The latest Notifiable Data Breaches Quarterly Statistics Report confirms that Australian legal practices are at risk of cybercrime with phishing as the main threat.
This research report demonstrates how domain name abandonment poses a significant cyber threat to the legal profession and other businesses. This report also makes recommendations as to measures legal practices and other businesses can take to stop this threat.
The recent media reports of fraud against conveyancing practices suggest that professionals should be taking measures for protecting their businesses from cyber attacks. Cybercriminals primarily rely on an email-based attack know as phishing to help commit payment redirection fraud.
Malicious actors operate command-and-control (C&C/C2) servers to interact with their victims’ computers. These C2 servers are intended to instruct the compromised PCs to do undesired things, such as stealing the user’s passwords, encrypting the files for ransom or attacking other computers on the network.
We learned from the previous article that SOCs/Incident Response teams should be looking for threats that represent high-level risks to the normal business activities.
We know the who, but how can we define what needs to be protected?
Assume your company has over a thousand business applications. They are hosted in multiple data centres as well as in the cloud. There are Windows and Linux hosts, and many of these are not patched of course. On top of that, nobody knows who owns them.
The following article cuts through this complexity and explains a simple approach.