19 Oct 2021
First, let’s look at the facts. Malware is software intentionally designed to cause damage to an organisations security and you might be startled to learn that malware increased by 358% in 2020 alone. Phishing also increased by 27% between January 2020 and January 2021. If you’re not sure what phishing is yet, don’t worry! We’ll get to that, but it’s how 80-90% of hacks start.
We asked Tramshed Tech tenants Wolfberry to teach us more about how these cyber-attacks happen and how we can protect ourselves against them. For those who don’t know, last year Wolfberry were named the most ‘Innovative Cyber Security Business in the UK’ by LiveWire and with over 23,000 nominations, this win was no mean feat.
During the session, which you can watch in full on our Youtube channel, Wolfberry CEO Damon Rands and his Senior Testers Tom and Ben walked us through a live hack. This allowed us to get into the head of a hacker and understand the kinds of techniques they use to trick the unsuspecting.
Phishing is the most common way that organisations are hacked, with 80-90% of hacks starting with a phishing email. This can be seen when criminals impersonate a legitimate organisation via digital means such as an email or text message.
Thanks to opensource software, code is publicly accessible for anyone to modify, manipulate and distribute. This holds great opportunity, but in the wrong hands it can cause catastrophic damage and cost businesses billions.
During the hack Tom and Ben demonstrated how easy it is to create highly believable and authentic looking phishing emails. They then discussed a variety of methods that hackers use to predict passwords; a technique known as a credential/password reuse. Here are just a few ways that passwords can be predictable:
With this predictability in mind, hackers can create software and set rules to hack a person or organisation over a long period of time. Once one person in an organisation is effectively hacked, a plethora of sensitive information is now accessible. Once a hacker has this level of access, they can then begin to target other more senior members of an organisation by acting as a trusted colleague.
This is a smart and effective way to access sensitive information and use weaknesses within a business to reach more senior members of staff. This highlights the value of having watertight security at every level within an organisation. If you’re looking to level up your cyber security, get in touch with Wolfberry, they are industry leaders and take the complexity out of keeping your business safe.