IT Security News Quarterly Update - Winter 2023

Happy New Year and welcome to the Winter Edition of our IT Security Update. With 2022 now firmly behind us, it’s worth a look back at some of the issues that kept our IT security department on its toes last year, and then a quick look forward to what we might expect in 2023.

 

Looking back at 2022 and predicting what might happen this year.

 

With 2022 now behind us, it’s worth looking back at some of the issues that kept our IT security department on its toes last year and then a quick look forward to what we might face in 2023.

We’re busy even when we’re quiet here in the Security department. If we’re not actively working on something for clients, then we’re proactively reading and learning to try and stay ahead of the cyber criminals for you. We have access to multiple sources of intelligence and are constantly monitoring these for information as well as any other alerts we may have set up ourselves.

Zero-day events

Last year we reacted to several zero-day events. These are events relating to a flaw that a vendor or developer has only just learnt about (or have publicly learnt about) which means they have ‘zero days’ to fix it. A zero-day cyberattack is when hackers have managed to exploit the flaw before everyone has had a chance to patch.

This results in a race between good and evil. Our security team scramble to get everything patched as quickly as possible and over the last 12 months we’ve improved our internal processes and communications to ensure that this happens even more efficiently for you. Microsoft Windows topped the list of these zero-day exploits, but with our Remote Monitoring Management (RMM) software, patching is easy to manage and happens for you in the background out of hours.  

There were also multiple zero-day events for Microsoft Exchange server throughout last year, which were particularly challenging because these patches are never quick to apply and can throw up errors. If you are still on an internal exchange server, perhaps this is the year to migrate to 365?  The cybersecurity of your business will improve as a result and the security department here at Net Technical Solutions will also thank you. 

Firewalls

We updated firewalls multiple times during 2022. In fact, I think almost all firewall manufacturers we look after had a critical firmware release at some point last year!

Mailbox compromises

2022 was another year for mailbox compromises. Lots of them. Businesses that still hadn’t moved to multi-factor authentication (MFA) found themselves burnt by the cyber criminals of the world. Even if they didn’t lose any money directly during the cyberattack, the shocking realisation that what had just happened wasn’t just an inconvenience, but that stolen data from within the offending mailbox is a real headache and will be a real headache in the months potentially years that follow. That’s without considering speaking to their customers to let them know if any personal data has been stolen, the GDPR implications and dealing with the Information Commissioner’s Office (ICO).

So, that’s the key things that happened last year. Now, let’s look forward to what IT security issues there might be in store for us in 2023…

Phishing and Social Engineering is likely to continue its upward curve. It’s one of the most dangerous techniques because it relies on human error rather than technical vulnerabilities. The hackers know this. We’re all human and we all make mistakes.

Here there is a huge benefit to offering staff cybersecurity training and\or undertaking routine phishing campaigns to better teach staff the dangers of this. In fact, this is my number one recommendation for all businesses in 2023. From a phishing testing point of view, we’ve caught everyone from directors to junior members of staff on the test campaigns we’ve run for our customers. How well do you think your staff would do?

With working from home far more common now than ever before, cyber criminals are banging on many of the weak doors of companies that haven’t done anything about cybersecurity for their remote workers since their great scramble to change working practices during the Covid-19 pandemic. Some companies are still using PPTP VPNs; some companies don’t have a secure password policy; some companies would feel that it was okay if a member of staff was to use an old Windows 7 laptop to access the company network to do some work.

None of that is okay.

If it’s not something you’ve considered, now is the time. We should adapt to change, rather than falling victim to it.  

Zero-day threats will reach new heights. Businesses will need to ensure that their respective MSP’s or internal IT teams are addressing all patches and\or firmware updates in a suitable timely manner. Here at Net Technical Solutions as mentioned earlier, we keep on top of these things and when we see something that needs action, we action!

Breaches will continue to rise and make the news. There’s not too much you can do about this, although making certain all your login accounts are protected by multi-factor authentication (MFA) will ensure that if the bad guys do come to posses your username and password, that won’t be enough for them, and they’ll focus on the companies that haven’t set this up. Most accounts now have this ability and there are plenty of ‘how to’ guides on YouTube and similar, to help set it up.

Mobile device threats will rise. WhatsApp, Telegram, Teams, LinkedIn etc. are all viable candidates for leverage by cyber criminals. E-mails for example, have certain levels of protection these days, filtering, various DNS (Domain Name System) records, but businesses are communicating in other ways as technology advances. These can create blind spots for IT teams which makes them appealing targets for cyberattacks by hackers. Therefore, your staff and colleagues should only install apps from trusted app stores, don’t root their devices, and be careful which sites they visit.

Whatever your organisation may face this year, our IT security team is here and primed, ready to support you. I hope you’ve found the above helpful and if you have any questions at all, please contact your account manager or e-mail security@ntsols.com.

Click here for more information on our IT Support and IT Services in Surrey, Hampshire and beyond.