Social - Clear

Company Slogan

THE STRAIGHT TALKING ALTERNATIVE

Social - Clear

What protection does cyber insurance offer your business and who should invest in it?

What protection does cyber insurance offer your business and who should invest in it? Data breaches: they're expensive. Research from IBM and the Ponemon Institute puts the average per-record cost of breaches at $139. Given that 41 per cent of their survey respondents had more than 1,000 records affected, this takes the immediate cost impact of a data breach to over the $100,000 mark.

Considering how quickly a breach can impact numerous records, that's a cost that many businesses won't be able to bear. While we at Over the Wire will always recommend managed security services and prevention as the best cure, for the majority of organisations it’s the employees that are the weakest link. A mobile workforce, IoT devices and spear-phishing campaigns all present a potential cyber risk, and your security policies need to address them all.

Enter cyber insurance. A relatively new phenomenon, it seems to offer financial protection for businesses that do suffer a data breach. But what sort of coverage does cyber insurance provide?


How cyber insurance works for Australian businesses

Cyber liability insurance generally covers against two primary costs: keeping your data and networks secure and the price of disruption to business continuity. Many policies can also cover specific events or types of attacks, such as DDoS breaches or malware infection.

The Government’s Australian Cyber Security Centre (ACSC) noted in its 2017 threat report that cyber insurance was an industry undergoing rapid growth. As more high-profile attacks occur and businesses become more aware of the widespread impacts a single breach can have, it's popularity will increase.

For example, IBISWorld research from the USA in 2016 showed 15.3 per cent annualised growth in the sector over the previous five years. While this growth hasn't been reflected in the Australian market yet, it's only a matter of time before it gains more traction.


Can cyber insurance protect against every security threat?

This is unlikely. Insurance policies are, by design, tailored to protect a business or individual financially against specific events and have a wide set of exclusions. However, threats to cyber security evolve at an alarming rate, with new strains of malware or variants on existing viruses cropping up every single day. We've actually covered this recently - you can see three cyber threats that could defeat your legacy cyber security systems in 2018 highlighted by the ACSC here.

The point is, a cyber insurance policy would have to be impossibly broad to provide adequate cover for an Australian business. It can mitigate some of the cost of recovery or lost information, but the true breadth of a breach is as hard to cover as it is to predict.

Further to this, the ACSC argues that the allotted payment may not be enough to cover the true cost of a data breach. The IBM/Ponemon research shows that the costs of a data breach can include:

  • Information recovery and repair.
  • Breach identification and containment.
  • Notifying affected parts (including the Office of the Australian Information Commissioner) of the breach.
  • Fines for non-compliant reporting.
  • Customer churn and associated reputational damage.
  • Implementation of new security measures and training.
  • Lost intellectual property and reinforcing of this protection.

Put simply, cyber insurance is a useful tool for mitigating some data breach costs. It is not, however, a catch-all.


Should you cyber insure your business?

The problem may be that the insurer may not want to insure your organisation unless you have the basic controls for cyber security in place. Therefore implementation of the Government’s Australian Signals Directorate Essential Eight may be a pre-condition to obtaining a premium.

As the ACSC rightly notes, cyber insurance has its place, and that is alongside existing data breach prevention strategies. In particular, organisations should be implementing the Essential Eight, and take any extra steps that are easy to enforce at a business level.

This is the true prevention method. Educate staff, tighten up your security protocols, whitelist and constantly patch/harden software, and limit your administrator privileges wherever possible. Cyber insurance can limit your exposure to financial risk should the worst happen - but in itself is not a preventative measure.

Partner with the experts

Click here to download the White Paper

To start planning your cyber security strategy, make sure you partner with experts. Our white paper 6 steps to improve your business cybersecurity contains security tips you can put into action immediately to help protect your business.

Over the Wire's managed security services allows your business to mitigate risk by keeping ahead of security vulnerabilities. To learn more contact the Over the Wire team today.

3 cyber threats that could defeat your legacy cyber security systems in 2018

3 cyber threats that could defeat your legacy cyber security systems in 2018 At this point, hopefully your organisation's data security is up to scratch. The Notifiable Data Breaches scheme is in full effect for organisations who have obligations under the Privacy Act. Organisations should by now have conducted rigorous assessments of their data security and have comprehensive mitigation and response strategies in place.

Everything from individual security protocols and education to the strength and number of your firewalls should be analysed, weak points addressed and fail-safes for identifying and reporting breaches established.

However, your data security can't be static. In 2018, threats to your business move faster than ever before - the same technology that amplifies your organisation's capabilities also provides new entry points for malicious entities. You need to ensure you are protected from the latest threats that will otherwise bypass your legacy security systems. Here are three warnings that the Government’s Australian Cyber Security Centre (ACSC) wants you to know about.


1. Risks with Meltdown and Spectre patches

In January, the ACSC reported on difficulties faced by organisations that attempted to patch operating systems to protect against Meltdown and Spectre. Microsoft released these updates, but they proved incompatible with many existing security systems. In fact, Intel reported that there was a risk of information loss or corruption, as well as general system instability.

Even patches from trusted, household names can sometimes fail to remediate your data security. A new patch variant has been released to mitigate these risks, and monthly security updates from Windows can help to address any issues.


2. Bitcoin mining through Texthelp

Everyone wants to get their slice of the Bitcoin pie, and that goes double for malicious cyber criminals. On February 12, the ACSC alerted consumers to the presence of an unauthorised mining system, embedded in Texthelp's text-to-speech plugin, called BrowseAloud.

While a breach of trust, the ACSC advises this is not a full-blown data breach. Over 4,000 websites that featured the BrowseAloud functionality had their websites infected with Coinhive code. Coinhive generates Monero – a type of cryptocurrency. Texthelp took the plugin offline for a full examination of how the miner was inserted.

This is a good example of early detection, even if the breach was not designed to cause harm to those using the plugin. All told, The Guardian reports that the cryptocurrency mining netted the hackers $24 - hardly a worthwhile day's work.


3. Vulnerabilities in Cisco software

Cisco produces a great deal of software, for anything from analytics to unified communications. In February 2018, they announced the discovery of vulnerabilities in their security products and firewalls that could lead to denial of service attacks or remote code execution.

The weakness could enable malicious entities to execute meaningless filler code, taking up memory and forcing a reset of your system or rendering it unable to approve VPN authentication requests.


Take the next step with your data security

Click here to download the eBook

These 2018 cyber security threats have been dealt with swiftly by the parties responsible for patching them. It is essential that system administrators ensure that patches are deployed as soon as possible in a systematic and controlled way.

It's a 24-hour job, and that’s a big requirement - even for larger organisations with dedicated resources. Labour hours, technological know-how and the ability to execute restorative action are all must-haves in this environment. That's why managed security services can be so critical. By handing the reins over to trusted, local experts that are on hand at all hours, you can get the best for your business without you personally needing to stay on top of every new threat or development. Learn more about Over the Wire's managed security here.

There is no true endpoint in data security. Threats continue to evolve, so security systems must be in a constant state of change. Take the first step of improving your data security by downloading our 24 page cyber security eBook.

For expert advice on how to improve your data security, contact the Over the Wire team today or complete the form below and one of our friendly team members will be in touch with you shortly.

5 ways blockchain can help Australian businesses

5 ways blockchain can help Australian businesses Blockchain technology is revolutionising how organisations work. By creating a decentralised system through which information passes, validated on a P2P basis rather than a gatekeeping authority, businesses and not-for-profits can take advantage of huge potential efficiencies in operational processes that previously took days.

For example, you may have heard about Ethereum, a public blockchain network used by the UN’s World Food Programme to underpin a cashless economy for Syrian refugees. The instant validation of data means that this kind of process is applicable all around the world.

In Australia, businesses are starting to take note - here are five ways your business could leverage blockchain technology.


1. Customer identification

By employing blockchain, financial services organisations could tap into untold efficiencies in customer identification.

In a recent piece by iGTB Senior Business Analyst Binu Yohannan, he argues that the blockchain can serve as a single repository of customer identification information for an entire industry sector. With the appropriate encryption and data security regulations, the blockchain could store a bank's customer or transaction information in a database with all other institutions in the same country or city.

This gives organisations access to real-time, secure information that would otherwise be held up in the gatekeeping processes banks commit to on an individual basis.


2. Smart contracts

A smart contract is a computer program that contains a set of legal rules for negotiating the terms of an agreement. The rules can automatically be enforced and the agreed terms executed without the need for third party approval.

Smart contract data is encrypted and stored on a shared ledger in a Blockchain so in theory it is secure and immutable.

There have been exploits of smart contracts in the past, so it's important that your code is as airtight as your network security.


3. International payments

International payments can be made much faster and in a more transparent manner through the blockchain, according to Mastercard. The credit card giant is embracing the blockchain in a bid to overcome speed- and cost-related hold-ups in global B2B transactions.

An Accenture report suggests a 70 per cent drop in financial reporting costs through blockchain, as well as a 30 per cent decrease in compliance-related costs. By settling B2B transactions in the digital sphere without third party risks, businesses can realise massive financial benefits.


4. Voting and corporate governance

The transparency and P2P verification of a blockchain network makes it ideal for ensuring information is both secure and accurate. While this has largely meant financial institutions are benefiting from the tech, any enterprise involved in any kind of election can also reap the rewards.

By skipping third parties (in this case an electoral authority), organisations can create a shared voting ledger that records and validates data without fear of tampering. It's ideal for true insight into how an employee base (or even an entire population) wishes to vote.


5. Democratising the music industry

A tale as old as time - how do artists get paid for the full value of their work? The answer could lie in blockchain.

Writing for Techcrunch in 2016, TechTalks founder Ben Dickson argued that a single database on a blockchain network could contain artists' music, including copyrights, licensing fees, time stamps and unique identifiers. Tamper-proof and concreted in the system, individuals and businesses could then buy the music for a transparent dollar value, which is then permanently recorded in the chain.

By skipping third parties like labels and streaming services, people can pay artists directly for their music in a transparent, efficient manner.


What are you waiting for?

Click here to download the eBook Blockchain technology has levelled the playing field in so many ways. No longer do banks, record labels or other third-party authorities control information and money in the way they used to. It's a complete democratisation of information, but it's also absolutely reliant on data networks - which can be fallible.

The blockchain can revolutionise your business, yes, but without the right security protocols the information you submit to it could be vulnerable.

That's where Over the Wire can help - read our latest e-book to learn more about the primary areas of cyber risk and find out more about beefing up your security.

Beyond the Essential Eight: Extra Business Cyber Security Tips

Beyond the Essential Eight: Extra Business Cyber Security Tips In 2018, cyber security threats are moving faster than ever before. The Essential Eight (EE) is a shortlist of critical data security strategies developed by the Australian Signals Directorate (ASD) that informed our White Paper, 6 Steps to Improve your Business Cyber Security, but here are some additional mitigation tactics for your corporate defences.


1. Protect Your Website Content Management System (CMS)

Good data security means protecting every access point to your network - for many businesses, that means protecting their external-facing CMS.

A compromised CMS can lead to attackers accessing other protected areas of your website, installing malware or enabling remote access for third parties (like bitcoin mining tools), or perhaps even sabotaging your reputation by publishing unsavory content on your website. Even if your website contains no private information, such a breach indicates website frailty and can damage trust with consumers.

You can mitigate threats here by:

  • Using a managed CMS hosting platform, or work within the ASD's certified list of cloud providers.
  • Continuously maintain and patch your CMS to avoid publicly available frailties. This includes scripting environments, third party applications and custom code.
  • Remove or disable unnecessary third-party plugins and detailed error messages that attackers can exploit.
  • Employ change management in CMS deployment and file integrity monitoring.

2. Perfect your policies on social media

Social media: the Wild West of data security. Beyond the immediate risk of employees posting sensitive information on social media, staff who clearly identify as working for your organisation can do reputational damage with even a seemingly benign personal post.

The ASD warns that isolated incidences of information posted on social media, no matter how disparate, can be accrued by attackers and used for manipulation, targeted social engineering campaigns or exerting undue influence on the poster.

To mitigate risks in the social media environment, your policies must be comprehensive. They should cover:

  • Whether staff can identify themselves as affiliated with the company on personal profiles.
  • Training and explicit guidelines on the use of corporate social media accounts.
  • When access to company social media accounts is given and revoked.
  • How to recover accounts should they be hijacked and when to alert management of a potential breach.
  • Password protocols - for example, to never have a browser remember account details.

Social media can be a minefield to navigate, as so much of your security in this arena relies on basic common sense. Be as explicit as you can in your policy about any potential threats, and you can go a long way to protecting your business.


3. Learn to identify socially-engineered messages

Social-engineering messages are a critical part of spear-phishing campaigns, which the Australian Cyber Security Centre identified as a common threat to Australian corporates. The more education you can provide to staff on identifying these emails, the better-prepared your organisation will be in the future.

Most of the time, this can be straightforward. Teach staff to ask the following whenever they receive an email regarding sensitive information:

  • Is the sender recognisable, and is their email address spelled correctly?
  • Are they asking you to open a suspicious attachment or link?
  • Are they requesting sensitive information or the transfer of funds?
  • Is there a request for a specific activity (like enabling Microsoft Office macros)?
  • Is the sender asking for information that they should not usually be able to access?

If any red flags arise, teach staff about what to do next. They should not delete the message, they should forward it to their IT department or other relevant body. Confirming details of requests with the alleged sender over the phone or in person is also an excellent way of identifying socially engineered messages. To learn more about cyber threats through email, read our article 5 Ways Your Business Can Prevent Email Compromise.


Click here to download the eBook

What to do next

It's 2018, and extensive information about ourselves and our businesses is online. It's important to take every step possible to protect that information, and prevent malicious attackers from exploiting it. Dive deeper into the identification and protection of cyber threats by downloading our 24 page cyber security eBook.

For expert advice on how to improve your data security, contact the Over the Wire team today or complete the form below and one of our friendly team members will be in touch with you shortly.

10 household names you didn't know suffered a data breach

10 household names you didn't know suffered a data breach Suffering a data breach doesn't mean your organisation is poorly run. While it's crucial to have network security and internal systems in place to keep your business protected, cybercriminals are incredibly advanced. Some of the biggest organisations in the world fall prey to data breaches, as we'll show you today.

This information comes from Have I Been Pwnd (HIBP), a website that has recently partnered with the Australia Cyber Security Centre (ACSC). By identifying breaches and showcasing the breadth and scale of them, both bodies hope to keep Australians up to date with the latest in data security. How many of these breached companies do you recognise?



1. Adobe

The software giant, primarily known for its design products, suffered a massive breach in 2013. This saw hackers gain access to information on 153 million accounts, including encrypted passwords.

2. BitTorrent

Even if you haven't downloaded using P2P torrents, chances are you've heard of the big-name downloading clients - with BitTorrent chief among them. In January 2016, forums for the software suffered a data breach, which led to more than 34,000 users having email and IP addresses compromised.



3. Coachella

Coachella is arguably the biggest music festival in the world, which perhaps made it a prime target for malicious cybercriminals. In February last year, hackers took nearly 600,000 records from both the festival website and its associated forums, before trying to sell them online.



4. Dominos

Cybercriminals use leaked information in many ways. In the case of Domino's in France and Belgium, hackers accessed 648,000 records in their network and tried to hold the company to ransom or they would release the information publicly. Domino's didn't pay up, and the data was released six months after the June 2014 breach.

5. LinkedIn

One of the larger hacks on this list, more than 164 million LinkedIn users had their data compromised in 2012. However, these email addresses and passwords weren't marked as breached until May 2016, when the data popped up for sale on the dark web.



6. Kickstarter

The renowned crowd-funding site suffered a data breach in 2014, which impacted some 5.2 million unique email addresses. While personal financial details were kept safe, usernames and salted SHA1 password hashes were revealed, which can compromise other accounts with the same information.

7. Snapchat

Snapchat somewhat built their own demise in 2014. HIBP notes that shortly after the company stated a brute force attack on their database was theoretical, hackers did just that and accessed 4.6 million users' names, locations and even phone numbers.



8. Myspace

Another case of delayed selling of information, this time eight years later. In 2008, cybercriminals breached MySpace's security and gained the emails, usernames and passwords of a whopping 359 million users. It wasn't noticed until the information was put up for sale in May 2016.



9. Sony

A household name, whose hack is already household knowledge. In 2011, everything from Sony Pictures through to the PlayStation Network was compromised due to an SQL injection weakness. At 37,000 accounts breached, it is one of the smallest breaches here in number of records, but one of the most widely reported.

10. Vodafone

This breach occurred in Iceland but shows how even trusted names in tech can unwittingly leave you exposed. In 2013, hackers got everything from credit card details to passwords to SMS messaging histories for some 56,000 users.


Has your email address been pwned?

Have I Been Pwnd (HIBP) is a platform that allows you to check if your email address has been part of a data breach. With millions of email addresses stolen over countless data breaches, if you've used the same email address for several years, there is a fair chance it has made it onto a hackers list or two. Check your email address here.


It can happen to anyone - so everyone should be prepared

Click here to download the White Paper It's important to note that data breaches can have a widespread impact. The ACSC notes that interdependencies between systems or shared cloud vulnerabilities can mean that when one attack strikes, multiple organisations can suffer.

This means your data security has to be thorough, widespread and constantly evolving. To get you started, you can learn about six things you can do right now to help protect your business from a data breach today by downloading our white paper, 6 Steps to Improve your Business Cyber Security.

For a more in depth look at network security you can learn more about Over the Wire's managed security solution, Edge Security Protection, our advanced firewall solution. To see how your business can benefit, get in touch with the team at Over the Wire by completing the form below.

3rd Generation of our Managed Security Platform Launched

OTW becomes a major Fortinet cloud Managed Security provider Following 18-months of R&D, we have embraced Fortinet’s virtualised cloud deployment model to offer Managed Security and network services to Australian businesses. Over the Wire and subsidiary Telarus have been using Fortinet’s security platform for nearly a decade and we're excited to launch our 3rd generation of the Managed Security offering.

Leveraging our existing private cloud environment, which has nodes in Melbourne, Sydney and Brisbane, we are able to expand the security platform onto our private cloud. This means that our customers will be able to benefit from a diverse and complex managed security solution at the core of their business WAN while avoiding large hardware capital expenditure.

“Previously we had deployed appliances in diverse data centres but found that this model lacked the flexibility required by growing businesses. Not only does the physical security appliance model require the purchase of redundant hardware, but as soon as a client needs additional capacity or features there is the risk that all the old hardware becomes obsolete,” says Scott Allen, Over the Wire’s National Manager of Presales. “By leveraging Fortinet’s VM licensing and moving the physical infrastructure requirements onto our existing cloud nodes we can rapidly deploy or upgrade a customer’s environment without risk of having wasted tin sitting around at the end of the process, meaning a faster turnaround at a lower cost.”

The decision to retain Fortinet as the security vendor extends a relationship that has been ongoing since 2010. The Fortinet Security Fabric enables Over the Wire customers to benefit from a comprehensive suite of security intelligence, integrated seamlessly into their corporate network.

“Beyond the standard detection, prevention, content filtering and reporting, the Fortinet offering also gives Over the Wire customers greater peace-of-mind,” Scott continues. The Fortinet Security Fabric helps businesses to be one step ahead through the AI and Machine Learning Fortinet uses on data from millions of connected end-points worldwide, meaning better detection and blocking of ‘Zero-Day’ threats. “By adding this at the private network level and managing it for them, our customers get a comprehensive network security solution, not simply a security appliance deployed in isolation,” Scott Allen explains.

With the Notifiable Data Breach scheme introduced earlier this year and other security issues in the news regularly, corporate data security has become a hot topic. At Over the Wire we believe in the importance of a robust, managed security solution. This gives Australian businesses access to expert support and enterprise-grade solution deployments that would otherwise be out of reach for most organisations.

Learn more about Over the Wire's Managed Security solutions online or contact our team to organise a security discussion session today.


What is private blockchain, and which types of organisation can benefit?

5 ways blockchain can help Australian businesses Believe it or not, blockchain is nearly 10 years old. Since 2009, the technology has acted as the digital ledger through which Bitcoin transactions pass – it’s been the critical piece of infrastructure behind the rise of cryptocurrencies.

By establishing a shared digital ledger, public blockchain technology has levelled the playing field for currency-based transactions by democratising the flow of transactions, making them visible to anyone.

However, the same technology can be deployed within a private blockchain scenario. While more restricted in capability, this technology can have massive benefits for Australian business.


How does private blockchain work, and how is it different from public?

In a public blockchain, anyone can read or make transactions as it is an open-source model with no centralised database or governance. New transactions are added to the existing string (the proverbial blockchain), providing a comprehensive and transparent history of all purchases and sales that every participant has read, write or audit access to.

It allows for real-time transactions, with pre-existing nodes (participants) validating credentials and balances instead of third parties like banks. It's an autonomous, self-validating, constantly evolving chain of activity that anyone can interact with. Bitcoin is the pre-eminent example of public blockchain technology.

Private blockchain operates under the same principles as public, but with a set operator of the string and a clearly defined set of boundaries. It contains all of the self-validating benefits of the public blockchain, but retains the privacy and centralised control that people associate with traditional transactional models.


The benefits of private blockchain for Australian businesses

If a business wants to use blockchain technology, it will typically be for one of the following operations:

  • Financial transactions.
  • Automate record transfer, keeping and sharing.
  • Vote counting (and preventing fraud in electoral processes).

Forbes reports that blockchain and biometric eyeball scanning technologies underpin the systems that support food distribution in the Syrian refugee crisis. While there are many further uses of blockchain, at the core of its business functionality is the creation of transparent, stacking “ledgers” of information. This is where private blockchain can prove extremely useful.


1. Security

In a private blockchain, organisations can control exactly who has read, write or audit permissions. This is critical for industries like financial and professional services, where data will often be sensitive and its release could constitute a data breach.

Restricting administrator privileges is one of the key elements in the Australian Signals Directorate's 'Essential Eight'. By combining this tactic with the shared infrastructural benefits that blockchain offers, businesses get the best of both worlds.


2. Automation

Because transactions are instantaneous and non-refundable, privatising blockchain can also greatly reduce red tape when transmitting communications or funds within a single organisation. It's not just the democratisation of transfers; it's the automation of them, too.


3. Revolution

A recent EY (a global leader in knowledge management) blockchain revolution paper notes a core problem holding public blockchain back from widespread success - identity. The lack of digital-based identity behind the blockchain means that it cannot break through current regulatory red tape.

However, if organisations can establish a clear digital identity that people interact with through the blockchain (which is likely easier under a private model), EY argues that this could revolutionise financial services. Clear, realised value is no longer relative to the blockchain - it becomes a tangible competitor to real-world markets.


What to look out for in private blockchain

Click here to download the eBook The security of private blockchain does come with certain drawbacks. In the same sense that intranet is safer but more limited than the Internet, private blockchains are unlikely to reach the operational capacity that public ones can.

On the other hand, utilising public blockchain can mean businesses are restricted in the transactions they can make, lest secure information be made public.

Overall, the benefits of blockchain technology are profound. Shared infrastructure, less red tape and the ability to control permissions - it's the kind of infrastructure that many organisations have been waiting decades for. However, it's important to support this new technology with the right safety protocols in place.

Want to find out more about secure information and the future of Australian businesses? Read our latest cyber security eBook.

How to spot (and stop) router compromise

How to spot (and stop) router compromise Router compromise. Hardly the most nerve-wracking phrase in the cybercrime lexicon, but one that is a fast-increasing threat for every single Australian business. Last year saw widespread warnings about router security, with computer electronics company ASUS identifying vulnerabilities in its hardware and the Australian Cyber Security Centre (ACSC) noting that many organisations lost critical configuration files due to router compromise.

It's an issue that every organisation needs to put on their data security agenda - has yours begun the process?


What is router compromise, and how does it work?

Router compromise is a fairly sophisticated form of data breach. Malicious entities conduct automated scans of routers to identify hardware that is vulnerable to an attack. This enables an adversary to extract configuration files, from which point they may be able to control or manipulate any devices that connect to your network, as well as the Internet connection itself.

In most cases so far, cyber attacks on routers have focused on those with Simple Network Management Protocol (SNMP) that is exposed to the Internet. This is a default setting, usually established during the setup of a network. While many organisations turn SNMP off after this process is complete, many more have left it open, creating risk of compromise. The ACSC has noted that router switches with Cisco Smart Install exposed to the Internet are also susceptible to router scanning and hacking.


How can you identify router compromise?

If your organisation's router has this exposure to attacks, there are some straightforward checks that network administrators can take immediately. You should check network logs for:

  • Unexpected SNMP queries; or queries of unknown origin.
  • Command outputs or network configurations that have come from outside sources - particularly through Trivial File Transfer Protocol (TFTP).
  • Configurations that apply to GRE tunnels you would not expect changes to.

If any of these red flags emerge, it may be time to conduct a thorough assessment of the threat, in line with the Notifiable Data Breaches scheme guidelines from the Office of the Australian Information Commissioner.


How can you prevent router compromise?

The first step in prevention is the simplest - if your router has SNMP which is exposed to the Internet, disable it. If you require read/write capabilities with your SNMP, ensure it cannot connect with unauthorised or untrusted third parties. Alternatively, you can upgrade your SNMP to version 3 and adjust all of the community strings to an appropriate setting.

Similarly, for Cisco router users, if you do not require Cisco Smart Install to be active, disable it. You can also begin using Access Control Lists (ACL), which limit the access SNMP has to network configurations. Finally, you can configure your anti-spoofing protocols to drop any packets at the edge of your network which come from unauthorised sources.

The ACSC is also proactively scanning Australian IP address ranges, looking for vulnerable or compromised routers.


Mitigate the impacts of router scanning today

Click here to download the eBook If your organisation suffers a router compromise-related attack, the costs can be far-reaching. Beyond the money spent eradicating the threat and hardening/patching your systems, significant data breaches require comprehensive follow-up action with both the OAIC and any affected third parties.

Hardware may need to be replaced, staff upskilled, and consumer relations or company reputation may suffer irreparable damage if an attack threatens an individual's safety.

Cyber criminals are becoming more and more sophisticated, with router scanning just one example of new ways your systems can be breached. To stay on the cutting edge of data security, it's critical you work with partners who can provide around-the-clock service, proactively anticipate threats and shut down risks before they spread.

To learn more about router vulnerability and other cyber risk areas, our 24 page eBook, IT Managers: Set your Network Defences to Stunning, is a great resource with tips you can use to identify, contain and prevent cyber security threats. You can download it here.

That's the difference Over the Wire will make. Contact the team today to find out more.

The Timeline of a Data Breach

Since the inception of the Notifiable Data Breaches (NDB) scheme in Feburary 2018, data breaches are required to be reported and Australian businesses have even more responsibility to demonstrate an aggressive approach to managing cyber-risk. To help businesses understand how this process works we've prepared the following infographic.

Over the Wire provides a 24/7 protection and notification managed security service, with local specialists on hand to monitor and mitigate any threats to your company. Find out more about our security service here.

Please share this infographic to your social accounts via the above share buttons.

Countdown to Chaos: The Timeline of a Data Breach Infographic

How we can help

Click here to download the eBook



Over the Wire provides a 24/7 protection and notification managed security service, with local specialists on hand to monitor and mitigate any threats to your company. Find out more about our security service here. Or complete the form below.

To understand more about how breaches occur and how to prevent them, our 24 page eBook, IT Managers: Set your Network Defences to Stunning, is a great resource with tips you can use to identify, contain and prevent cyber security threats. You can download it here.

5 ways your business can prevent email compromise

5 ways your business can prevent email compromise The Federal Bureau of Investigation (FBI) has stated that between October 2013 and May 2016, cyber criminals scammed $3.1 billion from over 22,000 victims in at least 79 countries through business email compromise (BEC).

At the core of business email compromise are spoofed emails - communications that have forged headers, addresses or signatures to make them look authoritative and trustworthy. They often request fund transfers or sensitive information that can result in large-scale data breaches.

Business email compromise doesn't discriminate by company size - the smallest organisation can be hit just as hard as a large corporation. Here are five suggestions to help protect your business.


1. Use Sender Policy Framework (SPF)

SPF is a critical tool for differentiating authentic emails from spoofed ones. When you establish an SPF, you can create a safe list of domains that your organisation approves for communication - for example, your own internal domain.

It will then conduct a verification of every incoming email and will send a warning if the address does not match the approved list of domains. You can then decide to analyse, quarantine or delete suspicious emails before they reach their intended destination. A variant of this system is Microsoft Exchange's Sender ID.


2. Register domains similar to your own

A common tactic used by cyber criminals is sending emails that look similar to your own - for example, replacing a lower-case L with the number 1. At a glance, this can fool many people into thinking they're receiving official communications.

One way of preventing this tactic is simply to identify all potential imitations of your domain, and register them yourself. Make sure you update these registrations on a regular basis, so they can’t be taken over by malicious entities upon expiry.


3. Add a 'hard fail' record

The Australian Signals Directorate (ASD) states that a hard fail record is a core element of preventing spoofed emails. With an SPF, unauthorised email domains can still reach the end user, but with a warning that the message comes from untrusted sources.

By configuring DNS settings to add a 'hard fail' record and setting this to a rigorous action, you can ensure communications from unauthorised domains go straight to spam or trash folders. This could also apply to emails sent from company addresses, but not company servers - another red flag to watch.


4. Educate your employees

Research from the Ponemon Institute and IBM shows that 27 per cent of data breaches are due to staff or contractor negligence [1]. By educating your employees on the dangers of business email compromise, you take a critical step towards prevention.

Train employees on their role in information security and educate them on email spoofing and spearphishing. Make sure they understand each and every red flag to look out for. You can also implement processes that mitigate the risk of falling prey to spoofing, such as requiring a phone conversation or face-to-face confirmation for any financial or informational transfer.


5. Use application whitelisting

This addresses a symptom of email compromise rather than the cause, but is nonetheless important. Application whitelisting is part of the ASD's Essential Eight, and entails limiting the applications that can be opened on your data network. It prevents the possibility of malicious programs from opening, and can further alert people to potential compromise when they try to open an attachment from a spoofed email.


Get the best for your business

Click here to download the eBook Business email compromise is all too common in Australia, but there are tangible steps you can take to mitigate the risks. Of course, this can be a complex process for businesses that are not well-versed in cyber security - this is where Over the Wire can help.

Our managed security services take over the administrative responsibility for your day-to-day protection and give you 24/7 cover from all manner of cyber threats. Contact our team to find out what we can do for you.

Learn more about the primary areas of cyber risk in our 24 page eBook, IT Managers: Set your Network Defences to Stunning, you can download it here.



[1] 2017 Cost of Data Breach Study: Australia (IBM/Ponemon Institute, June 2017)



Pages