The Silver Bullet in Cyber Security
Let me tell you a small story. Meet Serge. Serge is a hacker. He went on to dark web and bought himself a malware kit called Citadel for $12.
In layman terms he bought a virus software and placed it somewhere on the internet. Then he went onto a popular website in America. That particular website had a comments feature under the articles and Serge discovered he can actually place a script in the comments section. The job of that script is to download and run the malware on the site visitor’s browser.
It took a couple of hours before ‘the popular website’ realised this was happening. In those couple of hours they had a mere 40,000 visitors to the site and a good number of them infected with the malware.
Now the job of the malware is to exploit the existing vulnerability in Java and Adobe programs and look for a very specific info when the user is browsing. The malware is looking for business bank accounts with over $100,000 balance in them and transferring funds to Serge’s bank account. Now look at the odds of a user with business bank account with over $100,000 balance and visiting a particular website while they had an outdated software running on their system. Serge made away with nearly $30,000,000.
Now the affected companies went to sue ‘the popular website’ for having this script on their website. The website guys turned around and said;
‘This happened not because we had a script on our website, but because you are running an outdated software and didn’t do your updates.’
That’s a burn but the good news is that the company had a cyber insurance.
They filed a claim for the insurance.
The insurance company turned around and said;
‘You are affected because you are running an outdated software. We cannot pay your claim’.
You get the gist. These affected companies haven’t updated their software/systems in months. The manufacturers have released patches and updates for the vulnerabilities months ago. There are no silver bullets when it comes to Cybersecurity but patching your systems is the closest to the silver bullet.
Patch your systems regularly. Ideally you will need to aim for updating your systems within 14 days of a patch being available. How do you do that you ask?
Leverage the Technology. Get a patch management solution.
It can be the one you have with your Microsoft subscription or a third party tools. These things don’t cost you much money and in fact they will save you from the tons of effort, time, hassle and embarrassment.
Most large businesses are known to have a decent patch management system. For the rest of us, especially SMEs, most Antivirus software are now available with a patch management module. Ask your vendor, or check out our Next-Generation Anti Virus solutions here.
Now go and do your updates!
- Deadline for the Cyber Essentials Voucher
- New Year cyber security recommendations
- How to uncover network vulnerabilities
- Protecting your identity online
- What is a VPN and why do you need one?
- Quick tips to improve your board’s cybersecurity
- Password Management Software
- How to make of your employees the best line of cyber defence against cyberattacks
- Congratulations to the Techforce Sponsorship winners
- Certificate management processes
- What is Phishing and what can you do to prevent it?
- Found malware, now what do you do?
- Data breaches and other scary 2019 events- Special Halloween post
- How to get your cyber security budget approved by the board
- The TechForce Sponsorships
- How to start a career in the security industry
- Top 5 Anti-Virus Software
- Protecting your business in the cyber security era
- Secure Your Supply Chain
- Case study: British Airways Fined £183.4million for Data Breach
- Is it a good idea to build your own Security Awareness Training platform?
- Fake invoice email scams and Office 365
- How to apply for the Cyber Essentials Voucher Scheme
- 5 things to consider when selecting a Security Awareness Training (SAT) platform
- 2 Years, Marmite and £600,000
- What is Business Email Compromise (BEC) and how to stop it
- Everything you need to know about Cyber Essentials
- Cyber Essentials Demystified
- How to choose a Security Awareness Platform
- How to pick the best Antivirus software for your business
- 6 Quick and Easy Email Security Tips for Dummies
- How to carry out a baseline email phishing test
- Hackers On Tour
- How to share passwords safely in your Small Business
- In the news - Warning. North Sea firms likely already attacked
- 10 Steps to Cyber Security
- 5 Reasons why you should consider having two monitors
- What is Email phishing & why you need security awareness training in your business
- 6 Top Tips to Prevent Cyber Attacks
- How to choose the best IT Service Provider for your business
- How to choose the best Antivirus software for your business
Deadline for the Cyber Essentials Voucher
Any Scottish registered SME can get up to £1,000 voucher towards their Cyber Essentials certification. It is available for first-time applicants. However, the scheme is now coming to close.More
New Year cyber security recommendations
In this blog post we give you some new year cyber security recommendations to protect your accounts and identityMore
How to uncover network vulnerabilities
If you are new in IT and want to know where to start finding vulnerabilities on the network you're managing this blog post might be for you.More
Protecting your identity online
Is it possible to really protect your identity online? How do “you” protect your identity online and how do others that have your identification details protect you in the ever expanding “online” aspect of computing?More
FOR LATEST UPDATES SUBSCRIBE HERE: