Covid-19 has changed the world faster than anyone was prepared for and forced us to move to digital ways of working almost overnight. Unfortunately, the push to remote working and increased dependence on IT infrastructure has amplified the opportunities for cyber threat actors and pushed out the security boundary of nearly every public sector organisation. Organaisations once, felt protected by the boundaries of their offices, whereas now our homes are now also considered within its boundaries.
The housing sector has not been shielded from this change and the threats that have arisen. Waverley Housing in Scotland was subject to a significant cyber ransomware attack in April 2020. Cybercriminals deleted files from the organaisation’s servers and encrypted files on the network. The purpose of the attack appears to have been to extort money from Waverley Housing.
What does a cyberattack on the housing sector look like?
- Accessing organisational data: The social housing sector stores significant sensitive data as well as being connected to a range of public sector bodies, they are a growing target for cybercriminals. Cybercriminals are profiting from the monetary value of data on the dark web.
- Accessing client data: This allows a cyber-criminal to imitate landlords and ask tenants to pay rent to another account number.
- Reputational damage caused by the loss and misuse of client data can result in loss of revenue from fines, or clients moving to competitors.
- Loss of service provision through Distributed Denial of Service attacks or Ransomware attacks hinder the organisations ability to deliver.
How is the housing sector most likely to be attacked?
Your next question might be: how could attackers practically gain access to my systems? Although all IT systems exposed to the Internet are constantly being probed, phishing is the most common route into corporate systems. They can be incredibly specific to an individual (Spear Phishing) or opportunistic (Mass Phishing). Cybercriminals are using the narrative of Covid-19 to deceive people into clicking links. Staff may be concerned about contracting the virus and therefore click on links relating to testing or scientific information. They may also entice distressed people by mentioning government payments about unemployment and furlough schemes. All these methods aim to deceive staff and individuals by playing on their fears. All it takes is a single click on a wrong link or attachment for the attacker to compromise a computer and thus, be on your internal network. The attacker can then leverage this access for an array of hostile activities like ransomware deployment or tricking the finance department to pay fake invoices.
How to increase your cyber security posture
Fortunately, organisations have access to a good number of solutions to help them to reduce such risk. Before you kick off tactical solutions and spend your money on various products, it is wise to first revise your IT and cyber strategy. IT and cyber should support your organisations as it continues to evolve. For example, you may want a vision to facilitate agile and remote working. In this case; now might be the right time to introduce or increase cloud solutions and software as a service to your organisations. You may have already deployed them at short notice and now wish to ensure they are also securely configured.
- Phishing is the main entrance to your systems for attackers, organisations may wish to organise a simulated phishing exercise to see how staff respond to a suspicious email or link and whether any further training is required.
- A penetration test can assess how well protected you are against the most common of attacks. A more advanced test like Red teaming engagement will not only test your infrastructure but also how your security teams and staff respond to cyberattacks, how quickly is it detected and whether you have sufficient incident response plans in place. Red teaming works by and uses genuine tactics, techniques and procedures used in the majority of cyberattacks.
Quick wins for increasing your security
- You should confirm that all firmware and software within your organisation are up to date (not only Windows but also third-party applications) and that they are checked on a regular basis.
- Check your password complexity and renewal policies. You should enable two-factor authentication, especially of login interfaces exposed to the Internet.
- Microsoft has put out useful guidance for Office 365 security that can help to secure your organisation (ask your favourite IT manager to provide you with your security score from the Office 365 portal).
- The National Cyber Security Centre part of the UK Government Cyber Headquarters has some fantastic advice to help you to secure your organisation. Once you are comfortable with their implementation, it is worth seeking independent assurance that you have done it right.
To conclude, attackers have adapted to the new circumstances and you should do the same for your IT and security to support your organisation. With the focus on working from home, senior management of many organisations has taken a greater interest in IT and security. Thus, it is an excellent opportunity to leverage their sponsorship and achieve a more efficient and secure IT.
To discuss these challenges and opportunities further, do not hesitate to click the button below:
Contact Us Today