Cyber Essentials – what are the five key controls which protect businesses from 80% of common cyber threats
Cyber Essentials is a government backed scheme. It is designed to be a first step to help organisations to protect themselves from 80% of the most common internet threats. It covers five important controls areas. What are ‘the most common internet threats’ and how can the five Cyber Essentials controls help protect your business against them?
What are the most common internet threats?
First we shall look at who may be trying to attack you and why. Companies, especially in the South West, may consider themselves to be at low risk from cyber attacks. We need to understand that many common threats come from opportunists who can be located anywhere in the world. These include:
- Cyber criminals – motivated by money through selling information they have stolen, or through fraud or extortion
- Hackers – people who try to access your systems for the fun or challenge. Not necessarily highly skilled.
- Employees – have legitimate access to your systems and could be a threat either accidentally or through deliberate misuse.
Other attacks could be from:
- Industrial competitors and foreign intelligence services – gaining access to your systems and information to help them gain a competitive advantage or economic gain
- Hacktivists – those who target companies for idealogical or political motives.
How are the most common attacks carried out?
There are readily available tools on the internet which allows you to scan for vulnerabilities which can be exploited. This is similar to a thief doing a survey of a neighbourhood to look for the best opportunities, unlocked doors, open windows, empty properties, no alarm systems etc. Most attacks start with a survey to look for weaknesses.
Other surveys could be through looking at social media accounts such as Facebook and LinkedIn to pick up clues such as easily guessed user names and passwords and may be more targeted.
Many attacks are aimed to target as many devices, services or users as possible by using the ‘openness’ of the internet. Attacks such as these will use emails designed to trick users to visit a fake website, download malicious code etc.
The five areas that Cyber Essentials helps to protect:
If a criminal uses bespoke tools that he has created to gain access then Cyber Essentials will not be adequate to protect your systems, but for the more common and freely available tools it is a great starting point. It covers the following key areas:
Boundary Firewalls and internet gateways.
These are effectively how you protect your perimeter. So for the thief carrying out his survey, they will be the locked doors and closed windows requiring more effort to get around to gain access. Boundary firewalls and internet gateways determine who has permission to access your system from the internet and allows you to control where your users can go.
This reduces the functionality of each computer or device to the minimum required for that user to operate. This will help prevent unauthorised actions being carried out. It also ensures each device discloses only the minimum information about themselves to internet. A scan can reveal opportunities for exploitation through insecure configuration.
It is important to restrict access to a minimum. This is to prevent a hacker being presented with a series of unlocked doors allowing him access to all the information he is looking for.
Administrator rights are the Holy Grail for a hacker. Once he has possession of these he can effectively go everywhere and has full control. Administrator rights should be restricted for only administrator actions. Convenience sometimes results in many users having administrator rights and therefore creates opportunities for exploitation.
It is important to protect your business from malicious software which will seek to access files on your system. Once there software can access and steal confidential information, damage files or even lock them and prevent you accessing them unless you pay a ransom. Malware protection helps to identify and prevent/remove any potential threats from malicious software.
Cyber criminals often exploit widely known vulnerabilities in software or operating systems to gain access. These could be through poorly designed software which have known weaknesses. Updating software and operating systems will help to fix any of these known weaknesses. It is crucial to do this as quickly as possible to close down any opportunities which could be used to gain access.
Who is Cyber Essentials for?
Devon and Cornwall Police identify Cyber Essentials as a good first step all businesses can take to protect themselves against these common threats and to help to reduce cybercrime
Cyber Essentials is for all organisations, of all sizes, and in all sectors – we encourage all to adopt the requirements as appropriate to their business. This is not limited to companies in the private sector, but is also applicable to universities, charities, and public sector organisations.
Devon and Cornwall Police