FOXBOROUGH, Mass.–(BUSINESS WIRE)–Thrive, a premier provider of cybersecurity and digital transformation Managed Services, is proud to announce that it has been named The Channel Futures 2023 Managed Security Services Partner (MSSP) of the Year. Thrive was honored during the MSP 501 Awards Gala on Wednesday, November 1st, at the renowned Fontainebleau Miami Beach in Florida.
Thrive named Channel Futures 2023 Security Provider of the YearThrive’s achievement as The Channel Futures 2023 MSSP of the Year is a testament to the company’s unwavering commitment to protect and empower their clients with all-inclusive cybersecurity solutions. Thrive stands out amongst its peers based upon its unique approach in utilizing industry leading tools in combination with their 24x7x365 eyes-on-glass Security Operation Center (SOC) personnel and cybersecurity mesh automation systems to harden their clients’ security posture, end-to-end.
New Cybersecurity Crisis: High-Stakes Supply Chain BreachesIn a stunning turn of events, major British corporations like British Airways, the BBC, and Boots are reeling from a relentless wave of supply chain breaches that have sent shockwaves through the cybersecurity landscape. These audacious backdoor hacks have plunged these esteemed institutions into turmoil, leaving a trail of destruction in their wake. Over 100,000 employees’ confidential information, from bank details to personal contact information, is now in the hands of malicious actors. This blog unravels the chilling impact of these recent cyberattacks and discovers essential strategies to safeguard your business from becoming the next target.
Urgent Alert: Supply Chain Vulnerabilities Threaten UK Businesses, Especially SMEs
Vulnerabilities through the supply chain are an emerging threat, and the UK government is just starting to warn businesses about it. The risks affect SMEs who depend on their relationships with big businesses to secure ongoing contracts, so they must be educated on hackers’ behaviours. Not only do they need to protect their businesses, but they also must appreciate that they might inadvertently open a ‘back door’ to their customer systems. Embroiled in one of these hacks would threaten their reputation and ongoing business.
SMEs need to consider cyber threats in AND outside their immediate businesses, and CISOs need to consider possible hidden weaknesses in their systems, suppliers and third-party software.
The Latest Perpetrators
The latest UK attacks are attributed to a Russian hacking group well-known in the intelligence and cybersecurity spheres as ‘Clop.’ Clop is notorious for seeking out large organisations (from regional governments to children’s hospitals) and encrypting their files – demanding a ransom payment in cryptocurrencies like Bitcoin for the decryption keys.
This time, they targeted a common file transfer software called MOVEit. The hackers pinpointed a ‘zero-day vulnerability’ weak link in its code to access servers containing employees’ personal and financial details. Clop gathered the data, encrypted it, and threatened to publish it on the Dark Web, exposing victims to many dangers. Due to MOVEit’s astronomical user base, at least 60 million people could have been affected by this breach, although the number is possibly much higher. Naturally, the consequences for the victims have been dire, putting them at risk of identity theft and potential legal disputes.
This breach has wholly eroded trust among users, partners, and stakeholders of MOVEit and opened up significant legal repercussions for the software company’s failure to adhere to GDPR. And this is not the only supply chain disaster this year.
Just a few months earlier, a complete suspension of Royal Mail international postal deliveries was caused by a similar Russian ransomware attack. The attack group, known as Lockbit, infected custom-label printers for overseas parcels, causing them to spurt out ransom notes, an infamous Lockbit tactic.
The attack’s aftermath was devastating, with over half a million parcels and letters stranded in limbo due to the halted international postal deliveries. Lockbit’s demand for cryptocurrency payments ensured the transactions were virtually untraceable, making it challenging for law enforcement agencies to identify the perpetrators or recover the extorted funds. They also made clear in the ransom note that it was either paid up or the stolen data would be published for all on the Dark Web to see. The public exposure of the attack and potential data leaks have now harmed the Royal Mail’s reputation, eroded trust among customers and partners, and caused substantial financial loss due to delayed deliveries.
The Widespread Impact of a Supply Chain Attack
Due to their far-reaching implications, supply chain hacks represent a grave and unique threat in the digital age. Unlike most cyberattacks targeting a single entity, supply chain breaches infiltrate interconnected networks, affecting numerous organisations simultaneously. Hackers exploit trusted relationships, compromising multiple points within the supply chain, leading to widespread data theft, financial loss and logistical disruptions.
These attacks can paralyse entire industries, impacting consumers, businesses and critical infrastructure. In addition, the complexity of modern supply chains amplifies the challenge of detecting and mitigating breaches quickly. This interconnected hacking style makes attacks more severe, making them particularly destructive and difficult to combat.
Considering these recent devastating hacks, it’s important to follow advice from NCSC and trusted partners to make sure your company is not in the firing line for the next barrage of supply chain attacks. Even the most minor attempted attack incurring no financial loss can hugely impact client trust. That being said, according to NCSC research, only around 10% of businesses vet the risks posed by their immediate (13%) and broader suppliers (7%), and considering the risk posed, this should change.
How to Identify an Attack
The first step after a course of prevention is, of course, recognising a supply chain attack. One key indicator is unexpected disruptions in the supply chain, such as delayed deliveries, sudden changes in supplier behaviour, or unexplained differences in product quality. Unusual requests for sensitive information, especially from trusted suppliers, should raise immediate suspicion. Monitoring financial statements for anomalies can also reveal unauthorised access or fraudulent activities within the supply network. By staying alert to these signs and investigating any inconsistencies, businesses can take swift and decisive action to mitigate potential threats, safeguard their operations, and maintain the trust of their customers and partners.
How to Protect Against Attack
A surefire way to improve your business’s chances of survival against a supply chain attack is getting a Cyber Essentials certification, a government-backed scheme protecting businesses in five core ways. This is essential for SMEs aiming to supply to government departments and larger organisations in the HMG supply chain. This certification process covers secure configuration, malware protection, network firewalls, user access controls and security update management. Applying these five changes can reduce your business’ online risk by 95% and give you the essential knowledge to speak with your suppliers about the security protocols they do (or don’t!) have in place.
How to Vet Your Suppliers
Enterprises should conduct thorough due diligence when selecting suppliers and partners to have the best chance at protection. Evaluating their cybersecurity policies, practices, and track records can help identify future vulnerabilities in the supply chain. Regularly reassessing vendor security measures is critical, ensuring they address all new emerging threats. Encrypting data throughout the supply chain also adds a layer of protection. Scrambled data is significantly more challenging for hackers to exploit, reducing the risk of unauthorised access and data breaches. In addition to these options, enforcing supplier security standards can substantially enhance supply chain security. Requiring them to comply with cybersecurity frameworks such as the NIST Cybersecurity Framework or ISO 27001 can establish a baseline for security expectations and keep you safer in the long run.
If you’re at all concerned by the risk of a supply chain attack, come and talk to us. Thrive is highly experienced in supporting small to medium-sized businesses in countering the latest threats. We can work with you to ensure that your employees and business protocols are as resistant as possible to these emerging risks.
Contact Thrive today to discuss how we can help protect your business.
Thrive Named Channel Futures 2023 Security Provider of the YearAward highlights Thrive’s dedication to excellence in delivering cutting-edge, comprehensive cybersecurity programs to businesses across the globe.
FOXBOROUGH, MASS. – November 3, 2023 – Thrive, a premier provider of cybersecurity and digital transformation Managed Services, is proud to announce that it has been named The Channel Futures 2023 Managed Security Services Partner (MSSP) of the Year. Thrive was honored during the MSP 501 Awards Gala on Wednesday, November 1st, at the renowned Fontainebleau Miami Beach in Florida.
Thrive’s achievement as The Channel Futures 2023 MSSP of the Year is a testament to the company’s unwavering commitment to protect and empower their clients with all-inclusive cybersecurity solutions. Thrive stands out amongst its peers based upon its unique approach in utilizing industry leading tools in combination with their 24x7x365 eyes-on-glass Security Operation Center (SOC) personnel and cybersecurity mesh automation systems to harden their clients’ security posture, end-to-end. Rather than selling a handful of point in time solutions, like many of their competitors, Thrive has consistently demonstrated innovation, expertise, and a client-centric approach to helping them orchestrate all security functions through Thrive’s SOAR & ServiceNow state-of-the art platforms.
“We’re honored to be recognized as The Channel Futures 2023 MSSP of the Year,” said Rob Stephenson, CEO of Thrive. “This award reflects the hard work and dedication of our team to prioritize our clients’ security needs. In an age where data breaches and cyber threats are rampant, Thrive remains steadfast in our mission to provide the best possible protection for businesses across North America, Europe & Asia-Pacific.”
Before the MSP 501 Gala, Mr. Stephenson was a featured expert panelist during these esteemed sessions at the Channel Futures MSP Summit: “Gaining an Edge in Cybersecurity with AI: A Channel Partners Playbook” and “(Almost) Everything you need to know about AI: Tips and Best Practices for Building AI Solutions Customers Actually Need.”
For more information on Thrive, visit thrivenextgen.com.
###
About Thrive
Thrive is a leading provider of NextGen managed services & client security programs designed to drive business outcomes through application enablement and optimization. The company’s Thrive5 Methodology ensures each business application achieves peak performance, scale, uptime, and the highest level of security. For more information, visit thrivenextgen.com.
Thrive: LinkedIn, Twitter, Facebook, YouTube and Instagram
MEDIA CONTACT:
Kristina O’Connell
Thrive
EVP, Marketing
koconnell@thrivenextgen.com
978.764.7960
Thrive Spotlight: Richard Smith, Chief Financial Officer, European Operations
Welcome back to another installment of our “Thrive Spotlight” blog series.
Our featured employee is Richard Smith, Chief Financial Officer, European Operations. He is responsible for all things financial in the European region which currently encompasses our London, Luton and Nottingham sites. He is part of the overall Thrive finance function and reports to Jay Adams the CFO of Thrive.
Richard lives in Milton Keynes, a new city in the UK about 50 miles north of London. The location is ideal for his commute to Thrive’s three UK offices in London, Luton and Nottingham.
He and his wife have two grown sons they are very proud of and enjoy spending time with when possible. Richard likes to keep fit at the gym and is a keen cyclist out on the road with friends most weekends. He also enjoys watching sports and has season tickets for a local soccer team, MK Dons.
Even though his roots are in the UK, he is a travel enthusiast. He’s preparing to visit Japan, his first long-distance trip since lockdown. It’s a country that fascinates Richard, and he can’t wait to explore Japan’s rich culture.
Hi Richard! Can you tell us about your background and how you came to Thrive?
I have over 30 years experience in senior finance roles. I trained and qualified as a Chartered Accountant (similar to a CPA in the U.S.) with KPMG. I spent the first 12 years of my career with KPMG in the UK and Australia, most of my time working in London, leading turnaround assignments for large corporations facing financial challenges. Since then, I have worked in controller and CFO roles for private and public organizations in various sectors. I joined ONI in 2014 as its first CFO to create a first-class finance function to support the company’s growth before the sale. Thrive acquired ONI in May 2021, when I was appointed CFO for Europe.
Where did you go to school or get training?
I went to secondary school in Lincoln, an old Roman city in the East of the UK. I graduated from The University of Birmingham with an honors degree in Mathematical Sciences. I joined KPMG in Milton Keynes, where I trained and studied to be a Chartered Accountant.
What do you most enjoy about working for Thrive?
It has to be Thrive’s people. The Thrive culture is very similar to what I was used to at ONI, with a real focus on people and a work-hard, play-challenging approach. I’ve enjoyed building relationships both inside and outside of the company.
Are there any recent exciting projects at Thrive you can tell us about?
While at ONI, being acquired by Thrive was an exciting project but very intense. It was during COVID, so everything had to be handled remotely and on Teams. Now, we have three businesses in the UK.
I look forward to creating an integrated finance function to support their growth as part of the Thrive family.
Are you interested in learning more about Thrive? Click here!
And don’t forget to follow us on Twitter and LinkedIn for the latest news, and continue checking our blog for more in our “Thrive Employee Spotlight” series. Until next time…
Thrive Spotlight: Brendan O’Leary, Vice President of Service DeploymentWelcome back to another installment of our “Thrive Spotlight” blog series.
Our featured employee is Brendan O’Leary, Vice President of Service Deployment. In his role, Brendan oversees the deployment of technology, ensuring that Thrive’s solutions are efficiently and effectively integrated into client environments.
Brendan resides in Providence, Rhode Island, where shares his home with his wife and their beloved dog. Brendan has a penchant for riding motorcycles when he’s not working, with his latest being a Moto Guzzi V7. He’s also a culinary enthusiast, often expressing that if he weren’t in IT, he’d likely turn his passion for cooking into a career.
Hi Brendan! Can you tell us about your background and how you came to Thrive?
Before joining Thrive, I was a part of Atrion, an MSP based in Warwick, Rhode Island. I began my journey there through its apprentice program. Over time, I gained experience and eventually became a senior engineer focusing on Microsoft 365 Technologies. When another MSP acquired Atrion, Thrive approached me and the timing felt perfect. I jumped at the opportunity and quickly joined and have grown my career alongside Thrive’s own growth.
Where did you go to school or get training?
I pursued a Bachelor of Science in Network Security at Roger Williams University in Bristol, RI. My education was further enriched by on-the-job experience handling customer projects and exposure to enterprise networks.
What do you most enjoy about working for Thrive?
That’s easy – it’s the people. Five years might not seem long, but during this time, I’ve witnessed incredible individuals grow their skill sets, becoming senior engineers or managers in various departments. Many of the folks who started alongside me have been personally and professionally invaluable. Thrive is known for identifying exceptional talent, both inside and outside of the company, and putting those talented people in the right position to succeed. The demands of an MSP can be intense, but the team at Thrive always ensures you feel supported and valued.
Are there any recent exciting projects at Thrive you can tell us about?
Certainly! Since the pandemic in 2020 Thrive has taken a major initiative to help our clients work securely and effectively in the new work from home and hybrid work reality. We’ve focused our efforts on how to make clients embrace all of the features of tools such as Microsoft Entra ID, Intune Autopilot, Azure Virtual Desktop as well as cloud and zero trust security solutions. It’s been great to be on the cutting edge of helping customers go through a true digital transformation.
Are you interested in learning more about Thrive? Click here!
And don’t forget to follow us on Twitter and LinkedIn for the latest news and continue checking our blog for more in our “Thrive Employee Spotlight” series. Until next time…
AI in Business: Efficiency in Exchange for Risks?Artificial Intelligence (AI) has captured everyone’s imagination, and many businesses are now exploring the potential for AI tools to reduce costs and create efficiencies. Over 3,000 AI enterprises and 129,000 people are employed in the UK. AI is projected to contribute over £42 billion to the economy through various applications such as machine learning programs, data analysis, sensor and signal processing, and automation.
However, it is still in its early phases, and using a new technology comes with unanticipated hazards.
This blog intends to inform business owners of the newly understood risks and answer the question: Can AI tools, such as ChatGPT, be used safely in the corporate environment, or should they be cautiously tested alongside scrutiny of the data privacy implications?
Uncontrolled growth
HSBC surveyed over 500 UK businesses and found that over a third are planning to use AI to generate business efficiency and replace staff. According to research by Startups Magazine, over 60% of SMEs are considering the same. According to a survey by The Times, British businesses are more wary of using AI than companies in the US. Organisations such as the British Retail Consortium recognise the business potential but warn against the risks of mindlessly using generative AI tools, such as ChatGPT and others.
Reaching 100 million active monthly users in its first two months, ChatGPT is widely regarded as a miracle software – but it’s far from it. The Law Society investigated reports of AI creating false reference links to material that did not exist but had supposedly been published by a major UK newspaper.
Notoriously referred to as “hallucinations,” AI chatbot software is getting a reputation for being, at best, imprecise and, at worst, untrustworthy, yet this is increasingly used in front-line B2C services as the link between customers and business.
“Black Box”
Essentially, these tools are a black box – ingesting user data without checking what is being collected, how it’s being used to formulate a response, and where it goes afterward. This has significant privacy implications when employees input sensitive corporate information.
Taking Samsung as an example, employees using ChatGPT to fix a coding issue led to an accidental data leak this year, prompting a blanket ban on generative AI tools due to intellectual property risk. This is no surprise, as ChatGPT’s privacy policy states that they “may provide your personal information to third parties without further notice to you unless required by the law.”
They also note that this includes “vendors.” The best way for CISOs to secure corporate information security is to discuss and work closely with data scientists. However, to prevent such readily preventable incidents, staff must review the privacy policies of each AI tool before use.
Lack of legal protection
In 2022, the UK Parliament began a review into the legal protection in place relating to the use of AI, which concluded in a March 2023 white paper that AI protection has significant gaps and currently relies on existing legal frameworks such as financial services regulation, without properly purposed or intended consequences. The implications for businesses present unexplored legal territory.
Recently, businesses have been surveyed to understand their awareness of these risks. Surprisingly, in the 2023 KPMG Generative AI Survey, out of 225 polled executives, 68% had not appointed any team or person to respond to the generative AI phenomenon, leaving it to the IT department in general – impeding employees from having specific guidance in the face of data risk.
60% believed they were one or two years away from doing this. But while executives mull over implementing appropriate generative AI solutions, employee use is increasing. In a recent survey by Fishbowl, 43% of 11,793 respondents admitted regularly using AI tools like ChatGPT for work tasks, 70% of which do so without the boss knowing.
Hidden bias and secret profiling
Even when used securely, AI has proven to act with extreme bias based on the information it gathers from the world around it. Some high-profile examples are Amazon’s gender-biased recruitment bot preferring men to women and police facial recognition software proven to be completely inaccurate when recognising darker skin tones – leading to the London Met stopping and searching many innocent black school children after being flagged by the AI software.
Without understanding if any of this exists in a business operation, this can incur severe consequences for your business, ranging from flat-out errors to devastating racial or gender bias. In the current AI climate, bias is unfortunately inevitable, and combating it is an ongoing battle for developers. Until a solution is concocted, companies must continuously vet AI output to ensure no unethical results have unwittingly been produced that could harm your business.
Hackers using AI
Data leaks and bias are not the only dangers AI presents. For several years, hackers have constructed increasingly personalised spear-phishing attacks that have become nearly impossible for employees to clock. 95% of business network attacks result from successful spear phishing – armed with highly specific emails that mimic usual correspondence between superiors and co-workers to gain trust.
What is the worst thing about spear phishing? Its effectiveness – it has a 40x greater return rate than regular phishing. The best thing? Its difficulty – 77% target just ten inboxes, and 33% just one. But the latter’s about to change, thanks to AI tools like ChatGPT.
Hackers are now using AI to quickly gather information using algorithms similar to those used in ad targeting to leverage data and give the victim a sense of urgency.
Additionally, they use the AI’s demographic and acquired personal data to predict the best targets. To top it off, the AI-powered personalised language can make emails (or even calls using Deepfake audio) sound exactly like they’re from a boss, friend, bank, co-worker, or anyone else – with these tools allowing hackers to learn and exploit work relationships.
So, how can your employees protect themselves against data leaks and similar risks?
Companies should set clear guidelines for responsible AI use, developing processes for ensuring the quality of AI output, guaranteeing safety, and reporting any concerns.
The Managing Director and Chief AI officer of Boston Consulting Group finds that “leadership should explicitly communicate what information should or should not be provided to the AI model” to avoid data getting compromised – and stresses that lacking a clear plan of action can potentially harm profitability and tarnish the reputation of a business.
How can you protect yourself and your employees from AI-enabled spear-phishing?
Employee education is crucial. Verifying unusual requests is essential to defending against spear-phishing due to the recent appearance of these assaults and the accuracy of the language employed. Most people wouldn’t question an email or phone call from a trusted co-worker or boss. Additionally, if employee error does occur, creating barriers with anti-malware software and implementing multi-factor authentication or, even better, contextual authentication can serve as a secondary line of defence.
Undoubtedly, AI has increased business efficiency and convenience to previously unheard-of levels. However, the abundance of new ethical issues, hazards to data security, and inaccuracies underline the need for businesses to take a cautious and responsible approach.
Partner with Thrive
Thrive is highly experienced in supporting small to medium-sized businesses in countering the latest threats, and we can work with you to ensure that your employees and business protocols are as resistant as possible to these emerging risks.
Contact Thrive today to discuss how we can help protect your business.
Thrive Spotlight: Angela Yengel, Manager, Project DeliveryWelcome back to another installment of our “Thrive Spotlight” blog series.
Our featured employee is Angela Yengel, Manager, Project Delivery. Angela manages the recontracts and offboarding teams within Project Delivery.
Angela lives in Myrtle Beach, South Carolina, and enjoys gardening, traveling, spending time with her family, and golfing.
Hi Angela! Can you tell us about your background and how you came to Thrive?
I started my career in the MSP world 14 years ago when I responded to a job posting on Craigslist for a Call Center Operator. I triaged calls for two years in the call center before moving to the renewals team, quoting client renewals of managed services and manufacturer support, and eventually becoming the Director of Renewals. After 13 years with the same organization, I was contemplating a new career path when Thrive contacted me for a position in the PMO handling Recontracts. I was already familiar with Thrive because several of my previous co-workers were already Thrive employees, so I made the jump and couldn’t be happier I did!
Where did you go to school or get training?
I earned my BS in International Business, starting at Central Connecticut State University and finishing at Strayer University. Once I began my career, I obtained my Cisco Sales Expert and Cisco Renewals Manager certifications.
What do you most enjoy about working for Thrive?
The people. Since the day I started, everyone I have encountered has always been fantastic to work with; it doesn’t matter what department or level of employee I have reached out to, everyone is willing to help and collaborate.
Are there any recent exciting projects at Thrive you can tell us about?
The Recontracts Pod is building a single dashboard for the Account Management team to provide all the information they need to have a complete and accurate view of their customer’s environment and contracts to increase speed and accuracy when quoting recontracts.
Are you interested in learning more about Thrive? Click here!
And don’t forget to follow us on Twitter and LinkedIn for the latest news, and continue checking our blog for more in our “Thrive Employee Spotlight” series. Until next time…
Thrive to Showcase Cybersecurity and Digital Transformation Solutions at DTX EuropeExperience Thrive’s Advanced Cybersecurity Innovations on Oct. 4-5 in London
FOXBOROUGH, Mass. – September 26th, 2023 – Thrive, a premier provider of Cybersecurity, Cloud, and Digital Transformation Managed Services, announced today its participation, exhibition, and sponsorship at the much-anticipated Digital Transformation EXPO (DTX) Europe event taking place in London on October 4-5. At DTX Europe, known for bringing together the best minds and leading digital technology, Thrive will present its state-of-the-art cybersecurity and digital transformation solutions.
Attendees are invited to visit Booth B36, where Thrive’s dedicated team will discuss the ever-changing dynamics of digital security and transformation, including its robust NextGen portfolio of managed end-to-end cybersecurity and Cloud solutions that drive secure digital transformation for small to mid-sized enterprises across various industries in Europe, the U.S. and Canada.
“It’s an honour to represent Thrive at DTX Europe,” remarked Steve Tilley, Head of European Sales at Thrive. “This event offers an unparalleled opportunity for us to connect with industry peers, spotlight our cutting-edge solutions, and stay abreast of the latest in cybersecurity and digital transformation. We proudly showcase Thrive’s ever-expanding European operations to keep European businesses resilient and competitive in the digital age with our secure, scalable, and flexible cybersecurity and Cloud technology.”
Visit Thrive at Booth B36 to explore Thrive’s managed cybersecurity and Cloud services. For more information or to schedule a meeting with Thrive at the show, please email stilley@thrivenextgen.com.
###
About Thrive
Thrive is a leading provider of NextGen managed services designed to drive business outcomes through application enablement and optimisation. The company’s Thrive5 Methodology utilises a unique combination of its Application Performance Platform and strategic services to ensure each business application achieves peak performance, scale, uptime, and the highest level of security. For more information, visit thrivenextgen.com.
Thrive: LinkedIn, Twitter, Facebook, YouTube and Instagram
Cybersecurity Dangers Lurking in Hybrid and Remote Working
In our last few blogs, we’ve discussed the risks to UK businesses from cyber attacks in a “static environment,” such as an office.
We’ll now concentrate on the dangers your employees may encounter while away from the office. Most UK SMEs have now switched to a hybrid or accepted ‘work from home’ model for staff. However, cyber threats are emerging, targeting personal mobile devices used in the company business and authorised devices used in public places.
What’s the risk?
We already know that the greatest vulnerabilities happen when there is a human risk factor. When your employees are traveling or working away from their secure office environment, they can be most at risk of unwittingly getting malware on their devices, which they then bring back to the office and infect your protected network.
The challenge is that these new cyber attack vectors are springing up in least-expected places. A council car park was recently targeted in a ‘QRishing’ attack on the Isle of Wight. A fake QR code was convincingly placed onto parking meter machines used by visitors. When people scanned the code, expecting to be taken to a payment site, their device displayed a fake website that took their credit card information. As a result, their money was stolen by the cyber attackers and never received by the Council.
Unexpected places to be cyber attacked
Have you ever heard of “juice jacking“? It is a significant and growing threat likely to be experienced by employees on the move. This involves cyber attackers tampering with public charging stations and USB ports to gain access to users’ devices – jeopardising passwords, sensitive corporate data, and personal files, incurring privacy breaches, and even financial loss. As the convenience of public charging stations grows in popularity, the risk of falling victim to juice jacking has become more pronounced.
To mitigate this threat, users are strongly advised to avoid using untrusted charging ports. They are instead urged to plug their chargers and plugs into electrical outlets or carry their portable chargers. Employing data encryption and security software can further safeguard against potential attacks. However, if public charging stations are necessary, powering off the device can defend against data breaches. If you must use the phone while charging, selecting “charge only” when prompted to choose whether to “trust” the device can further aid protection.
Another increasing risk is attackers using seemingly innocuous QR codes to redirect users to phishing sites (known as QRishing) or download malware onto devices – resulting in unauthorised access to sensitive data and potentially incurring financial losses. Authorities have become aware of new attacks, such as in Camden, North London, where payment points for electric car charging were targeted. Now, reliable regional cyber authority sources across the UK are issuing warnings to local businesses. In a high-profile attack in the US this year, the Super Bowl featured a high-profile QR code ad for Coinbase, promising consumers $15 worth of Bitcoin for signing up. This provided a prime social engineering opportunity for cyber criminals to piggyback the trend and lure users in with an identical QR code loaded with malware.
Avoiding public QR codes is naturally the safest bet. Still, considering their newfound prevalence, there are various apps your employees can use to vet these codes before falling victim to scams. With popular options like Kaspersky QR Scanner, Sophos Intercept X, and Qrafter, the safety of a scanned link can instantly be confirmed before following it. Aside from apps, using a VPN and implementing two-factor authentication further protects against QRishing attacks.
Risks when working at home
Your employees’ homes are, of course, not immune to cyber attacks either. BlueBorne is a sophisticated attack vector through which hackers can manipulate Bluetooth connections to take complete control over targeted devices. It’s a devastating combination of incredibly desirable qualities to a hacker. Being airborne and highly infectious, it targets the weakest part of the network’s defence – the only one unprotected by security measures. What’s more, the high privileges that Bluetooth has on all operating systems allow for virtually unlimited control.
BlueBorne serves those determined to carry out cyber attacks with objectives ranging from cyber espionage, data theft, and ransomware to creating sizable botnets out of IoT devices, like the Mirai botnet. But how wide is the threat? The BlueBorne attack vector can affect all Bluetooth devices – an estimated 8.2 billion.
The security measures your employees might have, such as firewalls, mobile data management, and endpoint protection, must be equipped to identify these attacks – only blocking infections spread via IP connections. While new solutions are created to address airborne attack vectors, the best protection is ensuring devices are constantly updated as manufacturers continue to patch vulnerabilities and turn off Bluetooth and Wi-Fi when not in use.
Risks when browsing
A more specific way cyber attackers target employees is through watering hole attacks. This attack is designed to compromise users from a particular group or industry while they browse the web by infecting websites frequently visited by them, luring them into malware.
Cyber attackers who attempt watering hole attacks for financial motives or to widen their botnet can achieve this by infecting high-traffic consumer websites. However, targeted attackers, looking for results beyond financial gains, set their sights on popular sites in a particular industry, such as standards bodies, conferences, or professional forums. After finding a vulnerability on the website, they infect it with malware before waiting for users to take the bait.
To achieve this traffic, attackers may even prompt employees with highly contextual (sometimes AI-generated) emails, guiding them to a specific part of the compromised website. These emails usually don’t originate from the hackers themselves, but the newsletters received automatically anyway – making detecting these traps especially difficult. Complicating this further, the device is transparently compromised with a drive-by download attack, leaving the user oblivious to their device’s infection.
Fighting this off can be challenging for organisations, and websites can stay compromised for years before detection. Protection is increasingly essential considering recent similar attacks – for example, the 2021 “Live Coronavirus Data Map” from the Johns Hopkins Center for Systems Science and Engineering being used to spread malware to users nationwide.
So, how can organisations best protect themselves and their employees?
Advanced targeted attack protection solutions, such as web gateways, defending the enterprise against drive-by downloads matching a known signature can detect these attacks.
To protect against more elaborate attackers, organisations should employ more dynamic malware analysis solutions that vet frequently visited destination websites for suspicious behaviour. As for targeted email traps, look for an email solution that can analyse malware both at the time of email delivery, and at the user’s click-time. These mechanisms must protect the user whether they remain on the corporate network.
These are just some of the best practices we recommend. Thrive is highly experienced in supporting small to medium-sized businesses in countering the latest threats, and we can work with you to ensure that your employees and business protocols are as resistant as possible to these unusual places to be cyber attacked.
Contact Thrive today to discuss how we can reduce these risks to your business.