What can businesses learn from recent WannCry and ransomware cyber attacks?
The massive cyber breaches that occurred over the course of the weekend has swept across organisations all around Europe. From Scottish Power and the NHS in the UK to Renault in France and Iberdrola in Spain, the attack targeted numerous industries that have all proven vulnerable.
With this in mind, we asked Vitali Kremez, Director of Research at Flashpoint, to offer some timely advice to businesses on how they can approach gearing up their cyber defences…
Another day, another well-known brand hacked. Earlier this month, a major UK retailer’s website was breached and its customers’ data exposed when a third-party e-commerce vendor used by the retailer suffered a security compromise. It is thought around 26,000 of the retailer’s customers will likely be impacted as a result of the breach. This high-profile attack is yet another example of a well-known brand affected by cybercrime.
Cybercriminals have been known to target businesses across all sectors. Other recent high-profile cyber attacks have successfully breached well-known brands including telecoms providers, retailers and banks. Evidently, all industries are potentially vulnerable. As businesses become ever more negatively affected by cyber attacks, lessons need to be learnt and effective cyber defences implemented in order to protect businesses and their customers.
The problem is, this is easy to say, but much harder to do. Businesses of all sizes will find it a struggle to minimise and ultimately block the myriad of cyber threats they face. Some breaches occur due to bad practice and poor security; however in other cases, organisations with even the most robust security defences may face so many threats that some slip through the cracks.
When a business is successfully breached and customer data is exposed, the consequences can be severe. Recently, a national telecommunications company was fined £400,000 by the UK regulator following a large-scale breach that compromised a vast amount of customers' data. The attacker was able to access the personal data of 156,959 customers including their names, addresses, dates of birth, phone numbers and email addresses. Evidently, these breaches can be serious with businesses and their customers susceptible to substantial financial and reputational damage.
The Role of the Deep & Dark Web
We know cybercriminals make use of the Deep & Dark Web in order to conduct their illegal activities. Earlier this year, it was reported that gamers were put at risk of having their private information sold on the dark web following a data breach involving 2.5 million accounts. Effective cyber defences need to include monitoring and understanding of the dark web. Without it, a business is trying to defend itself whilst blindfolded and with its arms tied behind its back.
Our research shows that cybercriminals are using the dark web to buy and sell fraudulent gift cards. This type of crime has grown substantially over the last several years because it can yield significant financial rewards at a relatively low risk for criminals.
Cybercriminals’ continued interest in gift card fraud aligns with a common practice among many gift card issuers: the prioritisation of user experience and profits over security. Unlike bank-issued credit and debit cards, gift cards are not held to strict anti-fraud standards, which means that many gift cards may lack common-yet-effective security features aimed to help combat fraud. This is just one example of criminal profiteering using the Deep & Dark Web.
Attaining effective cyber defence
Effective cyber defence requires barriers that deter cybercriminals alongside effective risk intelligence. In the high stakes world of commercial cybersecurity, prevention is better than cure. As previously stated, any breach or cyber compromise has the potential to result in substantial reputational and financial consequences. The recent case of the telecoms company serves as a case in point -- the company’s share price plummeted after the attack and still hasn’t recovered fully.
Businesses need to prioritise cybersecurity and make sure it is a C-Suite issue that is taken seriously by all departments and employees across the entire business. The weakest link in the defence is most often what will be exploited by criminals. As such, businesses need to ensure staff are trained so they don’t create a gateway for criminals. Furthermore, cybersecurity infrastructure needs to be updated and invested in to help businesses detect and mitigate cyber threats more accurately and effectively.
The latest cyber attacks once again shine the spotlight on cybercrime. It is an issue that affects companies of all sizes and from all sectors. Even countries are affected by it. It is a truly global challenge.
Above all else, it is crucial for businesses to focus on what they can control. Having effective insight and intelligence about relevant threats, investing in technology and people, providing training for staff on cybersecurity, and prioritising defence from the most senior staff through to the most junior is essential. Failure to take action will only make your business more vulnerable to compromise. These are the lessons businesses must learn from the latest high-profile cyber-attacks.
By Vitali Kremez, Director of Research, Flashpoint
NetNumber: Time for a cloud-native transformation
NetNumber is accelerating the transition in the telecom industry to 5G as it starts a shift to cloud-native architecture to address the fast-paced demands of global subscribers and businesses.
NetNumber is offering the industry’s first cloud-native platform designed to ensure InterGENerational™ network performance addresses both the legacy and next-generation requirements of telecom networks.
“NetNumber has developed the industry’s most robust cloud-native, InterGENerational platform that addresses both the legacy and 5G requirements of telcos,” said Matt Rosenberg, Chief Revenue Officer of NetNumber.
The platform provides vertical and horizontal scale-out with low latency, coupled with a suite of data replication capabilities, which provide flexible architectural options that can evolve with the changing network over time.
“Cloud-based solutions from other vendors tend to be limited in terms of supporting particular network generations or protocols. We’ve created our latest platform TITAN.IUM to allow customers to take any generation of applications, any generation of legacy services and protocols and move them into the new world of cloud-native architecture,” said Rosenberg.
“This is a really important part for a carrier to harmonise their network, bring data services together, bring legacy with new together in order to make a more effective and efficient network, as well as reduce their cost as they scale forward,” he said.
Established in 1999, NetNumber has fostered a strong team environment that leverages the industry’s best skills to offer software solutions tailored for carriers of all dimensions. Based outside of Boston and with presence in over 20 countries, the company delivers a range of products that address all generations (2G, 3G, 4G, 5G) of network functions in the core network, deep rooted security products and services, STIR/ SHAKEN and set of options around data services in more than 90 countries.
Steeped in experience in building telecom solutions, software, protocol stacks, and integration of third party tools, the company’s development organisation has proven to supply to the industry with the most reliable and flexible solutions on the market.
“At NetNumber, we focus on our core competencies – we are dedicated to providing industry expertise in signaling, routing, security, subscriber management and data services. We provide customers a strong ROI through platform-based solutions that reduce Capex and Opex in the long-term,” commented Rosenberg.
Five reasons why customers choose NetNumber:
- Expertise - NetNumber has experts with deep knowledge in signaling/routing, security, and subscriber database management.
- Integration - An industry-first platform brings together domain services, applications, security, and global data services.
- Scale - NetNumber has the ability to seamlessly increase network efficiency using vertical and horizontal scaling.
- Speed - World-class solutions have the power to help companies create new service offerings and accelerate time to ROI.
- Savings - Customers enjoy significant savings in capex and opex, flexible deployment models, and investment protection.
NetNumber and Virgin Mobile MEA
“We're very proud of our partnership with Virgin Mobile MEA as they've taken the concept of the InterGENerational platform into their regional network strategy,” commented Rosenberg. “That’s accelerated how they develop exceptional services across the Middle East and Africa region.
“We work with them hand-in-hand to deliver multiple applications onto our platform which has enabled them to provide exceptional, advanced and innovative services to their customers across the Middle East, who demand high quality services.
“What they've really taken advantage of is scale. What I mean by that is they are putting multiple generations of applications and services onto the same platform and distributing that data across their network. That has resulted in an advantageous position of time to market and operational savings.
“Rather than having different applications for many different vendors that cause operational chaos, they've been able to consolidate that and reduce their operating costs by having everything on one common architecture. We’ve had a long-term relationship with Virgin Mobile in Saudi Arabia, and recently signed an agreement with Virgin Mobile in Kuwait.”
Rosenberg says that with these solutions, Virgin Mobile MEA can take advantage of getting to the market much quicker and faster—which is what today’s discerning customer demands.