Expert(s):
Principal Security Consultant and Head of Penetration Testing feature_status*/ ?>
Bridewell Consulting

Comments Dotted : 3
January 25, 2021

Cyber Criminals Publish More Than 4,000 Stolen Sepa Files
Any company that finds itself victim to ransomware is in a difficult situation.

Any company that finds itself victim to ransomware is in a difficult situation. If they pay, in theory, they regain access to their data and systems and business can continue. If they don’t pay, they run the risk of details being shared online.

 

However, even if they do pay there’s no guarantee they’ll actually get access restored. More often than not, making a payment won’t do anything at all, and instead just leave companies out of pocket and with more malware infections to deal with.

.....Read More

Any company that finds itself victim to ransomware is in a difficult situation. If they pay, in theory, they regain access to their data and systems and business can continue. If they don’t pay, they run the risk of details being shared online.

 

However, even if they do pay there’s no guarantee they’ll actually get access restored. More often than not, making a payment won’t do anything at all, and instead just leave companies out of pocket and with more malware infections to deal with. There’s also no guarantee the data hasn’t been stolen already, before it was encrypted. This is happening more and more and the likelihood that the data will be sold or stored by the hacker is great. Then of course there are the wider ethical considerations about paying attackers who could use the money to fund other criminal enterprises.

 

The only way to avoid these scenarios is to have the right security measures in place to stop them occurring, such as replicating data, having off-site backups and segregated networks. Then the likelihood of having to answer the “pay or not pay” question is greatly reduced.

  Read Less
May 20, 2020

UK airline easyJet data breach impacts 9M customers – expert commentary
Transparency is key in maintaining customer trust, especially for firms like EasyJet in the travel industry.
At this stage, it’s not clear how the hackers managed to gain access to EasyJet’s systems. However, with the disruption caused by COVID-19, we have seen a notable increase in attackers targeting all sectors, including travel, to take advantage of the reduced resources and focus on cyber security. Despite the current climate, technical defence is still paramount, and in particular, regular penetration testing is vital, particularly in the current remote environment many business are.....Read More
At this stage, it’s not clear how the hackers managed to gain access to EasyJet’s systems. However, with the disruption caused by COVID-19, we have seen a notable increase in attackers targeting all sectors, including travel, to take advantage of the reduced resources and focus on cyber security. Despite the current climate, technical defence is still paramount, and in particular, regular penetration testing is vital, particularly in the current remote environment many business are operating in. All organisations must take steps to protect their systems and ultimately customer data. This means taking basic steps such as putting in place regular security assessments, a strong patching and password policy, and enforcement of multi-factor authentication on every public facing system. These are not silver bullets but can go a long way to improving security. Transparency is key in maintaining customer trust, especially for firms like EasyJet in the travel industry. The company needs to inform customers about the breach and implications quickly, even if no data has been misused. This is especially important in light of the current COVID-19 situation where security concerns are particularly heightened.  Read Less
January 09, 2020

Response Comment: Travelex Foreign Currency Website STILL Down After 4 Days Following Cyber Attack
There’s also no guarantee that the data hasn’t been stolen already, before it was encrypted.
Transparency is key in maintaining customer trust, especially for firms like Travelex in the financial services industry. Travelex has taken a long time to inform customers about what’s taken place, and placing a press statement on the website days after the event simply isn’t enough. Financial services firms like Travelex have a responsibility to their customers to keep them informed even if no data has been lost. This is especially important in light of the 2018 breach the company.....Read More
Transparency is key in maintaining customer trust, especially for firms like Travelex in the financial services industry. Travelex has taken a long time to inform customers about what’s taken place, and placing a press statement on the website days after the event simply isn’t enough. Financial services firms like Travelex have a responsibility to their customers to keep them informed even if no data has been lost. This is especially important in light of the 2018 breach the company suffered in which the personal details of 17,000 customers were exposed. It’s important to learn from past incidents and build those learnings into a cyber response / resilience plan. Having the right processes in place are critical in being prepared for an attack. This includes technical aspects like replicating data, off-site backups, network segregation, firmware updates and even regular penetration testing. It also covers response — not just in fixing the issue, but in informing the wider business, the media, and most importantly customers. The first thing to learn from this is that all organisations are at risk because everyone has something of value to lose. Whether that’s access to systems, intellectual property or customer data. The second thing to learn is that having a plan in place to mitigate risk is essential. Prevent, detect, respond. Those are three key elements to live by and should cover everything from the business impact of an attack, technical considerations on how to prevent them, as well as how you’d respond to stakeholders in the event of an attack, customers, staff, the ICO, etc. Whether companies should pay the ransom always sparks debate — but the negatives always outweigh the positives. If you pay, in theory, you regain access to your data and systems and business can continue. However, there’s no guarantee you’ll actually get access restored. There’s also no guarantee that the data hasn’t been stolen already, before it was encrypted. This is happening more and more in the industry and the likelihood that the data will be sold or stored by the hacker is great. Then of course there are the wider ethical considerations about paying attackers who could use the money to fund other criminal enterprises. If organisations have the right plans in place, such as replicating their data, having off-site backups and segregated networks, for example, the likelihood of having to answer the “pay or not pay” question is greatly reduced.  Read Less