Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
IS NOW<br />
Combining thermal security cameras with video management systems.<br />
www.flir.com<br />
Untitled-20 1 18/02/16 10:18<br />
detective’s appeal:<br />
Also protect<br />
your digital<br />
perimeters<br />
Cyber was on the agenda of the most<br />
recent ST17 conference.<br />
Pictured: Dave Porter<br />
speaking at the ST17<br />
conference at the<br />
Majestic, Harrogate<br />
in July<br />
Morning seminar<br />
The Yorkshire and<br />
Humberside cyber crime<br />
unit has been running<br />
seminars for businesses<br />
and others to better<br />
understand the risks, most<br />
recently on cyber incident<br />
response planning, on<br />
August 3, at Sheffield<br />
Hallam University;<br />
including how to manage<br />
the media and customers<br />
through an attack.<br />
58<br />
UNHAPPY<br />
‘If you were lucky<br />
enough not to have<br />
been effected by<br />
WannaCry or Petya take<br />
it as a sign. Remember,<br />
you don’t have nine<br />
lives.’<br />
Tim Erlin, VP at IT<br />
security firm Tripwire.<br />
One of the detectives from the<br />
Yorkshire and Humberside<br />
cyber crime unit, Dave Porter,<br />
spoke at Harrogate. That’s one of nine<br />
regional units. While the National<br />
Crime Agency and the NCSC (National<br />
Cyber Security Centre) also do similar<br />
work, Dave began by saying how<br />
many staff were in his unit: six, five<br />
detectives and one sergeant. While that<br />
might not sound many, Dave added<br />
that police forces were ‘encouraged’<br />
to bring on their own cyber units; and<br />
he foresaw upskilling of police, so that<br />
when a cop was called out, he would<br />
be as able to deal with the thief stealing<br />
from your bank account, as the thief<br />
on the street. However, that did beg<br />
the question of how able police now<br />
are to, for instance, seize computers<br />
as evidence, and investigate, let’s<br />
say, the high-profile recent cases of<br />
ransomware, as Dave mentioned.<br />
What are you doing<br />
Dave raised some questions for the<br />
security audience; when installing<br />
equipment such as a video recorder,<br />
do you know exactly what you are<br />
doing? Is there a vulnerability through<br />
a IP-connected device? Because if<br />
there is, he went on, the chances are<br />
that someone is scanning, trying to<br />
find such devices, looking if there is<br />
something they can use. “All I am<br />
asking, you are in the physical world,<br />
protecting perimeters; you need to<br />
do that in your digital world as well.<br />
Know your perimeter, know your<br />
architecture, know what is installed,<br />
map it, walk around it in your head.<br />
Cyber crime, yes, it is technical, but<br />
most preventative measures are what<br />
you would do in the physical world.”<br />
Walking around parts of a city with<br />
headphones and sunglasses on would<br />
be a risk, not something you would do;<br />
but people are not taking equivalent<br />
SEPTEMBER 2017 PROFESSIONAL SECURITY<br />
due care in cyber-space, he said.<br />
Poor passwords and user names are<br />
one of the biggest vulnerabilities;<br />
use ‘password’ as a password, and<br />
that will get smashed in seconds, he<br />
warned. If you have Windows XP (that<br />
is, the software that Microsoft has<br />
ended support for) running anywhere<br />
on your systems, take it offline and<br />
decide how you can protect it. In other<br />
words, such legacy products need to<br />
be managed properly, and patched. “I<br />
can’t talk enough about back-ups,”<br />
Dave went on. “So many businesses<br />
are crippled when ransomware occurs<br />
on their systems.” While you may pay<br />
the bitcoin ransom to get your data<br />
back, it might not come until you pay<br />
more. Keep your back-ups offline, and<br />
in a different location, he advised. And<br />
have a business continuity plan for<br />
when a cyber-crime occurs, for how to<br />
bring your systems back.<br />
Rush to IoT<br />
Cars, kettles, toys, games consoles,<br />
web cameras and CCTV; people are<br />
rushing to the Internet of Things (IoT),<br />
without thinking of vulnerabilities, he<br />
warned. IP cameras and routers are<br />
routinely exploited through the Mirai<br />
botnet (which lets a hacker enter a<br />
device, send spam via it, and steal<br />
data). “Ask yourself the question, does<br />
it need to be online,” Dave said.<br />
And insider threat<br />
Another threat to cyber that is in fact<br />
from the physical world that Dave<br />
covered next: insiders, ‘still one of the<br />
biggest threats we have in cyber-space<br />
... it doesn’t have to be malicious<br />
either’. Criminals will gather details<br />
about your organisation - maybe<br />
through a supplier - to carry out a<br />
mandate fraud, for instance. While<br />
as Dave said we have all seen such<br />
emails; the right one with the right<br />
leverage showing the right knowledge,<br />
will get money paid to it. Product<br />
developers may bleed facts about<br />
programmes on forums online, that’s<br />
abused. Dave repeated the wartime<br />
slogan, ‘loose lips cost ships’: “We<br />
see that in the police all the time; say<br />
the wrong thing to the wrong person<br />
and you don’t know where it’s going<br />
to go.” What IT access do staff,<br />
including from agencies, need. Do<br />
they need access to payroll, that they<br />
might manipulate; or to confidential<br />
files, that they may send to the<br />
media? He ended by stressing how<br />
cyber-crime will affect all businesses<br />
and people: “It isn’t about if, it’s<br />
about when, it really is.” No longer<br />
can you leave cyber to ‘Bob in IT’:<br />
“Everybody needs to be aware.” p<br />
And from the chair<br />
Mike Gillespie, conference chair,<br />
echoed Dave. Mike said: “There are<br />
manufacturers right now today who<br />
are prepared to sell us equipment<br />
that still has firmware that has a<br />
vulnerability in it that allows the Mirai<br />
botnet to occur; and I think everyone<br />
of us should be pushing back on the<br />
manufacturers of our security kit,<br />
to ensure at point of supply we are<br />
getting security.” See over the page. p<br />
www.professionalsecurity.co.uk