Give hackers a taste of their own medicine with a honeypot
Geplaatst op: 15 December 2023
Ever heard of the term honeypot? It’s very well possible you’ve never heard of it before. No worries! In this article we’ll explain what a honeypot is, how it can improve the cybersecurity of your organization and what the advantages are.
What is a honeypot?
Let’s start with the basics. A honeypot is a computer, or several, intended to trap hackers. This computer contains “precious data” that is attractive to hackers. Vulnerabilities are deliberately exposed in this computer’s system, making it an easy target for hackers. What they don’t know is that this system is disconnected from the rest of the network and is carefully monitored. Like bees that gravitate to honey, a honeypot will lure hackers.
The purpose of a honeypot
A honeypot lures hackers into a trap, but that’s not all. A honeypot collects important information about the behaviour and motives of hackers, or cyber criminals. This can include finding out the hacker’s IP address, location and, ironically, the passwords used. In addition, a honeypot also provides insight into which techniques are used by hackers to log in and where the stolen data goes.
Advantages of a honeypot
A honeypot provides several benefits for organizations. Below are a few examples:
- An affordable solution: a honeypot is an inexpensive solution to keep hackers out. In addition, a honeypot – or several honeypots – does/do not require hours of installation. It’s fast, simple and affordable.
- Provides insight into security: a honeypot is especially valuable for organizations that are actively working on improving their security. By monitoring a honeypot, you get valuable information about cyberattacks. Use the information, for example, to create security awareness among staff. The information that you can extract from a honeypot also shows where the weaknesses in the security of the organization are. There’s work to do!
What to do in case of an attack
Setting up a honeypot correctly can be done with a professional. Maybe you have an expert inside the organization, but you can also hire an external expert. Once the honeypot has been set up, it’s the hackers’ turn. What’s the next step once the honeypot is attacked? Calling an expert is always wise in a situation like this. Someone who can help set up a honeypot correctly in the first place, but can also help when a hacker has struck. Such an expert can tell you exactly whether there are other risks and where security needs to be tightened. Sometimes it is also possible that an employee accidentally stumbled upon the honeypot, creating a false alarm. Nevertheless, calling in an expert – such as OpenSight – can’t hurt.
Awareness training in cyber security
Geplaatst op: 13 December 2023
Topics such as cybersecurity and governance play an increasingly important role in our society. Our daily life increasingly takes place online, whether business or personal. This means new risks and new challenges for organizations dealing with sensitive data and information from both employees and customers. Cyber attacks happen daily, whether it’s obtaining passwords or bank details or CEO/CFO fraud in which case a malicious individual poses as the CEO/CFO. Well-trained employees recognize these types of issues immediately and thus prevent damage. Is your organization well prepared for these risks?
Are you aware of the dangers?
Although more attention is paid to a safe digital workplace, cybercrime continues to increase. The number one cause? Human mistakes. Human employees are the organisation’s weak link when it comes to security. That’s why it’s important to make employees aware of the risks and dangers of cybercrime and make them aware of what they themselves can do to keep company data safe.
Training and awareness
Many organizations don’t know where to start when it comes to creating security awareness. As a result, training of personnel is often on hold. A shame! Here are a few tips that can help create an awareness program that can prevent 90% of the attacks:
1. Create trust
The first and most important step in creating a safe environment is trust. Give employees the feeling that they can share their insecurities. Especially when there is a security problem, employees must feel safe enough to report the problem.
2. Make security awareness a regular part of the job
Let’s face it, one cybersecurity training a year isn’t going to cut it. Make it a permanent part of the task package. A great example of testing the knowledge of employees and keeping them alert is by using a simulated phishing email program. Employees will receive random phishing emails and earn points when they recognize the mail as phishing. In addition, a notification is also activated when someone would be in danger if it were a real phishing email. Bijvoorbeeld wanneer er op onbetrouwbare links geklikt wordt.
3. Cyber security is for everyone
Cyber security is a subject everyone in the office should be concerned with. Whether you have knowledge of IT or not. It’s important to make employees aware of the risks and dangers. This means highlighting small actions such as logging in and off your laptop when leaving the workplace. Start small, expand later.
Want to know more or apply awareness training yourself?
Creating security awareness starts with good conversation and a few essential questions. OpenSight is happy to help you with this. Where is the organization at risk? What are the current priorities when it comes to cybersecurity? Together we look at which issues should be tackled first. Contact us and prevent your staff from falling victim to a cyberattack or hack.
Avoid falling victim to any of these cybersecurity risks 2022
Geplaatst op: 13 December 2023
Cybercrime is an increasing concern for organizations everywhere. A large part of the working population has worked from home in the past two years and is continuing to do so. Because of this, many business conversations and activities have taken and are taking place online. This opens a window for data breaches, leaking of sensitive data or worse: cybercrime. In this article you can read about the most common cybersecurity risks for organizations and how these risks can be minimized or even avoided.
Malware
Malware is an umbrella term for software like viruses, spyware, and Trojan horses. Malware usually ends up on a computer or network when employees click on a link or document that contains this software. Because the work traffic of many organizations has been from home in recent years, we have seen an increase in malware attacks. The name malware comes from the two words “malicious” and “software”.
Ransomware
Ransomware is a nasty form of malware. This one ensures that people within the organization can no longer access important documents or processes that are essential to keep the organization running. Often a large ransom is demanded from the organization to regain access. That’s where the name ransomware comes from.
Phishing
Phishing is probably the most common form of cybercrime now. Both privately and professionally, we see that more and more people are falling victim to the psychological game that hackers play during a phishing attack. They often pose as a well-known supplier or company and then ask for important details. Remote working has given a boost to the increase of phishing.
Password hacks
Password hacks are a little different of nature. These attacks use intelligent programs that can guess weak passwords. A different method of gaining access to passwords of employees is by key logging. Here, common keystrokes on a computer are ‘remembered’ without permission. Employees that use the same password to get access to multiple platforms are at higher risk to get hacked.
Tips to prevent a cyber attack
As an organization, there’s multiple things that can help prevent a cyberattack. Below a few tips:
Make staff aware of the risks
One of the easiest but most important things you can do is making all employees aware of the security risks when they must handle sensitive data or log on to sensitive systems. Train employees and teach them the basic principles of cyber security. This includes creating strong passwords, raising awareness about various phishing techniques, and keeping important security software up to date.
Use safety tools
There are many different tools and programs that can help organizations improve their security. Two-step verification is an easy-to-implement tool that prevents hackers from gaining access to the system. It’s also advisable to use a firewall to keep snoopers out. Another simple tip: make sure the computers used by employees are always up to date. There are plenty of tools, so use them!
Invest in a cybersecurity expert
Our last tip: Hire a cybersecurity expert. These experts can train employees, look at the cybersecurity protocols and, where necessary, think along with the digital transformation of an organization. After all, a well-thought-out plan is the basis for rock-solid security.
Kickstart your company’s cyber security yourself!
Geplaatst op: 13 December 2023
There are plenty of ways to combat cybercrime: companies, insurance, software, and so on Despite these measures, many organizations still have quite some weak spots. The largest weak spot in any organization, however, is us humans. Hackers and other cybercriminals often focus on human deception. They usually only need a small moment of inattentiveness. These small moments of inattentiveness can take the form of clicking on a malicious link containing malware, downloading the wrong (unsafe) software, paying a phantom invoice or following up on a fake email. These little things can have big consequences that you’re going to want to avoid. That’s why in this blog we’ll discuss the steps you can take to create a safer environment, by yourself!
The importance of nailing the basics.
Let’s start with a few tips that are fairly well-known, yet very important and certainly worth repeating.
- Passwords
This is one you’ve probably heard before: create a strong password! It truly is one of the most effective measurements Despite many knowing it, there are still plenty of people who choose an easy-to-remember password. But remember: if it’s easy for you, it’s also easy for hackers. Make sure your employees create strong passwords and make them change the passwords regularly. Of course, do not share these passwords with anyone. Technical security is important, but safe behaviour from you and your staff also plays a role in a company’s cyber security. - Software
A good firewall and security software can make the difference. Good security software can sometimes be an investment, but this one is well worth the effort Make sure your company uses the same software everywhere, and ensure that no one downloads their own software, so that everyone is equally protected. A good software can warn you against dangerous sites and emails and protect against malware or other harmful computer viruses. - Storage
Make sure that important information is not accessible to just anyone. Store important business information or personal data in encrypted form and ensure regular backups of your computers. - Stay alert
This last one sounds very simple and standard, but just like the others it’s very important. Stay cautious of links, attachments, downloads, and questionable texts, emails, and phone calls.
Hopefully, these tips will help you strengthen your company’s security. Still have more questions or need more assurance? Don’t hesitate and contact us!
For who is cyber security important?
Geplaatst op: 13 December 2023
Cyber security, cyber attacks and cybercrime, these terms have the tendency of popping up everywhere. But what do they mean, and for who is it important? We see data leaks and hacks all around us, but do we know what these events actually entail? What threats are there, and how real is the chance of your business falling prey to a data leak or hack?
How likely is it that your company will fall prey to cybercrime?
A lot of people seem to think that cyber attacks only take place at large companies, banks, or government agencies, but unfortunately that’s far from reality. In 2019, 50% of Dutch companies fell victim to some form of cyber attack. In 2021, Dutch Chamber of Commerce estimated that there are about 294 cyber attacks on companies per week, which means 1 in 5 entrepreneurs will be affected.
Types of cyber attacks and their consequences
The consequences of a cyber attack can pile up in no time and range considerably between problems with a website to completely losing control of your company’s digital environment. Because of the different experiences, we’ll go through the most common types of cyber attacks and their consequences.
- DDoS-attack
In a DDoS attack, hackers send massive amounts of digital traffic to a destination such as a website or server in a short period of time. The website or server cannot handle this large load of traffic and gets problems functioning, this causes the website to slow down or may even make it unusable.
- Ransomware
A ransomware attack often enters through a link, advertisement, attachment or through a targeted attack. Through one of these ways, the ransomware enters and takes files or sometimes even an entire server hostage. This hostage taking prevents a company from accessing its files or the server. Companies are then forced to pay a ransom to regain access to their properties.
- Digital break-in
Hackers can also purposefully break into a company or organization’s servers. By doing this they can get access to sensitive information, like personal or financial information of employees and/or customers. A company victimized by this may face some form of ransom, but there is also a chance that it may have to defend itself against claims for damages by the individuals whose data was leaked.
What are you able to do for your cyber security?
To keep your cybersecurity up to date, there’s a few basic procedures you can follow:
- Make timely backups.
- Only use secure internet hotspots.
- Install your updates promptly.
- Use strong passwords, and change them regularly.
You can also choose to take out insurance against cybercrime. It is also wise to have your cybersecurity monitored and/or strengthened by a specialized third party. After all, it’s better to be safe than sorry!
Risk Management Framework: An essential process for cyber security
Geplaatst op: 5 December 2023
Risk management in cybersecurity is an essential process for any organization seeking to protect its digital assets from threats. The world is getting increasingly dependent on technology, and the need for robust cyber security measurements is growing. In this blog we discuss the risk management approach in cyber security and how it can help organizations to protect themselves from cyber threats.
By taking a risk-based approach to data and systems security, companies can strike the right balance between risk and reward to achieve their goals. Effective cybersecurity risk management ensures that the organization’s technology, systems, and information are adequately secured, focusing resources on the most critical areas. By embedding a robust risk management approach throughout the organization, companies can effectively manage cyber security risks while complementing their overall risk management strategy.
What is risk management for cyber security?
Cyber security risk management is a process that revolves around identifying, assessing, and prioritizing cyber security risks, and the implementation of strategies to minimize these risks. The goal is to enable organizations to make informed decisions about the level of risk they are willing to accept and take appropriate measures to protect their digital assets.
Risk management is an ongoing process that involves identifying, assessing, and managing risks throughout the organization. This process is critical to ensuring that the organization’s cyber security strategy is aligned with overall business goals and objectives.
Risk management approach in cyber security
The risk management approach to cyber security includes the following steps:
- Risk identification
This step involves identifying potential cyber security risks the organization may face. This can be done through a comprehensive assessment of the organization’s digital assets, including data, systems, networks, and applications. - Risk assessment
Once risks are identified, they should be assessed based on their likelihood of occurrence and potential impact. This can be done by analyzing historical data, vulnerability scanning and penetration testing. - Risk prioritizing
After risks have been assessed, they should be prioritized based on their severity and potential impact on the organization’s activities. Risks that pose a high threat to the organization’s operations should be given the highest priority. - Risk mitigation
The next step is to implement strategies to mitigate the identified risks. This can be done by implementing security measures such as firewalls, antivirus software, intrusion detection systems and access controls. - Risk monitoring
Risk management is an ongoing process and it’s essential to regularly monitor and evaluate the organization’s cybersecurity posture. This can be done by conducting regular vulnerability assessments, penetration tests and security audits.
Benefits of a risk management approach in cyber security
A well-executed risk management process can have many benefits for an organization, for example:
- Improved security.
By establishing and assessing potential risks, an organization can implement fitting controls and security measures to protect its assets and improve its overall security posture. - Improved compliance with regulations
A risk-based approach to cyber security can help organizations comply with various regulations and standards such as GDPR, PCI-DSS, ISO 27001 and others. - Lower costs
By focussing on the most critical risks and implementing appropriate controls, an organization can reduce the overall cost of cyber security while ensuring that resources are assigned in the most effective manner. - Increased resilience
Effective risk management can improve an organization’s ability to respond to and recover from cyber incidents and ensure that the organization can continue to function and deliver its services even in the face of cyber threats. - Increased stakeholder confidence
Effective risk management for cyber security can increase stakeholder confidence in an organization’s ability to protect its assets and maintain the confidentiality, integrity and availability of its information.
It’s important to take the broader context into account with managing cybersecurity risks. This means understanding your business priorities and goals and aligning cyber risk management with those goals. By thinking about the risks you’re willing to take with technology to achieve your goals, you can make informed decisions about cyber security risk management.
Effective management is essential for well-functioning risk management. This means that you understand how managing and communicating cyber risk fits within existing governance structures that manage other types of business risks. Your approach to cyber risk management must be effectively governed and tailored to the specific needs of your organization.
It’s also crucial to ensure that your organization has an adequate policy that outlines the risk management strategy for the organization, integrating cyber security considerations into other organizational policies where appropriate. The board must collectively understand the importance of cyber security in supporting the organization’s overall goals and have the necessary information to make informed and timely decisions.
Effective communication is a crucial aspect
- Articulate your approach
To effectively communicate cyber risk and risk management, it’s crucial to clearly articulate your approach to staff and decision makers. This ensures that they understand how cyber security risks are managed and are better able to make informed decisions. - Coordinated communication.
It’s also important to ensure that your communication about cyber risks is aligned with how your organization communicates about other types of risks, such as legal or financial risks. This can help integrate cyber security risk management into the organization’s broader risk management strategy. - Clear and sensible use of language.
Clear and sensible use of language is important when communicating about cyber risks. Every label or score must be explained properly in order to avoid misinterpretations and misconceptions. For example, using an “average” risk label without clear criteria for what that means can lead to inconsistent interpretations within the organization. By communicating in a clear way and by using sensible language, you can ensure that everyone within your organization has a consistent understanding of cyber risk and risk management.
How to improve your Risk Management Framework.
- Continuous and iterative
It’s important to remember that risk management is continuous and iterative. As technology and the business environment continue to evolve, threats and opportunities may change. Risk management approaches must adapt accordingly. - Review risks regularly
Regularly reviewing risks is important in order to ensure that the methods chosen to manage them remain effective and appropriate.. You should be especially vigilant in reviewing risk assessments when significant changes occur such as a shift in the threats an organization faces or changes in the technology used to deliver and manage a system or service. - Regular evaluation of methods, frameworks and tools
In addition to evaluating risks, it is also important to regularly review the methods, frameworks and tools used for risk management. These must remain effective within the business context and appropriate for the ever-changing landscape of cybersecurity and threats. By continuously improving their approach to risk management, organizations can ensure that they are better equipped to effectively manage cyber risks.
Conclusion
In short: risk management in terms of cyber security is vital for protecting organisations against cyber threats. A risk-based approach enables organizations to identify, assess and prioritize risks and apply strategies to mitigate or reduce these risks. By adopting a risk management approach to cyber security, organizations can make informed decisions about their cyber security strategy, improve their cyber security posture and reduce the likelihood of a successful cyber attack.
OpenSight Summer Series
During the OpenSight Summer Series, we publish weekly blogs that elaborate on the following topics:
- Risk management
- Engagement and training
- Asset management
- Architecture and configuration
- Vulnerability management
- Identity and access management
- Information security
- Logging and monitoring
- Incident management
- Supply chain security
By implementing the security measures outlined in these ten steps, organizations can reduce the likelihood of cyberattacks and lessen the impact of potential incidents.Learn more about the OpenSight Summer Series here!
ChatGPT and privacy
Geplaatst op: 5 December 2023
Privacy and AI
Privacy is one of the most important human rights. It gives the right to individuals to protect their personal life and information from unlawful interference by others, including the government. This right includes various aspects such as the right to protection of personal data, the right to control personal information, and the right to personal autonomy and freedom. However, due to increasing data collection by AI and the growing power of emerging technologies, individuals in both the public and private sectors will increasingly be tracked and monitored, often without enough anonymity or consent.
ChatGPT unethically processes your data
ChatGPT uses large amounts of text data collected from various sources, including public websites and social media While the data is anonymized, there is a chance that sensitive information such as names, locations, and personal opinions could be incorporated. Yes, you read that right, private information made publicly available. As cybersecurity experts, it’s therefore our job to make users aware of the privacy risks associated with the use of AI models such as ChatGPT. But that’s not all… But that’s not all…
Discrimination and racism: AI systems like ChatGPT are filled with biases.
Al machine learning models, including AI models that perform specific tasks, are trained based on datasets, i.e. mountains of data and information on which the model bases its output. It is the only way to get the “intelligence” of an AI as close as possible to that of humans, at least that’s what the researchers of the AI system claim. ChatGPT, for example, is trained with more than 300 billion words, that’s about 570 GB of data. That’s exactly where the problem lies.
When you harvest large, unsorted data sets from the internet, it is inevitable that they’ll contain some form of biased information. This information then influences the models. Even though researchers do use filters to prevent AI-models like ChatGPT from providing false information after collecting data, these filters are not 100% waterproof. This can cause harmful biases, or worse: ChatGPT can generate answers that are plainly racist or discriminatory.
It is also important to point out that the data on which ChatGPT generates responses is outdated. In short, the data does not reflect where society currently stands in its development and progress. And, perhaps the most important: Even the researchers and developers themselves are often biased. This is because the world of tech simply is an extremely homogeneous sector dominated by, yes, none other than ‘white men’.
If we continue to ignore the privacy risks and ethical issues when using ChatGPT, among others, we are contributing to a greater invasion of our own privacy and injustice. It’s important that users take their responsibility and protect their own privacy. In doing so, they should also be aware of the ethical implications when using ChatGPT.
How to protect yourself
If you still want to use ChatGPT, it is essential to acknowledge the limitations of ChatGPT andto take responsibility for the contents that are generated and analysed under the influence of this type of technology. In addition, there are two other important measures that you can take yourself to better guard your privacy:
- 1. Avoid sharing sensitive information with ChatGPT: When getting started in ChatGPT, we recommend that you only share non-sensitive information in the prompts and do not provide any personal information. Do not share any pictures or videos, and certainly no contact details.
- 2. Do not use ChatGPT for processing sensitive information: It is also wise to disregard ChatGPT when you need to process sensitive information, like responding to emails or processing personal data. This will prevent the AI from using your private information for learning purposes and or sharing it with other users.
Remain aware of the privacy risks and take the necessary measures to protect your privacy. Do you want to know more about how to protect your data online? One of our experts will be happy to help you on your way!
5 useful tips for dealing with data management and data security
Geplaatst op: 28 May 2022
The tasks of municipalities have expanded considerably in recent years. From implementing and safeguarding Social Support tasks to the Environment Act and the social domain. Consequently, they are responsible for hundreds, if not thousands, of different systems that are all interconnected. Systems where piles of sensitive information are stored and analyzed. It’s therefore extremely important that the storage and processing of vulnerable data is done properly. In this article, we identify five trends that contribute to data security in municipalities.
1. Map security risks
An easily preventable security risk in municipalities and government agencies is the fragmentation of information or systems. They often do not have an overview of where the potential security risks or weaknesses are in the various systems. Adding to that, the division of roles among staff is also often a sensitive point that municipalities encounter. Make sure it’s clear which employees are authorised to view and process sensitive information. Data security starts with identifying the risks.
2. Employee awareness and accountability
An accident is often just around the corner. Human error is the most common cause of a data breach. It is therefore essential that all employees within the organisation are aware of the hazards and risks. This includes the accountability they take on when working with sensitive data. By training employees, you create a strong foundation for overall data security in the organisation.
3. Invest in new technologies
More and more municipalities are opting for a digital transformation. Technologies and data-driven practices such as machine learning, data analytics and block chain offer municipalities numerous opportunities to make work more efficient as well as safer. Block chain technology can, for example, help municipalities ensure quality care in Social Support tasks and transparent communication between different care providers. Investing in digital transformation with an eye on data privacy and data management will benefit many municipalities. Take advantage of it!
More tips?
Download the PDF for free, using the form below. In it, we provide additional tips that are important to keep cyber security strong and in order.
The largest cyber attack in history
Geplaatst op: 2 May 2022
In the last few years, cyber attacks have become much more common. We also often talk about it in our blogs. But text and explanation can sometimes be a bit bland and don’t speak to the imagination. That’s why in this blog we’ll give you an example of one of the biggest cyber attacks in recent history.
WannaCry (2017)
In 2017, one of the largest ransomware attacks ever took place. The attack is known as the WannaCry-attack because the ransomware used is named WannaCry. In 2017, the NSA (National Security Agency) created a tool that exploited a security vulnerability in Microsoft Software. Obviously, this tool was not made to distribute ransomware, but the NSA itself suffered a cyber-attack in which the so-called ETERNALBLUE tool was stolen and published online, making it publicly available.
Solution
Microsoft had been informed about the vulnerability a month before the leak and soon had a so-called patch (solution) that resolved the vulnerability in the security of the software. However, and you’ll probably recognize this in your own organization, not everyone had downloaded the update with the patch (“remind me later”) It soon became clear that many people were still using outdated computers and/or software. Hackers launched a ransomware attack using the ETERNALBLUE tool and infected 200,000 computers across 150 countries within a day.
Within a few hours a cyber security expert (who was also an ex-hacker) found a so called ‘kill switch’, a kind of self-destruct button in the software that caused the ransomware to shut down and stop spreading itself.
Effects
Ultimately, it’s estimated that this attack cost between 100 million and several billion dollars in damage. The WannaCry cyber attack received attention partly because of its impact on the NHS (National Health Service). The WannaCry attack disabled about 70,000 computers in hospitals all across England. The cyber attack was carried out on a scale never seen before and could have been much worse, according to experts. Using the ETERNALBLUE tool was a very well thought-out action, according to experts, but other parts of the attack including the ”kill switch” looked like amateur mistakes. Without these mistakes and the clever performance of the ex-hacker and cyber security expert Marcus Hutchins, this cyber attack could have been a lot worse with disastrous consequences.
An important lesson
Perhaps the most important lesson that we can take out of this story is: Always check if your software is up to date! Always. Updates are extensively tested in advance by developers and in all cases serve as an improvement to the current software package. This could be an update to the operation or interface, but in most cases it is a security update. Updating your software prevents you from falling victim to a (un)known security vulnerability.