News

This site uses cookies and similar technologies.

If you do not change browser settings, you agree to it. Learn more

I understand
You are here: Fraud and Cybercrime

Fraud and Cybercrime

Rate this item
(0 votes)

 Fraud and Cybercrime

Article 1 - Required Terminology

Introduction

According to Symantec, there were over 1 million web based attacks, against people, per day, in 2015. Business that suffered attacks, of whatever type, were likely to be targeted at least three more times. Business employees were particularly at risk and the threat of targeted attacks on them, are expected to increase dramatically, in 2016. As RedDrum know only too well, Ransomware attacks on businesses increased by 35%, in 2015.

https://www.symantec.com/security-center/threat-report

The reality is that you or your business will suffer from Cybercrime, today, tomorrow, next week. Who knows? The attack may already have happened and you could be mid way through a complicated fraud, that you currently know nothing about. A RedDrum client recently lost $150,000 dollars, in a sophisticated sting, that they knew nothing about, until it was too late. The client had to sell his house to cover the loss. The Police can’t help you. If it comes to the stage or reporting it to the Police, it is too late. Act now. Simple personal safety advice is available online. Google Safety Centre, is a good resource.

https://www.google.com/safetycenter/everyone/cybercrime/

Businesses need proper, professionally managed networks. Without such professional support, Cybercrime is not so much a risk, more of an inevitability.

The Modern Business Environment

In this, the first of a series of articles on Fraud and Cybercrime, basic terminology relating to Information Technology (IT) in the modern business environment, will be introduced to provide a simple guide to a very complex subject. Further articles in the series will advise on the best requirements for a secure computer network, discuss attacks that RedDrum clients have suffered and provide advice on how to combine technology, business processes and the human element, to best protect your business.

If your business hasn’t yet suffered from a cybercrime attack, it will do. RedDrum IT have about 15 clients that they work with, very closely. The firewalls at each of those businesses, log every attempt to penetrate the network. Every day hundreds, if not thousands of attempted attacks are reported. Even with the very sophisticated defences that we provide our clients with, several have still suffered losses, unfortunately, mostly attributable to the clients themselves.

Just to clarify what an attack is, it isn’t an individual sitting down at a computer, trying to write computer code to allow it to penetrate a computer network. It is numerous computers around the world that have been programmed to continually probe any computer/network/router that they contact, to see if they exploit any weaknesses that they can find that will let them onto a network. Many of the computers that are involved in these attacks have previously been compromised themselves and their owners probably are not aware of what the computers are being used for.

It is recognized that this is perhaps a little difficult to comprehend. Often, a visual aid can help the process of understanding. Have a look at any of these sites, supplied by virus protection companies, which show attacks taking place, in real time.

https://threatmap.checkpoint.com/ThreatPortal/livemap.html
http://map.norsecorp.com/#/
https://www.fireeye.com/cyber-map/threat-map.html


Terminology

Network

A computer network is any number of computers that are joined together, in a single place. This is normally called a Local Area Network (LAN). Most offices would have a LAN, with a server controlling access to the LAN and other facilities, such as file sharing etc. and a router providing access to the Internet, for the LAN. Some LANs do not have servers controlling them but there would normally be a router somewhere, providing Internet access. Those Mac users amongst us, often operate in this fashion.

Where companies have multiple offices, buildings or workplaces, they may have a Wide Area Network (WAN). A WAN is normally a collection of LANs joined together by routers or firewalls via high speed connections, such as leased lines. Large corporations may have numerous sites in cities, in various countries, joined together in a Metropolitan Area Network (MAN). All of these different types of network just vary in size, number of sites and locations. The basic elements of control, detailed below, still apply.

The modern computer network is moving towards a virtual environment, where servers are not based in a particular office that belongs to a company, but are in the ‘cloud’.

Firewall

A firewall, sometimes now known as a Security Appliance, or something similar, sits on the edge of a network, normally between a router and the network, being connected to both. In smaller networks, the router may actually perform as a firewall, or vice versa. The role of a firewall very much depends upon its capabilities, but essentially it is there to stop any computer, person or device gaining access to a network, that shouldn’t be able to gain access. This includes viruses, cyber attacks, and any other type of unauthorised activity. Generally speaking, firewalls are constantly updated with the latest information regarding attacks, current viruses and other illegal activity, to enable them to filter out any unwanted visitors.

Firewalls can also be used to determine which websites users on a particular network are allowed to visit, whether external users can access a network and to report on all activity, on a network. Further, firewalls can be used to create a secure Virtual Private Network (VPN) between other firewalls or other external computers. There are some very sophisticated uses of a firewall, such as the prevention of any machine/device gaining access to a network, that is unknown to the firewall.

Server

A dedicated computer, generally more powerful than an ordinary computer that has a Server Operating System installed upon it. Examples include Windows Server 2012, Linux Red Hat and Apple OS X Server. A computer on a server controlled network is normally known as a client. A server will contain a list of the computers on a network together with usernames and passwords, for users on the network. A client then logs into a network, using a computer, username and password that are known to the server.

A server will, depending upon access permissions for a particular user or group, then provide appropriate access to shared folders, programs etc. on a network or on the server. Computers or users that are not registered with a server may still be able to gain access to a network and to the Internet etc., depending upon how the server/router are configured, but they wouldn’t be able to gain access to any server supplied facilities.

Router

All of us probably have one of these at home, which performs the function of connecting our home network to an Internet Service Provider’s (ISP) network. Examples of these ISPs include BT, Virgin, TalkTalk etc. The username and password provided by the ISP is entered into a router which then allows it to connect to the ISPs network, to provide Internet access to a home or other network. Essentially, a router is a go between, connected to two networks, that once connected, allows data to pass between two networks. Normal examples of data transfer include Internet access and email traffic.

The role of a router in a business network is essentially the same as in a home network, but a business based router would normally have many more features and may provide a firewall, site connectivity and other services, when configured to do so.

View Fraud and Cybercrime Part 2
View Fraud and Cybercrime Part 3
View Fraud and Cybercrime Part 4
View Fraud and Cybercrime Part 5

Alun Griffiths

Alun Griffiths Contractors

When we started working with Alun Griffiths, one of the largest privately owned civil engineering contractors in the country, we were keen to find…
Fraud and Cybercrime

Fraud and Cybercrime

Article 3 - Current Cybercrimes - SpearPhishingIntroduction In the 1960’s criminals were much more visible. They would dress up in balaclavas, carry…
Fraud and Cybercrime

Fraud and Cybercrime

Article 4 – Current Cybercrimes - RansomwareIntroduction Fortunately, for most of us that live in Western liberal democracies, the threat of being…
Fraud and Cybercrime

Fraud and Cybercrime

Article 1 - Required TerminologyIntroductionAccording to Symantec, there were over 1 million web based attacks, against people, per day, in 2015.…
Gwyn George Partnership

Gwyn George Partnership

Gwyn George Partnership (GGP) are a well-known Welsh law firm who offer their services throughout Wales, across their four different locations. One…
Ikaros Solar

WElink

Founded in 2007, the WElink Group is a specialised renewable energy company with extensive experience of solar project development and the design…
Dragons Rugby

Dragons Rugby

Although we have no favourite clients, The Dragons are definitely a great organisation to work with. Their belief in what we do, and their…
Cardiff City Football Club

Cardiff City Football Club

Cardiff City FC is perhaps one of RedDrum’s most well known clients. Certainly, Cardiff City FC is one of the most famous clubs in Wales, but they…
Fraud and Cybercrime

Fraud and Cybercrime

Article 5 - Manage the Threats to your Business Introduction Having worked with and advised many, many clients, across a wide range of Public and…
Fraud and Cybercrime

Fraud and Cybercrime

Article 2 - Technical Requirements of a Computer NetworkIntroduction The problem that most businesses face is that they do not have access to…
Caradog Hotel Group

Caradog Hotel Group

Another area of expertise that RedDrum IT has is creating IT business management solutions for hotel groups. Since we began working with Caradog…