Lessons learnt from cyber attacks

Lessons learnt from cyber attacks

Communication about cyber attacks emerged as another key theme in the panel discussion. The SingHealth data breach underlined the need for early and accurate communication with key stakeholders, said Fong.

“The public was informed of the SingHealth data breach a mere 10 days after the incident was reported [to Singapore’s Cyber Security Agency],” she said. “Within that time, we had a team on site helping SingHealth contain the incident and reconstruct the attack and figure out exactly what data was exfiltrated so that we could confirm that no medical records were modified or deleted.

Advertisement
ZoneAlarm Extreme Security

“We had to balance the need for speedy communications with the need to manage the crisis at hand and get the facts right.”

Another important thing to remember, said Hudson, is that communication is not just about the media when an attack or breach goes public.

“It has to be in the very widest sense of comms, so it is also about internal comms to keep staff informed and potentially comms with regulators, people affected by the breach and suppliers,” she said. “You need to know up-front how you are going to communicate with them.”

Hudson said comms within organisations also have an important role in bridging the various communities of stakeholders. “They need to be continually asking questions to ensure that there is a common understanding of what is going on and who is affected, that everything that goes out is consistent and makes sense, and that everyone involved is on the same page.”

In terms of communicating with the media about a cyber incident, Hudson encouraged organisations to contact the NCSC for support. “The NCSC can be a bridge between an organisation dealing with an incident and the media,” she said, adding that if it is a cyber attack, by involving the NCSC, the agency can work with organisations not only to get messages out to the media, but also to mitigate the effect of attacks and translate incidents into what needs to be done and who needs to know.

“We will work with you as a trusted adviser,” she said.

In the wake of the SingHealth breach, said Fong, investigators were able to reconstruct the attack and see what had happened fairly quickly thanks to good, comprehensive data logs. “We were really fortunate because we had good logs for the SingHealth database,” she said.

“It may seem a very straightforward point, but it is non-trivial. I cannot over-emphasise that the database logs helped the investigation team a great deal. Good housekeeping augments incident response.”

Advertisement
Daily Steals Up to 95% Off!

The availability of good data is one of the main challenges faced by cyber security incident responders, said Ollie Whitehouse, chief technical officer at NCC Group.

“The availability of good logs in a timely fashion is critical,” he said. “But there are many organisations that cannot give you visibility into their estate and what has happened – and that really frustrates the investigation.”

The second common challenge, said Whitehouse, is the inability of organisations to respond to an incident, such as being able to lock things down quickly.

“And the third challenge is the supply chain,” he said, “especially where there are contractual limitations where you need help from a supplier, either in giving clients logs in a timely fashion or in allowing third parties such as incident response firms access to their systems in order to protect the larger entity.

“Addressing just these three problems will enable organisations to have a far more effective response. This is particularly when things come to light weeks, months and even years later because the inability to go back in time due to the lack of data leaves many questions unanswered, and this can be very frustrating when you have got to report to regulators or shareholders.”

#cyberattacks

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

back to top

Popular Cyber News

Top Tips to Protect Your Business Against Social Media Mistakes

Top Tips to Protect Your Business Against Social Media Mistakes

11 May, 2019

Don't let social media become the go-to platform for cybercriminals looking to steal sensitive corporate information or ...

Study Shows Extent of Cyber Risk

Study Shows Extent of Cyber Risk

10 May, 2019

A new study shows SMBs face greater security exposure, but large companies still support vulnerable systems as well. ...

How to Secure your Azure Storage accounts

How to Secure your Azure Storage accounts

14 May, 2019

Enterprise data is growing exponentially and becoming more complicated, making it harder to manage, and an even bigger c...

Vodafone is Challenging Huawei Report of Telnet 'Backdoor'

Vodafone is Challenging Huawei Report of Telnet 'Backdoor'

01 May, 2019

Vodafone is challenging a Bloomberg report that security vulnerabilities and backdoors within Huawei networking equipmen...

Malware: Doesn't need to be new to cause serious damage

Malware: Doesn't need to be new to cause serious damage

05 May, 2019

The good news is: The development of new malware exploits has slowed significantly.

Microsoft adds Plug and Play to IoT

Microsoft adds Plug and Play to IoT

03 May, 2019

Microsoft just announced that it wants to add the advantages of Plug and Play, which allows you to plug virtually any pe...

Twitch streamers take action to secure their accounts against hacks

Twitch streamers take action to secure their accounts against hacks

30 April, 2019

Twitch has an account hacking problem.

Over 22 billion IoT devices are out there

Over 22 billion IoT devices are out there

20 May, 2019

Enterprise Internet of Things (IoT) remains the leading segment, accounting for more than half of the market, with mobil...

Todays Cloud Security

Todays Cloud Security

06 May, 2019

Enterprise cloud security is making real progress, however emerging technologies call for security teams to keep up with...

Categories

Home Tech Reviews UK

Mobile Tech Reviews UK

×

Sign up to keep in touch!

Be the first to hear th latest Cyber and Tech News straight to your mailbox.

Check out our Privacy Policy & Terms of use
You can unsubscribe from email list at any time