Lineal awarded Cyber Essentials Plus Certificate

Lineal are proud to announce that we have officially achieved Cyber Essentials Plus certification.

Our operations passed a number of essential vigorous vulnerability tests of our cyber security with flying colours. Cyber Essentials Plus is the advanced level of certification offered by the government-accredited Cyber Essentials scheme; supported by the UK National Cyber Security Centre – a public facing arm of GCHQ.

The external audit of a sample of our systems saw a 100% pass rate across all PC and devices – thanks to the hard work of our in-house Cybersecurity team who worked tirelessly to ensure our success.

Attainment of CE Plus certification showcases our dedication to protect and respond to the needs of our customers. This allows us to not only have peace of mind about the high standard of Lineal’s cyber protection, but also presents opportunities for us to more effectively assist your business in achieving the Cyber Essentials certificate.

Hackers’ methods have evolved in recent years, leading to a huge rise in phishing and malware attacks with over 86% of businesses experiencing some form of cyber attack since 2017. The need for a comprehensive cyber security standards within your organisation has never been greater.

Suitable for businesses of all sizes and sectors, Cyber Essentials certification helps to demonstrate that your organisation takes cybersecurity and its clients’ data protection seriously – ensuring trust from your customers.

Contact us today to assist with your organisation’s application and ongoing compliance. You can refocus on your core business, safe in the knowledge experienced technicians will be able to help you meet the requirements for successful certification or re-certification.


32,000 Microsoft Exchange servers still at risk from Hafnium cyber breaches

Microsoft has announced that up to 92% of all stand-alone Exchange servers have been patched, following a mass data breach by Chinese state-sponsored Hafnium cybercrime group.

A mass attack on zero-day Exchange servers through four security vulnerabilities was identified and exploited by Hafnium in early March. Those with at risk servers, according to Microsoft VP Tom Burt, are recognised as 400,000 on-premise Exchange servers belonging to multiple government and corporate data centres including defence contractors, schools and other entities globally.

Consequently, the ProxyLogon security fixes released on 2nd March have mitigated this number significantly with 92% of Exchange servers now protected under the new patches. Nevertheless, Microsoft states that around 32,000 servers remained unpatched and vulnerable to Hafnium cybercrime including theft of confidential sensitive data together with installation of ransomware and ‘corrupted web shells’, such as China Chopper, allowing unrestricted external access to the unpatched Exchange servers.

These security fixes are in conjunction with Microsoft’s Exchange on-premises mitigation tool (EOMT) which installs defender scripts and dependency downloads whilst automatically running the Safety Scanner; troubleshooting any identified problems on the Exchange servers.

However, the patches do not protect servers that have already been compromised from further exploitation, therefore Microsoft has advised that organisations administrators scan their stand-alone networks for potentially installed malicious software and scripts in addition to the scans of EOMT.

The attacks themselves have raised questions over the security maintenance of in-house email servers and adds weight to the growing adoption of cloud-based internet email.


Lineal Hosts SW Police Cybersecurity Workshop

Local businesses recently gathered at Barnstaple Library for a special cybersecurity workshop organised by the South West Police Regional Cyber Crime Unit and Lineal Software Solutions Ltd.

Thirty participants from firms across the South West took part in a series of lego-based group exercises highlighting key concepts in cybersecurity, as they sought to protect a fictional utilities company from attack by common real-world cyber crime.

The winning team defended their company by spending their budget on the correct countermeasures at each stage of the exercise, and strategically limiting the damage from any breaches in security.

The South West Regional Organised Crime Unit (SW ROCU) is one of nine regional units across England and Wales that delivers specialist capabilities to target and disrupt serious and organised crime. Designed to raise awareness of coordinated digital threats, the cybersecurity workshop session is part of a new educational initiative being run by the Police right across the region.

Group exercises were followed by a short Q&A including advice for businesses on related topics including network best-practice, password policy, physical security, and the Government’s new Cyber Essentials certification.

Lineal’s Head of Technical Services, Matt Norris, explained: “We were to delighted to be able to organise the Cyber Crime Unit to run this very special workshop for local companies: we see cyber attacks becoming ever more sophisticated, and the SWRCCU takes a really positive and constructive approach to educating business owners about how to protect their organisations and employees.”

“Many businesses struggle to grapple with cybersecurity, but help and expertise is accessible.”

 

You can learn more about the South West Police Regional Cyber Crime Unit’s and their educational work across the South West online here.

For IT support and cybersecurity expertise, please contact Lineal today.


Cyber Crime hits the headlines

16844922351_ec30a1b111_z

Cyber crime is finally set to become the UK’s most common crime type, following inclusion in the latest crime figures from the Office for National Statistics (ONS).

This re-classification comes only days after news headlines emerged that an Eastern European crime group successfully used ‘Dridex’ malware to steal over £20m from UK bank accounts via thousands of infected PCs in the UK.

Cyber criminals are increasingly mounting more organised attacks on businesses, small and large – last year even U.S banking giant J.P Morgan suffered unfortunate press and a sudden plunge in its share price when digital thieves stole the personal information and contact details of more than 76 million customers.

The 2015 National Strategic Assessment from the National Crime Agency estimates that losses due to cyber crime in the UK now amount to a staggering £16 billion annually. The NCA also asserted that the theft of large amounts of private companies’ data still faces ‘considerable under reporting.’

Nowhere is this more threatening than for those in the financial services industry, where both reputations for reliability and access to funds make IT security of paramount importance, requiring compliance with the strictest procedures for identity validation, network safety and fraud detection.

All businesses need to be prepared for the future, where cyber crime is likely to become more sophisticated and UK companies may be expected to demonstrate greater data protection measures. This week Microsoft promoted it’s Financial Services Compliance program in connection with Office 365 – making assurances (aimed squarely at businesses in the financial sector) of direct access to staff and resources to ensure that Microsoft Office cloud services comply with financial security regulations.

Greater awareness of cyber crime amongst Government figures, the media and the public can only be a good thing, but ultimately it still remains very much up to the individual to ensure their IT systems are secure – before the worst happens.

 

More than 70% of businesses fail after significant data loss. Lineal can install a range of security measures to safeguard your business IT systems and data – enquire today via: http://www.lineal.co.uk/contact/

 

More from Lineal News

Flickr: GotCredit