|
Welcome to the November 2023
edition of CNC NewsParis, the city of love. It’s at Love Lock Bridge, Pont des Artes where you will see hundreds, if not thousands, of locks attached to the bridge across the river Seine. The ritual started in the early 2000s when a couple inscribed their names upon a lock and then threw the key into the river, to let the world know that their love is unbreakable. But also, legend has it, that a young woman who lost her one true love during World War One fixed a padlock to the bridge where they used to meet. This romantic tradition didn’t start in Paris, where did it start? Answer at the end. |
|
Antivirus Vs EDR: What’s the difference? |
|
As with making anything secure, it’s best to put your best lock forward. When it came to protecting your computer data, antivirus protection (AV) was, for a long time the best way to lock up and secure your computer network. That was until now.
Antivirus software was born at the end of the 1980s. AV was the stalwart defender against digital threats. Your typical brand of AV relies heavily on signature-based detection, identifying the various malware by their predetermined patterns of behaviour. Antivirus fought against the malware classics with all their fancy names. Boot sector and file infectors spread by floppy disks; and macro viruses spread by email attachments; these methods wreaked havoc during the early days of computer use. But AV continued to fight the good fight. |
|
Melissa, I love you, Code Red, Sobig, MyDoom,
Michaelangelo, Wannacry, Zeus, CryptoLocker, Klez |
|
| During the mid-90s, AV only had to contend with around 1300 viruses. Today, that figure sits at around 350,000 new malware programs created every day.
With the shift towards cloud computing, the increasing use of mobile devices, the rise of fileless attacks, and other advanced evasion techniques, it was inevitable that AV would struggle to keep up with the deluge of new threats.
Cybercrime in the 21st century.
New predators have entered the online arena. Ransomware, phishing attacks, zero-day exploits, obfuscation techniques such as metamorphic and polymorphic malware, and mutation engines with self-propagating codes that continuously change their signatures, which essentially renders AV software useless, because it doesn’t know what to recognise. |
|
A report generated by the UK government suggests the cost of network clean up and repair to be an estimated £27bn per year |
|
| With more data and financial information being stored on computers than ever before, businesses needed a new kind of weapon to protect against the increasing exploits of cyber criminals, and the lack of efficacy from an old adaptive system out of step with the new style of cyber attacks. |
|
Why Endpoint Detection Response (EDR) is the future.
With the evolving nature of cyber threats being developed by cyber criminals, a more robust approach and effective method is needed. EDR is not just one thing, it’s a multilayered approach to defending your business network. Acting on time is the critical marker when it comes to cybercrime and your network.
1: Real-Time Monitoring: EDR solutions continuously monitor for any kind of suspicious activities or behaviour, and it’s all done in real-time. So, any kind of potential threat allows for a swift response, before the problem escalates into a serious cyber issue.
2: Behavioural Analysis: EDR watches out for any suspicious behavioural anomalies, thus negating criminal tools like zero-day exploits and polymorphic malware.
3: Incident Response Capabilities: Not only does EDR detect threats, but it also allows security teams to investigate the incident and lock off any infected endpoints, it remedies the situation - again all in real-time.
4: Forensic Analysis: EDR allows for a detailed analysis of the root causes of what it is you are up against, which allows security specialists to understand the tactics, techniques, and procedures (TTPs) that are used by criminals. |
|
Ransomware is one of the fastest-growing
malware hazards of the 21st century |
|
| 5: Evolving Security Environment: EDR is designed to adapt to an ever-evolving threat landscape. It does this by adapting, updating, and building on its earnings against emerging threats, thus making it a much more dynamic and future-proofed solution.
6: Endpoint Visibility: Hackers typically, will try to enter through an endpoint, to gain access to your network. EDR allows you to securely monitor, view and manage all the endpoints within your IT environment, thus making it easier to respond to and deal with potential cyber-attacks.
7: Integrated Cyber Threat Intelligence: EDR will initiate defensive measures, faster containment and a speedier recovery. It is a particularly useful tool because of the sheer speed with which it analyses the various anomalies and indictors of compromise.
8: EDR Solution: Possesses all the tools inherent in its design to help you with monitoring, and provide audit trails and reporting tools, which can help when complying with security standards and sector regulatory obligations.
Please note:
Whilst EDR is a super powerful tool in the fight against cybercrime, it should be remembered that it works best not just on its own but combined within a strategic cyber security framework with comprehensive and multiple layers of protection. |
|
A person like this, stole £1.6 million from a business in just under 20 minutes |
|
What happened to Kent Brushes Ltd, can happen to anyone. Sadly, this 246-year-old company, purveyor of brushes to the Royal family - was duped by thieves into giving over access to their bank accounts. £1.6 million was then removed from the account in just under 20 minutes.
The Hertfordshire-based company fell foul of what is called an Authorised Push Payment scam or (APP). In just under 20 minutes, conmen withdrew the amount via dozens of fraudulent transactions. Steve Wright CEO of the company when asked how he felt about the loss when he found out the news. |
|
“I don’t think I can put into words how I felt” |
|
| An APP scam is where a person or a business is psychologically tricked and manipulated into sending money to a criminal who is posing as a genuine payee. Typically, a criminal will phone, text, or email and convince the target person to send money to an account. The problem here is that the account is usually owned by the criminal.
If for a moment you suspect that you have been the subject of an APP scam, it’s best to act quickly. Contact your bank, card, or financial institution immediately. They may be able to stop the transaction, but speed is of the essence. |
|
£239.3 million has been lost to APP scams
in the first half of 2023 alone |
|
| The good news is that many banks have signed up for the Contingent Reimbursement Model Code for crimes perpetrated in this manner. Thanks to the code, banks go through a number of steps to stop and protect, and if they can they will reimburse companies that fall for APP-driven scams.
Whilst the company suffered an obvious financial setback due to the crime, luckily the company’s finances were robust enough on this occasion. Kent Brushes is in the process of pursuing the matter to recover the stolen money. |
|
“It’s important you get in touch with your bank or provider as
soon as possible if you think you’ve been scammed" Financial Conduct Authority |
|
| If you like to know more about protecting your IT infrastructure from online fraud, then contact CNC on 01273 384100 or email sales@cnc-ltd.co.uk. |
|
Microsoft 365 Copilot – A Vision of Things to ComeWe spend an average of about 37 hours a week at work, of which 68% is spent on ‘doing stuff,’ spending time on various tasks, creating more tasks and attending meetings. Don’t we just love those meetings? |
|
Answer: Vrnjačka Banja in Serbia |
|
|
| |
|
