OUR SERVICES
System Compromise Investigations
During 2015 - 2016 we have seen a significant rise in the incidence of Cryptolocker and Spear Phishing attacks, as well as the regular compromise of hosted systems.
​
Attackers have been able to identify and exploit weaknesses in business IT systems as well as the naivety of users, resulting in the substantial loss of data and money. This should prompt all businesses to reassess and test the security of their systems. All businesses should be examining access control, reviewing the need for two-factor financial sign-off and questioning the effectiveness of their continuity and backup systems.
CASE STUDY
Spear Phishing Investigations
During 2015-16 we have seen a dramatic increase in the number of businesses being attacked by hackers who have created a domain similar to the victim company's and then masqueraded as a company office bearer to extract money.
​
Typically this type of attack involves the CFO receiving an email that appears to have come from the MD (or similar) instructing payment of an amount of money into a bank account for some business-related reason. Often, the timing coincides with the MD being away from the office and the transaction appears to be urgent. Following an exchange of emails, the transaction is made without the MD being aware that he has supposedly authorised it. Once the bogus transaction has been identified, there is usually a flurry of activity identifying what events led to the theft and where the money has gone. These incidents often lead to reassessment of the business's IT security as well as the processes in place relating to authorisation of financial transactions above certain amounts.
​