• Home
  • About Us
    • Advent IM – What Makes Us Tick?
    • Downloads
    • Advent IM Media
    • Advent IM News
    • Industry News
    • Certifications and Memberships
    • Vacancies
    • Trusted Partners
    • Useful Links
    • Legal Info
    • Privacy
  • Consultancy
    • Cyber Security
      • GDPR/MyDPO
      • ISO27001
      • ISO27552
      • Data Protection/GDPR
      • Educational Cyber Security
      • Information Risk Management
      • PCI-DSS
      • Cyber Essentials
      • Police Cyber Security
      • NIS Directive/Regulations
      • Supply Chain Assurance
      • MySecurityManager
      • NHS Data Security and Protection toolkit
    • Physical Security
      • Review and Audit
      • Educational Physical Security
    • Business Continuity
  • Training
    • Data Protection/GDPR Training
    • Police Senior Information Risk Owner (SIRO)
    • Police Data Protection/GDPR Training
    • Police Information Asset Owner (IAO)
    • Public Sector Senior Information Risk Owner (SIRO)
    • Public Sector Information Asset Owner (IAO)
    • NIS Directive Training
    • Technical Information Risk Management (TIRM)
    • Bespoke Training
    • Use our Training Facilities
  • Blog
  • Contact Us
    • Press and Media
    • Downloads
  • Home
  • About Us
    • Advent IM – What Makes Us Tick?
    • Downloads
    • Advent IM Media
    • Advent IM News
    • Industry News
    • Certifications and Memberships
    • Vacancies
    • Trusted Partners
    • Useful Links
    • Legal Info
    • Privacy
  • Consultancy
    • Cyber Security
      • GDPR/MyDPO
      • ISO27001
      • ISO27552
      • Data Protection/GDPR
      • Educational Cyber Security
      • Information Risk Management
      • PCI-DSS
      • Cyber Essentials
      • Police Cyber Security
      • NIS Directive/Regulations
      • Supply Chain Assurance
      • MySecurityManager
      • NHS Data Security and Protection toolkit
    • Physical Security
      • Review and Audit
      • Educational Physical Security
    • Business Continuity
  • Training
    • Data Protection/GDPR Training
    • Police Senior Information Risk Owner (SIRO)
    • Police Data Protection/GDPR Training
    • Police Information Asset Owner (IAO)
    • Public Sector Senior Information Risk Owner (SIRO)
    • Public Sector Information Asset Owner (IAO)
    • NIS Directive Training
    • Technical Information Risk Management (TIRM)
    • Bespoke Training
    • Use our Training Facilities
  • Blog
  • Contact Us
    • Press and Media
    • Downloads

CRIME OF OUR GENERATION – A Look at the TalkTalk Breach

A review from Advent IM Security Consultant, Chris Cope.

TalkTalkThe TalkTalk hack has left another major UK business reeling from a cyber attack and customers angry as, once again, there is a possibility that sensitive information is now in the public domain.  The telecommunications company decided to take its own website offline on Wednesday following the presence of unusual traffic, with a ‘Russian Islamist’ hacking group taking responsibility and the Metropolitan Police’s Cyber Crime unit now investigating. Detail on precisely how the attack took place are not yet publicly available, but there are some points that are immediately apparent.

Customer security.  The BBC is reporting that personal information and bank account details may have been stored in an unencrypted format and are now available to hacker groups.  Some TalkTalk customers have complained about hoax communications already; it is likely that this is just the start. Customers will need to rely on Talk Talk to identify precisely which customers are affected, but in the interim they must monitor their bank accounts closely.  Any suspicious activity must be reported to their bank immediately as potential fraud.  When the Talk Talk website becomes accessible again, customers should immediately change their passwords, taking care to avoid passwords which are easily guessable.

Undoubtedly this is the crime of our generation as more and more cyber attacks are reported.  But organisations should not despair, it is perfectly possible to reduce the risk from cyber attack by following the basic security precautions contained with ISO27001.  These can be applied to any organisation, large or small.  From what we know of the attack already, there are some specific controls from that standard which become immediately apparent:

  • Use of encryption. Many networks are designed to be hard on the outside, but soft on the inside.  Once an attacker gain access into the network, they can wreak havoc.  The use of encryption is not the solution to all threats, but encrypting sensitive information is an important consideration.  This will not prevent the initial attack, but the impact of a breach is hugely reduced.  Its also a practical option that the Information Commissioners Office would deem as reasonable, and its absence may be difficult to justify during any follow on investigation.  A good standard of encryption will make personal data unreadable to an attacker and at the very least will buy time for customers to make any changes to their account information they deem necessary.
  • In February of this year, TalkTalk reported that a third-party contractor, based in India, that had legitimate access to its customer accounts had been involved in a data breach.  The use of suppliers is wide spread and many organisations now off-shore certain practices for sound business reasons.  But, devolving the process does not devolve the responsibility and organisations must make sure that their suppliers follow a suitable set of security controls that is consistent with their own.  Included in this suit of controls relating to suppliers is the right to audit supplier activities and a linked up incident management reporting structure.  As further details on this incident emerge, it will be intriguing to discover how much Talk Talk knew of that incident and what steps they took to prevent follow on attacks against their own network.  No matter how secure a network may be, authorised connections from trusted third parties remain a very attractive exploit and they must be managed accordingly.
  • The use of defensive monitoring will not prevent an attack, but it can help to radically reduce the impact.  TalkTalk took the decision to take their services off line following the detection of unusual behaviour within their network. This is a brave call and how much that will cost them in terms of financial or reputational impact is yet to be established.  However, just how much worse could it have been without such monitoring?  What if the first indication of the attack was when personal information was being publicly sold, and exploited?  There is a cost to effective defensive monitoring, but it is a cost often worth paying in order to lessen the eventual impact of a breach.

As the list of cyber attacks in 2015 grows again, and shows no sign of tailing off any time soon, organisations must look to their own defenses.  The threat is varied and very real.  Cyber Crime is here to stay, but why make it easy for criminals to succeed?  There are steps that can be taken to reduce the risks of compromise and the impact following an incident.  Customers are now expecting higher levels of cyber security, if organisations wish to maintain their reputation, they should look to deliver it.

Share this:

  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to share on Pinterest (Opens in new window)
  • Click to email this to a friend (Opens in new window)
  • More
  • Click to print (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Tumblr (Opens in new window)
  • Click to share on Pocket (Opens in new window)
  • Click to share on Skype (Opens in new window)
  • Posted by Ellie Hurst
  • On 23rd October 2015
  • 0 Comments
Tags: cyberattack, cybercrime, data breach, hack, Metropolitan police, TalkTalk, unencrypted

0 Comments

Content Search
Blog Categories
Post Tags
advent advent calendar advent IM business business continuity christmas CNI cyber attack cybercrime cyber crime cyber security cyber threat data breach data protection data protection act data security Ellie Hurst GDPR hack hackers hacking HMG ICO IFSEC information security Infosec Insider threat ISO27001 IT security Julia McCarron malware Mike Gillespie NCSC passwords phishing physical security privacy ransomware resilience risk management Security security tips surveillance camera commissioner Tony Porter training vulnerabilities
Blog Archive

Get Safe Online Week - Our Contribution

Aviva 2nd Data Breach

Scroll
Advent IM Limited

Advent IM is the UK’s leading independent information security and physical security consultancy.

We specialise in holistic security management solutions and have a proven track record of successful certifications.

Privacy Information

Legal Information

Latest Blog Posts
  • Solutions for yesterday’s DPD19 Crossword puzzle…
  • Top of the Breach – Data Protection Day – Top 5 Cyber Causes
  • Mike’s Medicine Show…a cautionary Data Protection Day tale…
  • New Crossword for Data Protection Day 2019
Our Tweets
  • Managing the physical protection of records is part of #dataprotection how good is your business at this… https://t.co/iy5E6PMiy418th February 2019 - 4:54 pm
  • If you need guidance through the process of gaining certification to the UK Government’s #CyberEssentials Scheme, t… https://t.co/hFOFXsU1D918th February 2019 - 4:50 pm
KEEP IN TOUCH…

Your Email (required)

Head Office: 0121 559 6699
London Office: 0207 100 1124
Email: bestpractice@advent-im.co.uk

Copyright @ 2016 Advent IM Limited.

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.