2|SEC FOUNDER TIM HOLMAN TALKS PHISHING, EMPLOYEES AND THE IMPORTANCE OF MFA
Tim Holman is the President of ISSA-UK, as well as the CEO & Founder at cybersecurity firm 2-Sec. He started out doing OS/2 and LAN Server support for IBM in 1994 and spent a lot of time on online forums both learning and helping others. For those efforts, he was rewarded with the title of Microsoft MVP for Security for 3 years.
That led to a period of pen testing, and working for an anti-DDOS vendor thwarting attacks on online casinos before he took the plunge and founded the firm 2|SEC in 2011.
It’s been a busy decade managing all sorts of threats, although today they are mostly focussed on phishing and ransomware attacks.
We sat down recently with Tim to get a sense of where the industry is at, and how the company is managing the dramatic rise in cybercrime.
Q: Have you noticed an increase in the amount of cybercrime since the pandemic? Why do you think that is?
We’ve definitely seen a rise in phishing emails, whereby recipients are encouraged to click on a link to enter their Office 365 credentials. These attacks work, especially where basic controls such as Multi-Factor Authentication (MFA) have not been enabled.
Once a criminal has access to a victim’s email, they will then focus their efforts to try and find out what organisations they’ve managed to access, and who the key people are within it. If they’ve compromised the email of someone in accounts, then bingo! They start to carefully review conversations, pick up any imminent transactions and send an email asking the recipient to change the destination bank account details. That’s all it takes for a quick win.
it might be £500 or it might be £50,000. We’ve even seen successful fraudulent attacks of this fashion to the tune of £250,000.
Q: How easy is it to recover that money once it’s gone?
The fact of the matter is that these funds can rarely be recovered, and if a firm is negligent by not having MFA enabled, or not training key staff, then insurance policies won’t cover this loss either.
The destination of these funds is rarely going to be a high street bank. It’s pretty easy to set up an online bank account within minutes, using fake ID, which may not give the ability to pull real money out of an ATM, but will often be accompanied with a prepaid credit or debit card. These cards can easily be topped up and spent anywhere.
Criminals are casting their nets far and wide, and are indiscriminate about whom they catch. It’s just business to them.
Q: What are the biggest threats that small businesses in the UK face from cybercrime?
It’s simple, really. The biggest threat is the loss of significant amounts of money to fraudsters from being hit by a ransomware attack.
Q: What should companies do to lessen the risks they face from remote work setups?
First and foremost, enable Multi-Factor Authentication (MFA).
Then ensure that every member of your staff is made aware of the kinds of hacks and attacks that are going on around them, so they remain vigilant and know what they are looking for.
Enable basic security controls, so that staff cannot inadvertently install malware.
Finally, companies must ensure that their machines are patched and all up to date.
Q: Any final thoughts for small businesses who want to start securing their networks properly?
Get in touch with us and let us assess your state of security. I always say that it’s not networks that need securing, it’s people. Any laptops or workstations they use should be set up with zero trust in mind, so that network security becomes irrelevant.