CISO Executive Briefing: January 2024

Welcome to our first quarterly executive briefing, exclusive to clients with the TSG Cyber Control service

These briefings aim to provide concise, essential information including real-world examples of cyber-attacks that we have seen in the market. Our hope is that by sharing this information we can help you and your business stay informed and be prepared.

Criminals use trust tactics to scam: How you can protect your business

We have seen a rise in cyber criminals using social engineering and adversary-in-the-middle tactics to scam businesses out of tens and sometimes hundreds of thousands of pounds. It starts with a compromised email account and ends with payments being made to fraudulent accounts. Once payments have been made and clear the bank, they are hard to recover.

Educating your colleagues on how to spot a phishing email is step one, but it might not protect your business from being victim to this attack, as the fraudulent emails could be sent from legitimate email addresses from your trusted contacts. This can happen when a person’s email account has been compromised.
There are at least two ways you might receive a fraudulent email, via:

  • A trusted supplier contact.
  • An internal colleague (most likely a senior colleague who has the authority to raise payment requests).

The email will usually ask for an existing invoice bank details to be changed or a brand-new payment to be made. Either way, you will be asked to make a payment to a bank account your business has never paid before.

What is the advice?

  1. Most importantly: Secure your internal finance processes. You can make them more robust by agreeing an internal approval process. For example, if new bank details are being used or existing details have changed, these must be verified via a phone call to a trusted contact number you have for that supplier or internal contact.
  2. Be aware of this type of scam
  3. Be on high alert to check for phishing emails and scam websites (especially when you are asked to enter your email username and password). Note: in some cases the username, password and MFA token can be taken by simply following the link in a phishing email – consider putting conditional access policies in place so that company sensitive data can only be accessed by specific devices and locations.
  4. Ask your suppliers to maintain good email security and have 2 factor authentication (2FA) implemented

Cybersecurity Update: Protecting Your Business in a Connected World

Introduction

A recent cyberattack targeting water filtration systems produced by an Israeli company is a stark reminder of the potential vulnerabilities in our increasingly connected business landscape. This incident, affecting a UK-based client, underscores the need for small and medium-sized enterprises (SMEs) to be vigilant about cybersecurity.

The Incident

A group known as the “Cyber Av3ngers,” believed to be linked to Iran’s Islamic Revolutionary Guards Corps, specifically targeted these water filtration systems due to security weaknesses. The breach led to significant operational disruptions across various global utilities using these systems.

Key Takeaways

This situation highlights how interconnected our global business environment is and how overseas incidents can directly affect UK businesses. It serves as a cautionary tale about the importance of robust cybersecurity measures.

Mitigation Strategies

  1. Stay Updated: Regularly update all your operational systems to ensure they have the latest security features.
  2. Strong Password Practices: Move away from default passwords and promote regular updates of passwords among your team.
  3. Empower Your Employees: Educate your staff about the basics of cybersecurity, how to spot suspicious activities, and the importance of reporting them.
  4. Be Prepared: Have a clear plan in place to respond to any security breaches. This should include steps to contain the breach and minimize its impact.
  5. Work with Your Suppliers: Keep an open line of communication with your suppliers to ensure they also follow high cybersecurity standards.

Conclusion

This incident is a wake-up call for all UK SMEs to take a proactive stance on cybersecurity. By staying informed and implementing strong security practices, including staff training and supplier collaboration, businesses can better protect themselves in this digital era.

Recent Cyber Stories from TSG Clients

With permission from the clients we’ve helped, you can read about their cyber incidents, the impact on their organisations, and how they recovered:

Cyber Resilience: Lessons from an International Shipping Firm

How an Online Retailer Overcame a Devastating Ransomware Attack

Meet the TSG Cyber team

Sanjeev Malhotra

Sanjeev Malhotra

Sanjeev TSG leads the cyber security consulting function, helping clients develop strong cyber strategies and internal security measures. With a background in technology, Sanjeev has experience in cyber security, professional services, and risk management. He helps TSG to delivery the company’s clear vision, strategic approach, and strong client relationships, and TSG’s commitment to being a trusted advisor to its clients.

Book a Review Now