Why is cyber security so important? Cyber criminals managed to trick several British private equity firms into wire-transferring just under £1.3million to accounts that only they could access. What makes this even more serious, is that the executives at the firms thought they had closed lucrative deals with a series of start-up companies.
Cyber criminals are using more and more sophisticated ways to access company data, and exploit any weaknesses to gain control of IT infrastructure. In this case the method used is what is called a ‘Man in the Middle’ (MITM) attack.
This is where an individual think they are communicating with a colleague direct, but all the email traffic is being monitored by a third party, and emails are being changed before a recipient has had a chance to read them.
For all intents and purposes, the recipient is none the wiser as the email seems to be from a legitimate sender, that they themselves have made contact with, and expected a response. The fake emails are the vehicle for this type of hack, and they only differ very slightly.
Take [email protected]. A cyber-criminal would set up a man in the middle email account such as [email protected]. And there we go! Busy executives may not have noticed the additional character “-“, and hence not known the original authentic email was interfered with. It’s easy to understand how this can be overlooked, but it can cost a company millions in lost revenue or data loss.
The MITM attack in this case was targeting decision makers in companies using ‘phishing emails’ to gain control of the email account to conduct an attack. The hackers monitored the conversation between two parties and modified details as per their requirements. This attack was successful because of a lack of awareness/cyber security training.
Astec have experience in supporting businesses in implementing processes that greatly reduce the chances of such attacks. We can make your email systems more secure, and implement multi-factor authorisation protocols amongst others. If you are worried about your IT infrastructure, or data loss, please do contact us.
We can conduct a review and let you know what gaps your current IT set up may have, and solutions we would recommend. We have helped numerous clients in a variety of industry sectors, and through our collective experience, we can make sure we have you covered. If that sounds interesting to you make sure to contact us.