review, test, and update security plans such as Incident Response Plans (IRP), Business Continuity Plans (BCP), and Disaster Recovery Plans (DRP). Remaining vigilant is key to ensuring the ongoing protection of your IT infrastructure.

If you want to be proactive rather than risking on having to be reactive with your security, contact us now and have a no obligation chat with out security team.

Find out more on Oreta’s cyber security services here.

6 Cyber Security challenges to watch out for in 2023

6 Cyber Security challenges to watch out for in 2023

Australia, like many other parts of the world face numerous cyber security trends and challenges, including:
1. Increased Cyber-attacks
Cyber threats and attacks are on the rise globally with the pacific region becoming a hot spot with malicious actors targeting governments, organisations, and individuals. During the 2020–21 financial year, over 67,500 cybercrime reports have been made in Australia, an increase of nearly 13 per cent from the previous financial year.

2. Lack of Cyber Security Awareness
There is a significant lack of awareness amongst individuals and organisations regarding the importance of Cyber security thus, making them more vulnerable and prone to cyber-attacks. Australian Cyber Security Centre reported that 82% of all breaches involved ‘the human element’ (the use of stolen credentials, phishing, misuse, or human error) in 2022.

3. Resourcing shortage
Australia has a shortage of cyber security experts and trained professionals. The lack of skilled cyber security professionals makes it difficult for organisations to implement and manage effective cyber security measures. There is an anticipated 38% growth in workforce shortages in Australian cybersecurity, outstripping forecasts for care and software development.​

4. Inadequate IT infrastructure
Many businesses in the pacific region have outdated cyber security infrastructure thus making them an easy target for cyber-attacks. 40% of Australian IT leaders admitted to failing the security compliance audit in the Thales cyber report, 2021.

5. Continuous compliance​
As cyber-attacks are becoming more advanced and ever evolving, this reflects in constant change and updates of the security regulations and laws. This makes it difficult for organisations to keep up and meet the changing requirements of insurance. Cyber insurance premiums soar 80% in 2022 as claims surge, following a 20 percent increase in the cost of cover in each of the previous two years.

6. Digital transformation
With digital transformation technologies such as Internet of Things (IOT), Artificial Intelligence (AI) and Blockchain being adopted at a rapid pace, businesses are now more vulnerable than ever. Integrating newly established systems and platforms provides a levy for new cyber risks and challenges. Annual Cyber Threat Report found that the cost of a security breach cost $39,000 for small businesses, $88,000 for medium businesses, and over $62,000 for large businesses. An average increase of 14% per cyber-crime report.

To address these cyber security challenges, organisations in the pacific region need to invest in security education, strategy re-evaluation and most importantly a team of security experts. Prioritising the development and implementation of effective cyber security policies, regulations, and infrastructure can position organisations to improve and reinforce their security posture. Keeping up to date and sharing information among cyber security experts and like-minded businesses in the region is also crucial in helping organisations stay ahead of cybersecurity risks and threats.

At Oreta we believe in being proactive than reactive, protect your data and reputation and contact us now.

Endpoint Security– do you know which of your mobile, computer devices are protected or infected?

Endpoint Security– do you know which of your mobile, computer devices are protected or infected?

What is considered an endpoint?

In simple terms, an endpoint is one end of a communications channel. It refers to parts of a network that don’t simply relay communications along its channels or switch those communications from one channel to another. An endpoint is a place where communications originate, and where they are received—in essence, any device that can be connected to a network.

Examples of endpoint devices include:

  • Desktops
  • Laptops
  • Mobile devices
  • Tablets
  • Smartwatches
  • Internet of Things (IoT) devices
  • Point-of-Sale (POS) systems
  • Medical devices -Digital printers
  • Servers

What is endpoint security?

Endpoint security, or endpoint protection, is the process of protecting user endpoints (desktop workstations, laptops, and mobile devices) from threats such as malware, ransomware, and zero-days.

Endpoint security consists of a piece of software, called an “agent,” installed and executed on an endpoint to protect it from and detect an attack.  Endpoint protection solutions, or endpoint protection platforms (EPP), work by examining processes, system activity, and files for suspicious or malicious indicators. These could come in the form of next-generation endpoint protection solutions such as EDR, XDR and much more.

Why is it important to have endpoint visibility for mobile and computer devices?

The majority of cybersecurity attacks originate at the endpoint.  Cybercrime has become a big business.  The average cost of a ransomware breach stands at $4.62 million USD (IBM Security Cost of a Data Breach Report 2021, compiling primary research conducted by The Ponemon Institute), which is more costly than the average data breach ($4.24M).

On average, a phishing attack takes 213 days to detect and 80 days to contain (Cost of Data Breach Report).  213 days is a lifetime, providing the attacker ample time to move laterally, establish persistence, conduct reconnaissance, plan, and finally execute an attack.

Endpoint visibility should be at the forefront of your IT security strategy, as endpoints are quite likely to be the first choice for an attacker trying to penetrate your organization’s network. At a time when hybrid and remote work is rising and human error is inevitable, businesses need to make sure they have visibility in real-time to stop the infection from spreading further.

How to gain visibility into your endpoint?

As IT visibility becomes more critical to organisations, it is becoming increasingly more difficult for senior IT executives to ensure that every endpoint is secure. GlanceX leverages data from within the various IT/vendor domains (such as security) and presents this information so that IT executives can see within seconds if their IT estate is operating effectively and if not, pinpoint quickly and accurately when and where the problem may be.

Being a strategic partner with several of the biggest security experts in the industry, Oreta understands the world of cyber threats and the importance it plays in protecting confidential information. GlanceX was developed with best practice security in mind, to provide digestible insight so companies can make quick and effective decisions.

The top-level dashboard shows holistic daily health checks of Security operations for the previous 30 days. The drill-down capability enables companies to see when and where the problem has occurred. GlanceX is easily accessed anywhere, any time and at any location via a simple, dedicated web browser link.

Contact us now to gain visibility into your endpoint and make data-driven decisions on your security posture.

Unlock the True Costs of Network Outages and Bandwidth Drain: A CIO’s at-a-glance tool

Unlock the True Costs of Network Outages and Bandwidth Drain: A CIO’s at-a-glance tool

Why is it important to have network visibility?

C-suite executives have a myriad of tasks and responsibilities, often overlooking or not understanding the technicalities of Network beyond the initial implementation. So, with staff needing to connect to anything, anywhere, at any time, how do they know how their network is performing at their various locations? Or how much network downtime their organisation has experienced? Which of their applications are using up the most bandwidth? Or what divestments or investments they should be making?

Network visibility allows businesses to drill down on their operations and mitigate the risk of flying blind. Understanding the network performance across multiple sites including downtime and application bandwidth allows businesses to maximise their cost allocation and increase their service delivery performance.

What is the best solution to gain network visibility across all your sites?

What Oreta has found is that senior executives do have granular network information; however, it is in disparate systems and often at a technical level of detail that isn’t easily digestible. Consequently, they must rely on specialists and spend additional time in getting the information they need which is not sustainable.

GlanceX leverages data from within the various IT/vendor domains (such as network) and presents this information so that decision makers can see within seconds if their IT estate is operating effectively and if not, pinpoint quickly and accurately when and where the problem may be. GlanceX complements the existing tools from infrastructure vendors rather than attempting to replace it. The top-level dashboard shows holistic daily health checks of network operations for the previous 30 days. From this overview, the CIO’S can make investing and divesting decisions to maximise cost efficiency. The ease-of-use experience also makes GlanceX the perfect solution for any business, with anytime at any location via a simple, dedicated web browser link.

Contact us now to gain visibility into your network and make data driven decisions.

Mobility cost visibility – how much are you paying for unused mobile devices and data allowances?

Mobility cost visibility – how much are you paying for unused mobile devices and data allowances?

With increasing size of mobile fleets, there is a growing hidden cost in managing mobility expenses. Organisations often experience wastage through poor visibility over billing, usage, and assets.

Why is it important to know your company’s usage of mobile devices and data allowance?

Companies often do not have an overview over their mobile fleet which means that they are not allocating and maximising their resources. Some of their sites could be using less data while others are needing more, devices may be underutilised or not used at all, mobile charges may fluctuate depending on business operations but not reflected in the charges and much more. Staying ahead of your data and mobile usage allows businesses to stay on top of their mobility and cut costs on services they no longer need.

What is the best solution to gain visibility across your mobile devices?

As IT visibility becomes more critical to organisations and more complex, it is becoming increasingly more difficult for senior IT executives to ensure optimum user experience and use of their budget. GlanceX leverages data from within the various IT/vendor domains (such as mobility) and presents this information so that IT executives can see within seconds if their IT estate is operating effectively and if not, pinpoint quickly and accurately when and where the problem may be.

The top-level dashboard shows holistic daily health checks of Mobility operations for the previous 30 days. The drill-down capability enables companies to see when and where the problem has occurred. GlanceX is easily accessed anywhere, any time and at any location via a simple, dedicated web browser link.

Contact us now to gain visibility into your mobility fleet and make data driven investments/divestments.