Working remotely, home schooling and the launch of many small businesses has given cyber criminals a new playground to embrace. But our Remote Vulnerability Assessment service can help in identifying weaknesses that might be used to help cyber criminals carry out successful attacks.
What type of information can cyber criminals exploit?
Late last year, a school payment system Wisepay, that allows parents to pay for things like school meals and exam fees online was targeted in a cyber attack. The attack led to parents being warned that their card details may have been compromised.
Wisepay said a hack of its website meant an attacker was able to harvest payment details between 2 and 5 October via a spoof page.
Attempted payments to about 300 schools have been affected by the scam.
But the firm said only a small number of the pupils' parents would have used its system before it was taken offline.
This is an example of where the Remote Vulnerability Assessment system would have been able to identify possible weaknesses that cyber criminals would have been able to exploit.
How does the Remote Vulnerability Assessment work?
Whether you are a school, retail business, legal firm or construction company, if you use and are connected to the internet then you may well be open vulnerabilities that you are not aware of. If your business is connected to the internet, this service can help you to identify weaknesses in that connection.
A remote vulnerability assessment is the digital version of a prospective burglar visiting your property to assess where your access points are. Instead of physically viewing your property, we can remotely look at your digital space to see where those points of entry would be for cyber criminals.
To identify where those access points are, we use the same toolsets and skillsets that hackers use to look at your businesses network and infrastructure. This service also benefits from regional Police and National Cyber Security Centre intelligence to capture the very latest known threats and techniques used by cyber criminals.
Once we have identified points and any other vulnerabilities, we provide recommendations and mitigations to tackle the identified vulnerability, so that you can take action to reduce your risk of suffering a cyber-attack as a result of this vulnerability.
During the work, the interaction with your systems is kept to a minimum, however there is always a risk that poorly maintained or designed systems can suffer outages during vulnerability assessments. That is why all remote vulnerability assessments are supported with back-out and recovery plans agreed in advance to minimise risk.
Find out more or request a quote for this service here.
I would like a full penetration test of my systems, can the SECRC help me with this?
We are able to recommend our IASME Trusted Partners network to provide additional services such as a full penetration test.
Our Trusted Partners have been subject to due diligence checks by the accreditation body appointed by the National Cyber Security Centre, the UK’s National Technical Authority who are a part of GCHQ. They are also certification bodies for Cyber Essentials and Cyber Essentials Plus schemes which assure you have considered the most common cyber technical controls.
Learn more about our Trusted Partners here.