Main Tel: 01392 248498 | Helpdesk: 01392 248497 [email protected]

At Alchemy Systems we keep our finger on the pulse of what’s hapening in cyber security by subscribing to the best sources of news. This month we’ve continued to see an almost daily stream of news related to cyber security attacks and studies carried out on cyber attacks. We posted a few of these in a previous blog post. Below are some of the key items from the first half of the month.

Travel Industry Vulnerable
  • Speaking at the Barclays Travel Forum in London on May 10th Deloitte global lead partner travel and aviation, Graham Pickett, warned that Cyber crime is the number one risk for the travel industry and that travel companies need to protect themselves.
  • Earlier this month, the City of London Police announced that holiday fraud was up by a fifth. They said fraudsters stole £7.2 million from holidaymakers last year using a number of different scams, including online booking fraud.
Beware Google docs

Last week, a phishing scam imitating Google Docs affected some million Gmail users in a few hours. The attack occurred via an app calling itself ‘Google Docs’. Cyber criminals sent out emails telling the recipient that someone had shared a file with them on Google Docs. If someone clicked on the link they were sent to OAuth’s authentication interface – which is what happens when you receive a genuine email. But..the authentication page asked for users permission to “Read, send, delete, and manage” users’ Gmail accounts and manage their contacts. This would grant the cyber criminals unrestricted access to everything in that person’s account. As soon as Google became aware of the scam, after the emails had been circulating for some three hours, they addressed the issue withing an hour.

The Costs of a Cyber Breach

Research by CGI claims to be able to measure the impact of cyber breaches on companies’ share prices. Andrew Rogoyski, vice president of cyber security at CGI, stated that the impact on share prices is getting worse as investors and analysts become more cyber aware. In the first year of the study the effect was negligible (0.2%); in 201, it rose to 1.5%, and in 2015/16 it was 2.7%. The study is based on economic modelling from Oxford Economics, which conducted an ‘event study’ analysing a sample of public cyber security breaches since 2013 across seven global stock exchanges.

No Flowers please

Ecomnova, the company which owns and operates Debenhams flower delivery service, was hacked, potentially exposing the personal information of up to 26,000 customers. Debenhams sent an email to affected customers advising them that hackers had access to sensitive information on the Debenhams Flowers website for over six weeks and stole personal information: customers’ names, addresses, email addresses, passwords and payment card details.

 

 

Hot Hacks at Hotpoint

Hotpoint’s UK service websites were hacked over the Easter weekend. For at least six days, the company’s UK and Republic of Ireland sites, which host repair advice and links to warranty forms, were redirecting customers to dubious websites. Fake Java update dialogs started appearing on the company’s sites – which run on the Worpress platform. Anyone clicking on these links launched obfuscated JavaScript that could send the user a custom payload of malware.

Verizon Data Breach Investigations Report

The Verizon Data Breach Investigations Report (DBIR), a useful source of information on cybersecurity threats, is now in its tenth year. The key findings in the recently published 2017 report are that companies avoid facing the reality of cyber crime and think it happens to others not to them.

 1 in 5 UK firms attacked

A report by the British Chambers of Commerce (BCC) found that 1 in 5 UK firms had been hit by a cyber attack in the past year. Dr Adam Marshall, the BCC’s director general, said that all businesses need to improve their cyber defences. “Cyber attacks risk companies’ finances, confidence and reputation, with victims reporting not only monetary losses but costs from disruption to their business and productivity,”  Larger companies are the most likely to be attacked – 42% of companies with more than 100 employees had been attacked, compared to 18% of companies with less than 99 employees.

Alchemy Systems have over 20 years of IT systems experience and are a Microsoft Partner.

Alchemy Systems Designs, Supplies, Installs, Supports and Protects clients’ IT systems.

Tel. 0330-043-080198   Email. [email protected]