When your organisation suffers a data breach, the damage is more than lost data or costs to restore a system. Reputational damage can result in significant customer churn.

How do data breaches impact customer churn?

In IBM and The Ponemon Institute’s research report on data breaches in Australia, the organisations outlined the exact breakdown of breach costs.

On average, a data breach cost businesses $139 per compromised file. That breaks down to $60 in technical costs, and $79 to indirect costs like customer churn. That’s an average of 56 per cent of data breach costs coming through issues of customer retention.

Some sectors are more susceptible to this than others. Financial services and technology companies recorded higher than average churn after a data breach, while hospitality and retail are among those with more limited churn impacts.

At its core, this is an issue of trust. If your organisation deals in personal or private information, particularly financial data, there is an expectation that your company will be able to keep it secure. When it fails to do this, it fails at the core of its business. That is perhaps why churn in those sectors is so much higher than in retail or hospitality, where data security is not a core theme.

Lost records mean lost trust, which in turn means lost business. But how can you go about minimising this churn?

How to minimise the business impacts of a data breach

In trend terms, the churn-related impacts of a data breach are on the decline. IBM and Ponemon’s research noted a 5.3 per cent drop in these costs over 2017, particularly among companies that had a lower technical cost per record.

One of the keys to this could be brand management. Your response to a data breach shouldn’t just be in line with the Notifiable Data Breaches scheme – it should be part of a wider strategy to regain the trust of your customer base.

1. Future-proofing and transparency

Consider Facebook’s response to the Cambridge Analytica scandal – one of the most reputationally damaging events in history. Beyond repairing the immediate harm, the company completely overhauled its privacy settings and communicated those changes to users clearly. Well, relatively clearly. The company’s stock continued to fall after the event, but this is a prime example of future-proofing in a transparent manner, of demonstrating a commitment to safety and security in the eyes of your customers.

2. Implement best practice early

Data breaches will, to a certain degree, always have an element of embarrassment to them. However, if your company can demonstrate to customers that it has a strong history of best-practice data security, this may go a long way towards minimising churn.

As an example of this done wrong, look no further than the Australian government. Early 2018 saw the leak of confidential written documents that were stored in a cabinet that was sold in a second-hand store. Regular audits of your information storage and best-practice rules on digitisation are a must at the very least.

Use people you trust

In many cases, businesses simply won’t have the in-house expertise required to implement proper data security strategies. And that’s OK! The team at Over the Wire are network specialists – local experts who will partner with you to understand exactly what your business needs.

It’s a surefire way of tightening up security, demonstrating to customers that you take handling their information seriously, and mitigating the churn that results from a data breach. Don’t forget to download and implement our white paper, 6 Steps to Improve Your Business Cyber Security here.

Act early, act in good faith and act smart. Get in touch with the Over the Wire team to minimise risks today.

The post What Impact Does a Data Breach Have on Your Customer Base? appeared first on Over the Wire.

Considering how quickly a breach can impact numerous records, that’s a cost that many businesses won’t be able to bear. While we at Over the Wire will always recommend managed security services and prevention as the best cure, for the majority of organisations it’s the employees that are the weakest link. A mobile workforce, IoT devices and spear-phishing campaigns all present a potential cyber risk, and your security policies need to address them all.

Enter cyber insurance. A relatively new phenomenon, it seems to offer financial protection for businesses that do suffer a data breach. But what sort of coverage does cyber insurance provide?

How cyber insurance works for Australian businesses

Cyber liability insurance generally covers against two primary costs: keeping your data and networks secure and the price of disruption to business continuity. Many policies can also cover specific events or types of attacks, such as DDoS breaches or malware infection.

The Government’s Australian Cyber Security Centre (ACSC) noted in its 2017 threat report that cyber insurance was an industry undergoing rapid growth. As more high-profile attacks occur and businesses become more aware of the widespread impacts a single breach can have, it’s popularity will increase.

For example, IBISWorld research from the USA in 2016 showed 15.3 per cent annualised growth in the sector over the previous five years. While this growth hasn’t been reflected in the Australian market yet, it’s only a matter of time before it gains more traction.

Can cyber insurance protect against every security threat?

This is unlikely. Insurance policies are, by design, tailored to protect a business or individual financially against specific events and have a wide set of exclusions. However, threats to cyber security evolve at an alarming rate, with new strains of malware or variants on existing viruses cropping up every single day. We’ve actually covered this recently – you can see three cyber threats that could defeat your legacy cyber security systems in 2018 highlighted by the ACSC here.

The point is, a cyber insurance policy would have to be impossibly broad to provide adequate cover for an Australian business. It can mitigate some of the cost of recovery or lost information, but the true breadth of a breach is as hard to cover as it is to predict.

Further to this, the ACSC argues that the allotted payment may not be enough to cover the true cost of a data breach. The IBM/Ponemon research shows that the costs of a data breach can include:

• Information recovery and repair.
• Breach identification and containment.
• Notifying affected parts (including the Office of the Australian Information Commissioner) of the breach.
• Fines for non-compliant reporting.
• Customer churn and associated reputational damage.
• Implementation of new security measures and training.
• Lost intellectual property and reinforcing of this protection.

Put simply, cyber insurance is a useful tool for mitigating some data breach costs. It is not, however, a catch-all.

Should you cyber insure your business?

The problem may be that the insurer may not want to insure your organisation unless you have the basic controls for cyber security in place. Therefore implementation of the Government’s Australian Signals Directorate Essential Eight may be a pre-condition to obtaining a premium.

As the ACSC rightly notes, cyber insurance has its place, and that is alongside existing data breach prevention strategies. In particular, organisations should be implementing the Essential Eight, and take any extra steps that are easy to enforce at a business level.

This is the true prevention method. Educate staff, tighten up your security protocols, whitelist and constantly patch/harden software, and limit your administrator privileges wherever possible. Cyber insurance can limit your exposure to financial risk should the worst happen – but in itself is not a preventative measure.

Partner with the experts

To start planning your cyber security strategy, make sure you partner with experts. Our white paper 6 steps to improve your business cybersecurity contains security tips you can put into action immediately to help protect your business.

Over the Wire’s managed security services allows your business to mitigate risk by keeping ahead of security vulnerabilities. To learn more contact the Over the Wire team today.

The post What protection does cyber insurance offer your business and who should invest in it? appeared first on Over the Wire.

Everything from individual security protocols and education to the strength and number of your firewalls should be analysed, weak points addressed and fail-safes for identifying and reporting breaches established.

However, your data security can’t be static. In 2018, threats to your business move faster than ever before – the same technology that amplifies your organisation’s capabilities also provides new entry points for malicious entities. You need to ensure you are protected from the latest threats that will otherwise bypass your legacy security systems. Here are three warnings that the Government’s Australian Cyber Security Centre (ACSC) wants you to know about.

1. Risks with Meltdown and Spectre patches

In January, the ACSC reported on difficulties faced by organisations that attempted to patch operating systems to protect against Meltdown and Spectre. Microsoft released these updates, but they proved incompatible with many existing security systems. In fact, Intel reported that there was a risk of information loss or corruption, as well as general system instability.

Even patches from trusted, household names can sometimes fail to remediate your data security. A new patch variant has been released to mitigate these risks, and monthly security updates from Windows can help to address any issues.

2. Bitcoin mining through Texthelp

Everyone wants to get their slice of the Bitcoin pie, and that goes double for malicious cyber criminals. On February 12, the ACSC alerted consumers to the presence of an unauthorised mining system, embedded in Texthelp’s text-to-speech plugin, called BrowseAloud.

While a breach of trust, the ACSC advises this is not a full-blown data breach. Over 4,000 websites that featured the BrowseAloud functionality had their websites infected with Coinhive code. Coinhive generates Monero – a type of cryptocurrency. Texthelp took the plugin offline for a full examination of how the miner was inserted.

This is a good example of early detection, even if the breach was not designed to cause harm to those using the plugin. All told, The Guardian reports that the cryptocurrency mining netted the hackers $24 – hardly a worthwhile day’s work.

3. Vulnerabilities in Cisco software

Cisco produces a great deal of software, for anything from analytics to unified communications. In February 2018, they announced the discovery of vulnerabilities in their security products and firewalls that could lead to denial of service attacks or remote code execution.

The weakness could enable malicious entities to execute meaningless filler code, taking up memory and forcing a reset of your system or rendering it unable to approve VPN authentication requests.

Take the next step with your data security

These 2018 cyber security threats have been dealt with swiftly by the parties responsible for patching them. It is essential that system administrators ensure that patches are deployed as soon as possible in a systematic and controlled way.

It’s a 24-hour job, and that’s a big requirement – even for larger organisations with dedicated resources. Labour hours, technological know-how and the ability to execute restorative action are all must-haves in this environment. That’s why managed security services can be so critical. By handing the reins over to trusted, local experts that are on hand at all hours, you can get the best for your business without you personally needing to stay on top of every new threat or development. Learn more about Over the Wire’s managed security here.

There is no true endpoint in data security. Threats continue to evolve, so security systems must be in a constant state of change. Take the first step of improving your data security by downloading our 24 page cyber security eBook.

For expert advice on how to improve your data security, contact the Over the Wire team today or complete the form below and one of our friendly team members will be in touch with you shortly.

The post 3 cyber threats that could defeat your legacy cyber security systems in 2018 appeared first on Over the Wire.

For example, you may have heard about Ethereum, a public blockchain network used by the UN’s World Food Programme to underpin a cashless economy for Syrian refugees. The instant validation of data means that this kind of process is applicable all around the world.

In Australia, businesses are starting to take note – here are five ways your business could leverage blockchain technology.

1. Customer identification

By employing blockchain, financial services organisations could tap into untold efficiencies in customer identification.

In a recent piece by iGTB Senior Business Analyst Binu Yohannan, he argues that the blockchain can serve as a single repository of customer identification information for an entire industry sector. With the appropriate encryption and data security regulations, the blockchain could store a bank’s customer or transaction information in a database with all other institutions in the same country or city.

This gives organisations access to real-time, secure information that would otherwise be held up in the gatekeeping processes banks commit to on an individual basis.

2. Smart contracts

A smart contract is a computer program that contains a set of legal rules for negotiating the terms of an agreement. The rules can automatically be enforced and the agreed terms executed without the need for third party approval.

Smart contract data is encrypted and stored on a shared ledger in a Blockchain so in theory it is secure and immutable.

There have been exploits of smart contracts in the past, so it’s important that your code is as airtight as your network security.

3. International payments

International payments can be made much faster and in a more transparent manner through the blockchain, according to Mastercard. The credit card giant is embracing the blockchain in a bid to overcome speed- and cost-related hold-ups in global B2B transactions.

An Accenture report suggests a 70 per cent drop in financial reporting costs through blockchain, as well as a 30 per cent decrease in compliance-related costs. By settling B2B transactions in the digital sphere without third party risks, businesses can realise massive financial benefits.

4. Voting and corporate governance

The transparency and P2P verification of a blockchain network makes it ideal for ensuring information is both secure and accurate. While this has largely meant financial institutions are benefiting from the tech, any enterprise involved in any kind of election can also reap the rewards.

By skipping third parties (in this case an electoral authority), organisations can create a shared voting ledger that records and validates data without fear of tampering. It’s ideal for true insight into how an employee base (or even an entire population) wishes to vote.

5. Democratising the music industry

A tale as old as time – how do artists get paid for the full value of their work? The answer could lie in blockchain.

Writing for Techcrunch in 2016, TechTalks founder Ben Dickson argued that a single database on a blockchain network could contain artists’ music, including copyrights, licensing fees, time stamps and unique identifiers. Tamper-proof and concreted in the system, individuals and businesses could then buy the music for a transparent dollar value, which is then permanently recorded in the chain.

By skipping third parties like labels and streaming services, people can pay artists directly for their music in a transparent, efficient manner.

What are you waiting for?

Blockchain technology has levelled the playing field in so many ways. No longer do banks, record labels or other third-party authorities control information and money in the way they used to. It’s a complete democratisation of information, but it’s also absolutely reliant on data networks – which can be fallible.

The blockchain can revolutionise your business, yes, but without the right security protocols the information you submit to it could be vulnerable.

That’s where Over the Wire can help – read our comprehensive cyber security e-book to learn more about the primary areas of cyber risk and find out more about beefing up your security.

The post 5 ways blockchain can help Australian businesses appeared first on Over the Wire.

1. Protect Your Website Content Management System (CMS)

Good data security means protecting every access point to your network – for many businesses, that means protecting their external-facing CMS.

A compromised CMS can lead to attackers accessing other protected areas of your website, installing malware or enabling remote access for third parties (like bitcoin mining tools), or perhaps even sabotaging your reputation by publishing unsavory content on your website. Even if your website contains no private information, such a breach indicates website frailty and can damage trust with consumers.

You can mitigate threats here by:

• Using a managed CMS hosting platform, or work within the ASD’s certified list of cloud providers.
• Continuously maintain and patch your CMS to avoid publicly available frailties. This includes scripting environments, third party applications and custom code.
• Remove or disable unnecessary third-party plugins and detailed error messages that attackers can exploit.
• Employ change management in CMS deployment and file integrity monitoring.

2. Perfect your policies on social media

Social media: the Wild West of data security. Beyond the immediate risk of employees posting sensitive information on social media, staff who clearly identify as working for your organisation can do reputational damage with even a seemingly benign personal post.

The ASD warns that isolated incidences of information posted on social media, no matter how disparate, can be accrued by attackers and used for manipulation, targeted social engineering campaigns or exerting undue influence on the poster.

To mitigate risks in the social media environment, your policies must be comprehensive. They should cover:

• Whether staff can identify themselves as affiliated with the company on personal profiles.
• Training and explicit guidelines on the use of corporate social media accounts.
• When access to company social media accounts is given and revoked.
• How to recover accounts should they be hijacked and when to alert management of a potential breach.
• Password protocols – for example, to never have a browser remember account details.

Social media can be a minefield to navigate, as so much of your security in this arena relies on basic common sense. Be as explicit as you can in your policy about any potential threats, and you can go a long way to protecting your business.

3. Learn to identify socially-engineered messages

Social-engineering messages are a critical part of spear-phishing campaigns, which the Australian Cyber Security Centre identified as a common threat to Australian corporates. The more education you can provide to staff on identifying these emails, the better-prepared your organisation will be in the future.

Most of the time, this can be straightforward. Teach staff to ask the following whenever they receive an email regarding sensitive information:

• Is the sender recognisable, and is their email address spelled correctly?
• Are they asking you to open a suspicious attachment or link?
• Are they requesting sensitive information or the transfer of funds?
• Is there a request for a specific activity (like enabling Microsoft Office macros)?
• Is the sender asking for information that they should not usually be able to access?

If any red flags arise, teach staff about what to do next. They should not delete the message, they should forward it to their IT department or other relevant body. Confirming details of requests with the alleged sender over the phone or in person is also an excellent way of identifying socially engineered messages. To learn more about cyber threats through email, read our article 5 Ways Your Business Can Prevent Email Compromise.

What to do next

It’s 2018, and extensive information about ourselves and our businesses is online. It’s important to take every step possible to protect that information, and prevent malicious attackers from exploiting it. Dive deeper into the identification and protection of cyber threats by downloading our 24 page cyber security eBook.

For expert advice on how to improve your data security, contact the Over the Wire team today or complete the form below and one of our friendly team members will be in touch with you shortly.

The post Beyond the Essential Eight: Extra Business Cyber Security Tips appeared first on Over the Wire.

This information comes from Have I Been Pwnd (HIBP), a website that has recently partnered with the Australia Cyber Security Centre (ACSC). By identifying breaches and showcasing the breadth and scale of them, both bodies hope to keep Australians up to date with the latest in data security. How many of these breached companies do you recognise?

1. Adobe

The software giant, primarily known for its design products, suffered a massive breach in 2013. This saw hackers gain access to information on 153 million accounts, including encrypted passwords.

2. BitTorrent

Even if you haven’t downloaded using P2P torrents, chances are you’ve heard of the big-name downloading clients – with BitTorrent chief among them. In January 2016, forums for the software suffered a data breach, which led to more than 34,000 users having email and IP addresses compromised.

3. Coachella

Coachella is arguably the biggest music festival in the world, which perhaps made it a prime target for malicious cybercriminals. In February last year, hackers took nearly 600,000 records from both the festival website and its associated forums, before trying to sell them online.

4. Dominos

Cybercriminals use leaked information in many ways. In the case of Domino’s in France and Belgium, hackers accessed 648,000 records in their network and tried to hold the company to ransom or they would release the information publicly. Domino’s didn’t pay up, and the data was released six months after the June 2014 breach.

5. LinkedIn

One of the larger hacks on this list, more than 164 million LinkedIn users had their data compromised in 2012. However, these email addresses and passwords weren’t marked as breached until May 2016, when the data popped up for sale on the dark web.

6. Kickstarter

The renowned crowd-funding site suffered a data breach in 2014, which impacted some 5.2 million unique email addresses. While personal financial details were kept safe, usernames and salted SHA1 password hashes were revealed, which can compromise other accounts with the same information.

7. Snapchat

Snapchat somewhat built their own demise in 2014. HIBP notes that shortly after the company stated a brute force attack on their database was theoretical, hackers did just that and accessed 4.6 million users’ names, locations and even phone numbers.

8. Myspace

Another case of delayed selling of information, this time eight years later. In 2008, cybercriminals breached MySpace’s security and gained the emails, usernames and passwords of a whopping 359 million users. It wasn’t noticed until the information was put up for sale in May 2016.

9. Sony

A household name, whose hack is already household knowledge. In 2011, everything from Sony Pictures through to the PlayStation Network was compromised due to an SQL injection weakness. At 37,000 accounts breached, it is one of the smallest breaches here in number of records, but one of the most widely reported.

10. Vodafone

This breach occurred in Iceland but shows how even trusted names in tech can unwittingly leave you exposed. In 2013, hackers got everything from credit card details to passwords to SMS messaging histories for some 56,000 users.

Has your email address been pwned?

Have I Been Pwnd (HIBP) is a platform that allows you to check if your email address has been part of a data breach. With millions of email addresses stolen over countless data breaches, if you’ve used the same email address for several years, there is a fair chance it has made it onto a hackers list or two. Check your email address here.

It can happen to anyone – so everyone should be prepared

It’s important to note that data breaches can have a widespread impact. The ACSC notes that interdependencies between systems or shared cloud vulnerabilities can mean that when one attack strikes, multiple organisations can suffer.

This means your data security has to be thorough, widespread and constantly evolving. To get you started, you can learn about six things you can do right now to help protect your business from a data breach today by downloading our white paper, 6 Steps to Improve your Business Cyber Security.

For a more in depth look at network security you can learn more about Over the Wire’s managed security solution, Edge Security Protection, our advanced firewall solution. To see how your business can benefit, get in touch with the team at Over the Wire by completing the form below.

The post 10 household names you didn’t know suffered a data breach appeared first on Over the Wire.

Leveraging our existing private cloud environment, which has nodes in Melbourne, Sydney and Brisbane, we are able to expand the security platform onto our private cloud. This means that our customers will be able to benefit from a diverse and complex managed security solution at the core of their business WAN while avoiding large hardware capital expenditure.

“Previously we had deployed appliances in diverse data centres but found that this model lacked the flexibility required by growing businesses. Not only does the physical security appliance model require the purchase of redundant hardware, but as soon as a client needs additional capacity or features there is the risk that all the old hardware becomes obsolete,” says Scott Allen, Over the Wire’s National Manager of Presales. “By leveraging Fortinet’s VM licensing and moving the physical infrastructure requirements onto our existing cloud nodes we can rapidly deploy or upgrade a customer’s environment without risk of having wasted tin sitting around at the end of the process, meaning a faster turnaround at a lower cost.”

The decision to retain Fortinet as the security vendor extends a relationship that has been ongoing since 2010. The Fortinet Security Fabric enables Over the Wire customers to benefit from a comprehensive suite of security intelligence, integrated seamlessly into their corporate network.

“Beyond the standard detection, prevention, content filtering and reporting, the Fortinet offering also gives Over the Wire customers greater peace-of-mind,” Scott continues. The Fortinet Security Fabric helps businesses to be one step ahead through the AI and Machine Learning Fortinet uses on data from millions of connected end-points worldwide, meaning better detection and blocking of ‘Zero-Day’ threats. “By adding this at the private network level and managing it for them, our customers get a comprehensive network security solution, not simply a security appliance deployed in isolation,” Scott Allen explains.

With the Notifiable Data Breach scheme introduced earlier this year and other security issues in the news regularly, corporate data security has become a hot topic. At Over the Wire we believe in the importance of a robust, managed security solution. This gives Australian businesses access to expert support and enterprise-grade solution deployments that would otherwise be out of reach for most organisations.

Learn more about Over the Wire’s Managed Security solutions online or contact our team to organise a security discussion session today.

The post 3rd Generation of our Managed Security Platform Launched appeared first on Over the Wire.

By establishing a shared digital ledger, public blockchain technology has levelled the playing field for currency-based transactions by democratising the flow of transactions, making them visible to anyone.

However, the same technology can be deployed within a private blockchain scenario. While more restricted in capability, this technology can have massive benefits for Australian business.

How does private blockchain work, and how is it different from public?

In a public blockchain, anyone can read or make transactions as it is an open-source model with no centralised database or governance. New transactions are added to the existing string (the proverbial blockchain), providing a comprehensive and transparent history of all purchases and sales that every participant has read, write or audit access to.

It allows for real-time transactions, with pre-existing nodes (participants) validating credentials and balances instead of third parties like banks. It’s an autonomous, self-validating, constantly evolving chain of activity that anyone can interact with. Bitcoin is the pre-eminent example of public blockchain technology.

Private blockchain operates under the same principles as public, but with a set operator of the string and a clearly defined set of boundaries. It contains all of the self-validating benefits of the public blockchain, but retains the privacy and centralised control that people associate with traditional transactional models.

The benefits of private blockchain for Australian businesses

If a business wants to use blockchain technology, it will typically be for one of the following operations:

• Financial transactions.
• Automate record transfer, keeping and sharing.
• Vote counting (and preventing fraud in electoral processes).

Forbes reports that blockchain and biometric eyeball scanning technologies underpin the systems that support food distribution in the Syrian refugee crisis. While there are many further uses of blockchain, at the core of its business functionality is the creation of transparent, stacking “ledgers” of information. This is where private blockchain can prove extremely useful.

1. Security

In a private blockchain, organisations can control exactly who has read, write or audit permissions. This is critical for industries like financial and professional services, where data will often be sensitive and its release could constitute a data breach.

Restricting administrator privileges is one of the key elements in the Australian Signals Directorate’s ‘Essential Eight’. By combining this tactic with the shared infrastructural benefits that blockchain offers, businesses get the best of both worlds.

2. Automation

Because transactions are instantaneous and non-refundable, privatising blockchain can also greatly reduce red tape when transmitting communications or funds within a single organisation. It’s not just the democratisation of transfers; it’s the automation of them, too.

3. Revolution

A recent EY (a global leader in knowledge management) blockchain revolution paper notes a core problem holding public blockchain back from widespread success – identity. The lack of digital-based identity behind the blockchain means that it cannot break through current regulatory red tape.

However, if organisations can establish a clear digital identity that people interact with through the blockchain (which is likely easier under a private model), EY argues that this could revolutionise financial services. Clear, realised value is no longer relative to the blockchain – it becomes a tangible competitor to real-world markets.

What to look out for in private blockchain

The security of private blockchain does come with certain drawbacks. In the same sense that intranet is safer but more limited than the Internet, private blockchains are unlikely to reach the operational capacity that public ones can.

On the other hand, utilising public blockchain can mean businesses are restricted in the transactions they can make, lest secure information be made public.

Overall, the benefits of blockchain technology are profound. Shared infrastructure, less red tape and the ability to control permissions – it’s the kind of infrastructure that many organisations have been waiting decades for. However, it’s important to support this new technology with the right safety protocols in place.

Want to find out more about secure information and the future of Australian businesses? Read our comprehensive cyber security eBook.

The post What is private blockchain, and which types of organisation can benefit? appeared first on Over the Wire.

It’s an issue that every organisation needs to put on their data security agenda – has yours begun the process?

What is router compromise, and how does it work?

Router compromise is a fairly sophisticated form of data breach. Malicious entities conduct automated scans of routers to identify hardware that is vulnerable to an attack. This enables an adversary to extract configuration files, from which point they may be able to control or manipulate any devices that connect to your network, as well as the Internet connection itself.

In most cases so far, cyber attacks on routers have focused on those with Simple Network Management Protocol (SNMP) that is exposed to the Internet. This is a default setting, usually established during the setup of a network. While many organisations turn SNMP off after this process is complete, many more have left it open, creating risk of compromise. The ACSC has noted that router switches with Cisco Smart Install exposed to the Internet are also susceptible to router scanning and hacking.

How can you identify router compromise?

If your organisation’s router has this exposure to attacks, there are some straightforward checks that network administrators can take immediately. You should check network logs for:

• Unexpected SNMP queries; or queries of unknown origin.
• Command outputs or network configurations that have come from outside sources – particularly through Trivial File Transfer Protocol (TFTP).
• Configurations that apply to GRE tunnels you would not expect changes to.

If any of these red flags emerge, it may be time to conduct a thorough assessment of the threat, in line with the Notifiable Data Breaches scheme guidelines from the Office of the Australian Information Commissioner.

How can you prevent router compromise?

The first step in prevention is the simplest – if your router has SNMP which is exposed to the Internet, disable it. If you require read/write capabilities with your SNMP, ensure it cannot connect with unauthorised or untrusted third parties. Alternatively, you can upgrade your SNMP to version 3 and adjust all of the community strings to an appropriate setting.

Similarly, for Cisco router users, if you do not require Cisco Smart Install to be active, disable it. You can also begin using Access Control Lists (ACL), which limit the access SNMP has to network configurations. Finally, you can configure your anti-spoofing protocols to drop any packets at the edge of your network which come from unauthorised sources.

The ACSC is also proactively scanning Australian IP address ranges, looking for vulnerable or compromised routers.

Mitigate the impacts of router scanning today

If your organisation suffers a router compromise-related attack, the costs can be far-reaching. Beyond the money spent eradicating the threat and hardening/patching your systems, significant data breaches require comprehensive follow-up action with both the OAIC and any affected third parties.

Hardware may need to be replaced, staff upskilled, and consumer relations or company reputation may suffer irreparable damage if an attack threatens an individual’s safety.

Cyber criminals are becoming more and more sophisticated, with router scanning just one example of new ways your systems can be breached. To stay on the cutting edge of data security, it’s critical you work with partners who can provide around-the-clock service, proactively anticipate threats and shut down risks before they spread.

To learn more about router vulnerability and other cyber risk areas, our 24 page eBook, IT Managers: Set your Network Defences to Stunning, is a great resource with tips you can use to identify, contain and prevent cyber security threats. You can download it here.

That’s the difference Over the Wire will make. Contact the team today to find out more.

The post How to spot (and stop) router compromise appeared first on Over the Wire.

Over the Wire provides a 24/7 protection and notification managed security service, with local specialists on hand to monitor and mitigate any threats to your company. Find out more about our security service here.

How we can help

Over the Wire provides a 24/7 protection and notification managed security service, with local specialists on hand to monitor and mitigate any threats to your company. Find out more about our security service here. Or complete the form below.

To understand more about how breaches occur and how to prevent them, our 24 page eBook, IT Managers: Set your Network Defences to Stunning, is a great resource with tips you can use to identify, contain and prevent cyber security threats. You can download it here.

The post The Timeline of a Data Breach appeared first on Over the Wire.