CISO Executive Briefing: January 2024

Welcome to our first quarterly executive briefing, exclusive to clients with the TSG Cyber Control service

These briefings aim to provide concise, essential information including real-world examples of cyber-attacks that we have seen in the market. Our hope is that by sharing this information we can help you and your business stay informed and be prepared.

 

Criminals use trust tactics to scam: How you can protect your business

We have seen a rise in cyber criminals using social engineering and adversary-in-the-middle tactics to scam businesses out of tens and sometimes hundreds of thousands of pounds. It starts with a compromised email account and ends with payments being made to fraudulent accounts. Once payments have been made and clear the bank, they are hard to recover.

Educating your colleagues on how to spot a phishing email is step one, but it might not protect your business from being victim to this attack, as the fraudulent emails could be sent from legitimate email addresses from your trusted contacts. This can happen when a person’s email account has been compromised.
There are at least two ways you might receive a fraudulent email, via:

  • A trusted supplier contact.
  • An internal colleague (most likely a senior colleague who has the authority to raise payment requests).

The email will usually ask for an existing invoice bank details to be changed or a brand-new payment to be made. Either way, you will be asked to make a payment to a bank account your business has never paid before.

 

What is the Advice?

  1. Most importantly: Secure your internal finance processes. You can make them more robust by agreeing an internal approval process. For example, if new bank details are being used or existing details have changed, these must be verified via a phone call to a trusted contact number you have for that supplier or internal contact.
  2. Be aware of this type of scam
  3. Be on high alert to check for phishing emails and scam websites (especially when you are asked to enter your email username and password). Note: in some cases the username, password and MFA token can be taken by simply following the link in a phishing email – consider putting conditional access policies in place so that company sensitive data can only be accessed by specific devices and locations.
  4. Ask your suppliers to maintain good email security and have 2 factor authentication (2FA) implemented

Cybersecurity Update: Protecting Your Business in a Connected World

Introduction

A recent cyberattack targeting water filtration systems produced by an Israeli company is a stark reminder of the potential vulnerabilities in our increasingly connected business landscape. This incident, affecting a UK-based client, underscores the need for small and medium-sized enterprises (SMEs) to be vigilant about cybersecurity.

The Incident

A group known as the “Cyber Av3ngers,” believed to be linked to Iran’s Islamic Revolutionary Guards Corps, specifically targeted these water filtration systems due to security weaknesses. The breach led to significant operational disruptions across various global utilities using these systems.

Key Takeaways

This situation highlights how interconnected our global business environment is and how overseas incidents can directly affect UK businesses. It serves as a cautionary tale about the importance of robust cybersecurity measures.

Mitigation Strategies

  1. Stay Updated: Regularly update all your operational systems to ensure they have the latest security features.
  2. Strong Password Practices: Move away from default passwords and promote regular updates of passwords among your team.
  3. Empower Your Employees: Educate your staff about the basics of cybersecurity, how to spot suspicious activities, and the importance of reporting them.
  4. Be Prepared: Have a clear plan in place to respond to any security breaches. This should include steps to contain the breach and minimize its impact.
  5. Work with Your Suppliers: Keep an open line of communication with your suppliers to ensure they also follow high cybersecurity standards.

Conclusion

This incident is a wake-up call for all UK SMEs to take a proactive stance on cybersecurity. By staying informed and implementing strong security practices, including staff training and supplier collaboration, businesses can better protect themselves in this digital era.

Recent Cyber Stories from TSG Clients

With permission from the clients we’ve helped, you can read about their cyber incidents, the impact on their organisations, and how they recovered:

Cyber Resilience: Lessons from an International Shipping Firm

How an Online Retailer Overcame a Devastating Ransomware Attack

 

Meet the TSG Cyber team

MicrosoftTeams-image (55)

Sanjeev Malhotra

Sanjeev TSG leads the cyber security consulting function, helping clients develop strong cyber strategies and internal security measures. With a background in technology, Sanjeev has experience in cyber security, professional services, and risk management. He helps TSG to delivery the company’s clear vision, strategic approach, and strong client relationships, and TSG’s commitment to being a trusted advisor to its clients.

Mike Tudor

Mike Tudor

Mike Tudor is a Security Solutions Architect here at TSG. His role is to drive the design and development of our security offerings, working closely with internal teams to deliver the best security solution for our clients.

KSV Photo JPG

Kellie Stockham-Vasey

Kellie is a seasoned professional in the cyber security and business continuity consulting field, having gained expertise in governance, risk, and compliance through her successful tenure at a consulting firm. She has a strong background in working with diverse clients to enhance their security and regulatory measures. Kellie has facilitated events and workshops for the Australian government, promoting collaboration and information sharing among key stakeholders. Her deep understanding of risk management enables organisations to identify, assess, and mitigate threats effectively, making her a trusted resource for a wide range of industries seeking to strengthen their security measures.

ZoeMackenzie-headshot

Zoe Mackenzie

Zoe is an Information Security Manager at TSG. Prior to working with TSG, she held a variety of roles in IT managed services and global FTSE organisations gaining experience in security governance and risk management. Zoe brings with her expertise in business security compliance and resilience however she will always steer away from a solely compliance-focused goals. Instead, she sets up organisations for success by advising security objectives in relation to business needs balanced with risk explained without using technical jargon.

Book a Review Now

  • This field is for validation purposes and should be left unchanged.