This sounds familiar

I covered something pretty similar back in #WeekendWisdom number 42 where I covered Consent Phishing.

But credential phishing is where the criminals are going to try and get you to give up your login ID, usually your email address and your password. They can later on compromise your email account or perhaps log into your office systems to be able to execute a ransomware attack.

How do they carry out phishing for credentials?

The methods they use are varied, but a very sneaky one that they typically use is, they will send an email with an actual SharePoint link in there, or this could be a Google Drive link as well. People are very familiar with SharePoint links and Google drive links. They are usually fairly safe to click because these are things that people deal with on a day-to-day basis. They’re not some crazy dodgy site that you are being linked to. It’s something you’re familiar with.

Then when you click on the link, then it will say “Oh. You need to sign into your Microsoft account” or “… your Google account to be able to get into this document.” That’s where they catch you. They pop-up a login page and you give up your user ID and password in there. Now they have it.

How can you protect yourself from this?

So it’s really important that you implement something like multi-factor authentication to get an additional set of protections from these sorts of attacks.

So that’s it for this week. Lets be careful out there and we’ll talk to you again next week.

The post #WeekendWisdom 091 Phishing for Credentials appeared first on L2 Cyber Security Solutions.

How Secure is the Cloud? That’s a silly question, isn’t it?

Every day millions of people all across the world store data in the cloud. Now the cloud storage providers offer great tools and features for us to be able to secure our data on their infrastructure. But who is responsible for securing our data on their infrastructure?

You … or your IT team … or your security people. But it’s not totally the cloud storage provider’s responsibility to keep that data safe. They do have some responsibility but not as much as you might expect.

Can I get a for example?

For example, lots of us use things like Dropbox and Google Drive to be able to share data with people, including people outside of our organisations. Now after you finish a project with somebody and if you might have shared folders with them, do you go back in and revoke their access to that? Because if you don’t actively do so, they’re still gaining access to that data for months and years later. If you continue to use that folder, they’re still getting access to up-to-date data. So you have got to review any shared folders like that and revoke access where appropriate.

Anything else?

Similarly, on things like Amazon S3 buckets, which I talked about three years ago, a security firm last month had done an analysis and they found 4,000 Amazon S3 buckets that were publicly accessible. Very easy to get into and to find data. A lot of these S3 buckets had secret information in there, passwords etc.

So if you use Amazon S3 buckets, please do a good review on their security and put passwords on them and other security features. You might need to check to see if your staff might be using one quietly. You can get more details on Shadow IT here.

So that’s it for this week. Let’s be careful out there and we’ll talk to you again next week.

How can L2 Cyber Security help you?

We can conduct an audit on your infrastructure and look for signs of Cloud Storage. When we find it, we can provide guidance on securing it appropriately.

We offer a full range of training programmes, which can be delivered online or in-person*.

L2 Cyber Security are also a partner of CyberRiskAware for online self-directed Cyber Security Awareness training and Phishing testing.

Contact us for more information at info@L2CyberSecurity.com.

*With appropriate social distancing and other health and safety measures adhered to.

Follow us on Social media:

Liam is available on Twitter, LinkedIn and Instagram.

Follow L2 Cyber on Twitter, LinkedIn, Instagram and Facebook.

© L2 Cyber Security Solutions

The post #WeekendWisdom 044 How Secure is the Cloud? appeared first on L2 Cyber Security Solutions.

What is shadow IT?

It’s basically where staff or volunteers or contractors in an organisation use a technology that the organisation has no control over. No sight of and is unaware of. Here are three examples:

Used for risky Internet access

One would be where staff might use their mobile phones as an internet hotspot to be able to access the internet unrestricted, through their phone rather than through maybe a tightly controlled firewall on their local network. The risk here is that they may be able to access sites that may bring malware into the network and effectively they’re bridging the insecure internet to your local network.

USB memory sticks – burn them with fire

There’s always the risks as well associated with the use of USB memory sticks, that people are picking up at conferences and things like that. With no idea where they’re coming from. What’s on them. So there’s always been a risk around those.

Cloud Storage – it’s only as secure as you can make it

Finally if Staff were to use personal cloud storage services like a Dropbox or a Google drive or an Amazon S3 bucket, the organisation if they are unaware that, they don’t know how well secured those platforms are. They don’t know whether the data could be potentially breached from those cloud storage services. So there is a risk there.

What’s the real problem that Shadow IT creates?

And with all these technologies, the main risk here is in fact that they’re probably going to give you a breach of the GDPR in that you’re not in control of your IT security.

So that’s it for this week. Let’s be careful out there and we’ll talk to you again next week.

How can L2 Cyber Security help you?

We can conduct an audit on your infrastructure and look for signs of Shadow IT. When we find it, we can provide guidance on how to remediate it to everyone’s satisfaction.

We offer a full range of training programmes, which can be delivered online or in-person*.

L2 Cyber Security are also a partner of CyberRiskAware for online self-directed Cyber Security Awareness training and Phishing testing.

Contact us for more information at info@L2CyberSecurity.com.

*With appropriate social distancing and other health and safety measures adhered to.

Follow us on Social media:

Liam is available on Twitter, LinkedIn and Instagram.

Follow L2 Cyber on Twitter, LinkedIn, Instagram and Facebook.

© L2 Cyber Security Solutions

The post #WeekendWisdom 038 Shadow IT appeared first on L2 Cyber Security Solutions.