Matrix247 in association with The Jackson Canter Group, Grant Thornton Accountants, NatWest and Titan Police hosted a morning of informative speakers at their non-technical Cyber Security Seminar at the Echo Arena, Liverpool on Tuesday 1st November. Over 120 senior decision makers from the North West and beyond gathered to enjoy a helpful, enlightening morning and to hear insights from Joanna Kingston-Davies, Stephen Pritchard, Tracey Owen, Nigel Redwood, Manu Sharma and Helen Williams on how Cyber Security is escalating and how to prevent cyber attacks.
Stephen Pritchard, CEO of Matrix247, followed on by explaining Phreaking Telecoms and Cyber threats to business mobile devices.
Did you know that the UK is now within the TOP 5 Telecom hacking hotspots globally!
Dial Through Fraud (DTF) – Criminals target UK telephone systems remotely, and dial through high volumes of simultaneous international landline and mobile calls across ALL your phone lines until they’re detected.
Premium Rate Fraud – Criminals use access gained to dial premium rate numbers they set-up and own.
Telecom system hacking occurs after working hours or on weekends when detection is least likely…and ALL your telecom lines are NOT in use.
SIP/VoIP Hacking & ‘Denial of Service’ VoIP Attack
You MUST manage the RISK
Hackers can download from the web tools like ‘SIP Vicious‘….specifically designed to attack IP-PBX systems.
If hackers determine the password for your SIP account, they can generate calls from anywhere on the globe by simply changing your rules of acceptable IP addresses to receive calls from.
Fraudulent calls would NOT have to come from the actual IP-PBX.
How can you protect against ISDN, VoIP and SIP fraud
- Telecom Firewalls will cover up to 30 ISDN channels per location.
- VoIP/SIP Firewalls – Configure your existing firewall so it will only allow trafficfrom the outside world through the SIP port you’ve identified.
Mobile devices are an EASY, UNDER-PROTECTED TARGET used to get inside your firm.
What sensitive information is your attacker privy to?
- Access your calendar and know when and who your meetings are with.
- Turn on the Mobile device RECORDING function to listen in on: boardroom meetings, sensitive case discussions…merger/acquisition talks.
- Activate the camera to take pictures or videos
- Read browsing activity and any USER NAMES & PASSWORDS entered into sites.
- Export contact lists with call and text history
- Forward Emails/Texts sent to or from your device.
- Access phone calls and voicemails.
- Track partner and staff…knowing your location at anytime via GPRS.
The 5 Most Common Attacks
- WiFi – Man in the middle (MitM) attacks – Breach of your mobile device happens as you connect to an attackers spoofed WiFi hotspot e.g. Free Costa – Check behind the counter the EXACT NAME of Wifi and password.
- Mobile Remote Access Trojans (M-RATS)
- Zero-Day Attacks
- FAKE Developer and Enterprise Certificates
- Web Browser Viruses
Cyber Security Policies
These are imperative in your workplace NOW.
Management, Directors and Staff will start to take matters into their OWN hands…to help them to do their jobs more efficiently.
- 16% admitted they would install UNSUPPORTED software
- 22% would use a website or Internet-based service that their company doesn’t support
- 35% would buy something with their OWN money if it helped achieve targets
- Put security boundaries in place & a Company Cyber Policy
- Have a Cyber Awareness Training course delivered to staff
- Ensuring they don’t significantly hamper staffs ease of use
- Enable staff to deliver the maximum business value
“The feedback directly after this Cyber Awareness event has been tremendous. It has been without a doubt one of the most interesting and content packed seminars we’ve seen and listened to in recent years.”
Denis Stevenson, Chester & North Wales Law Society
“I found it to be very informative, revealing how easy it can be for third parties to access your technology without your consent, though with suitable work practices and password control potential security breaches can be kept at bay it needs consent review and management. Great event and an eye opener for a Luddite.”
John Staples, Partner, Ingham and Yorke