It is now a cliché to remind you that the C-word has changed the world faster than anyone was prepared for and forced us to move to digital ways of working almost overnight. That was just a few months ago. Unfortunately, the push to remote working and increased dependence on IT infrastructure has amplified the opportunities for cyber threat actors and pushed out the security boundary of nearly every company. Where once, companies felt protected by the boundaries of their offices, our homes are now also considered within its boundaries.
The housing sector has not been shielded from this change and the threats that have evolved with it. Waverley Housing in Scotland was subject to a significant cyber ransomware attack during the lockdown (more precisely, April 2020). Cyber criminals deleted files from the company’s servers and encrypted files on the network. The purpose of the attack appears to have been to extort money from Waverley Housing.
What does a cyber attack on the housing sector look like?
- Accessing organisational data: The social housing sector stores significant sensitive data as well as being connected to a range of public sector bodies, they are a growing target for cyber criminals. Cyber criminals are profiting from the monetary value of data on the dark web.
- Accessing client data: Allows a cyber-criminal to imitate landlords and ask tenants to pay rent to another account number.
- Reputational damage caused by the loss and misuse of client data can result in loss of revenue from fines, or clients moving to competitors.
- Loss of service provision through Distributed Denial of Service attacks or Ransomware attacks hinder the organisations ability to deliver.
How is the housing sector most likely to be attacked?
Your next question might be: how could attackers practically gain access to my systems? Although your IT systems exposed to the Internet are constantly being probed, phishing is the most common route into corporate systems. They can be incredibly specific to an individual (Spear Phishing) or opportunistic (Mass Phishing). Cyber criminals are using the narrative of COVID 19 to deceive people into clicking links. Staff may be concerned about contracting the virus and therefore click on links relating to testing or scientific information. They may also entice distressed people by mentioning government payments about unemployment and furlough schemes. All these methods aim to deceive staff and individuals by playing on their fears. But it takes a single click on a wrong link or attachment for the attacker to compromise a computer and thus, be on your internal network. Then, the attacker can leverage this access for an array of hostile activities like ransomware deployment or tricking the finance department to pay fake invoices.
How to increase your cyber security posture
Fortunately, companies have access to a good number of solutions to help them to reduce such risk. Before you kick off tactical solutions and spend your money on various products, it’s a great time to revise your IT and cyber strategy. IT and cyber should support your business as it continues to evolve. For example, you may consider a vision to facilitate agile and remote working; now might be the right time to introduce or increase cloud solutions and software as a service to your organisations. You may have already deployed them at short notice and now wish to ensure they are also securely configured.
- Phishing is the main entrance to your systems for attackers, organisations may wish to organise a simulated phishing exercise to see how staff respond to a suspicious email or link and whether any further training is required.
- A penetration test can assess how well protected you are against the most common of attacks. A more advanced test like Red teaming engagement will not only test your infrastructure but also how your security teams and staff respond to cyberattacks, how quickly is it detected and whether you have sufficient incident response plans in place. Red teaming works by and uses genuine tactics, techniques and procedures used in the majority of cyberattacks.
Quick wins for increasing your security
- You should confirm that all firmware and software within your company are up to date (not only Windows but also third-party applications) and that they are checked on a regular basis.
- Check your Password complexity and renewal policy’s, you should enable two-factor authentication, especially of login interfaces exposed to the Internet.
- Microsoft has put out useful guidance for Office 365 security that can help to secure your organisation (ask your favourite IT manager to provide you with your security score from the Office 365 portal).
- The National Cyber Security Centre part of the UK Government Cyber Headquarters has some fantastic advice to help you to secure your organisation. Once you are comfortable with their implementation, it is worth seeking independent assurance that you have done it right.
As a conclusion, attackers adapt to the new circumstances and you should do the same for both your IT and your security to support your business. With the focus on working from home, the senior management has taken a greater interest in IT and security. Thus, it is an excellent opportunity to leverage their sponsorship and achieve a more efficient and secure IT.
To discuss these challenges and opportunities further, please get in touch with your Mazars contact, or please do not hesitate to click the button below:
Contact Us Today