fbpx

Once more unto the breach, dear friends

You are sure to have recognised this quote from Shakespeare’s Henry the Fifth, but are you pondering its significance for IT support?

In the play, the English king is encouraging his troops to keep up the pressure, finish the job and achieve victory.  When used as an expression, the implication is that you are faced with a difficult and unpleasant task but that you should crack on and get it done.  Admirable sentiments when tackling computer issues to be sure, but not the reason for including this quotation today.

No, the *breach* in question is when a hacker smashes through your cyber-security battlements.  You can take every precaution and be super circumspect but attacks can hit their mark and the cybercriminals can get their hands on your passwords and other security credentials.  Our recent blog shows just how sneaky bad actors can be in their determination to rob you of your precious data.

You take a phone call from one of your customers, asking whether you really meant to send that email with the suspicious-looking link. 

Oh no!  A quick look in your deleted items folder reveals that there are hundreds of responses to an email which you definitely did not send. 

It’s time to call in IT support to stop the breach and shore up your defences.  

You also report the data loss to the ICO and assure them that you have put measures in place to mitigate the actions of the hackers.

An unpleasant experience, but at least that’s the end of it, isn’t it?  Unfortunately not!

The rallying call goes out amongst the cybercrime community:

“Once more unto the breach, dear friends” 

They may no longer be able to infiltrate your email system but they still have your personal details from your signature and all of your contacts.  The breach is the gift that keeps on giving to the cyber criminals.

Emails will continue to be sent out to your contacts, although they will not come directly from your email address but rather a random personal address masquerading as you by putting your name in the display name field.  This practice is very obvious when viewed on a computer screen, but it’s much harder to detect on a mobile device.  This can continue for years.  No doubt your contact list has been posted for sale on the dark web.

I have seen a particularly cheeky example of exploiting the breach: shortly after a rogue email containing a link had been sent out from a valid email address, a follow-up email, this time with a spoofed email address, enquired whether I had seen the earlier email, re-sharing the link in case I had missed it!

Cyber security is an on-going conflict.  You can never assume that your defences are impregnable and you cannot afford to rest on your laurels.  You may win the battle by quickly plugging a breach but the war continues.

If you are concerned that your business is vulnerable to cyber marauders, it’s time to have your setup reviewed and to invest in awareness training for your staff (sadly often the weakest link in your armour). 

Call Computer Troubleshooters.  We are happy to advise.  As always, please stay safe.