Nobody enjoys having anyone snooping in their private matters, but sometimes it does happen.

Some shocking news hit the media just a few days ago about a serious hacking attempt on Maltese government systems. Though fortunately the attack was neutralized, it sheds light on the vulnerable nature of IT systems and the need for up to date cyber and incident response.

The hacking attempt was initiated by a Russian hacker group known as Turla (also known as venomous bear or KRYPTON) who have specialized in cyber espionage against “big fish” countries so far. However, it seems this time they turned their attention to other countries like Malta.

No alt text provided for this image

Image 1: Previous attacks believed to be the work of Turla. Provided from Kaspersky Labs

Fortunately, the Maltese government just recently upgraded their cyber defense capabilities and MITA’s Incident Response Team blocked the attack. It is beyond comprehension and difficult to estimate the monetary and reputational damage the hackers could have caused had they not been detected in a timely manner.

The incident is a great example on why cyber investments ultimately pay off. It is now clear that even relatively small nations are no exceptions when it comes to the so-called cyber war. Turla and similar hacking groups are now targeting governments and private businesses without proper cyber protection to a greater extent than before to steal data, money, information or just to cause damage.

Cyber security is key for business survivability in today’s world and incidents like this should serve as a wakeup call. Companies must invest into their cyber capabilities to a much greater measure in 2019 to remain competitive and ensure their customer’s concerns over security are adequately dealt with. Cyber security should be as intrinsic to the operations of any business operating any form of information systems as a matter of normal course of business.

But where to start? A series of steps can be taken to avoid being overwhelmed and to make sure each area is given the full attention it deserves.

System Audit

Continuous audits are essential to identify the company’s faulty processes and for management to understand if the business is working as expected. A system audit can also pinpoint traces of misconduct and can help identify shortcomings in the company’s integrity.

Policy Development

A company’s information security policies are an initial step in hardening a business against insider and outsider threats. Setting a high-level tone and defining the cyber culture with clear set of rules for one’s  business through high level standards such as ISO 27000 is a crucial step.

Information Security Awareness

Understanding what is right and wrong to do in cyber space is not an easy task for employees within the organization. As time progresses, employees have been the Achilles heel of most successful breaches. Thus, one cannot stress more about the importance of training every employee regularly. Remember you are as strong as your weakest link.

– Social Engineering Assessment

In order to confirm the effectiveness of any training given about cybercrime, an assessment is required. Given that social engineering is the most commonly used cyber-attack, it is only logical that the assessment structured to evaluate the effectiveness of the training would be a type of social engineering attack. This can take many forms and either target some employees (spear phishing) or by running a whole campaign throughout the company.

Vulnerability Assessment

With the constant changes performed on an IT infrastructure such as updating patches, installing/uninstalling hardware and software, the number of vulnerabilities in one’s systems can only increase if not catered for. That is why regular vulnerability scanning is highly recommended for some companies and essential for other companies especially those who form part of a nation’s national critical infrastructure, as outlined in the L.N.216 of 2018 for Malta, for instance.

Penetration Testing

As a result of an increase in security requirements and workload, it is understandable that at some point certain checks and updates may be missed or given a lesser priority. Therefore, engaging an external party to perform penetration testing on your internal and external infrastructure can help in keeping your mind at rest. Most security experts recommend that such testing is performed at least once a year.

D4n6 offers a wide range of cyber consultancy services including the ones listed above to our multi-sectorial clients in order to ensure that their organization remains resilient against any threats.

Prevention is key in protecting your business from data breaches and we are determined to help you!

Feel free to contact us so we can discuss the best solution for your company.

Leave a Reply