The pandemic has brought many challenges, including the digital transformation that caused the attack surface for cybercriminals to increase.
Various threats have emerged during the pandemic – while they were present before, the attack surface has increased. Whether it’s data breaches, ransomware, or other types of attacks – they can have major consequences to a company, including financial and reputational.
Fortunately, various cybersecurity tools exist, including managed IT services, that can be implemented.
That’s why we invited Jonathan Adams, the Territory Manager for cybersecurity at LoughTec – a company that offers cybersecurity and managed IT services.
Let’s go back to the very beginning. What has the journey been like since your launch in 2006?
That’s a great question! Back in 2006, LoughTec was created to support local Irish organizations with IT support, as a Managed Service Provider (MSP). Over the years, the business has grown and tilted to accommodate the opportunities that came with that. These included adding a Secure Remote Access solution to cater for working from home use cases – way before it became very popular during Covid!
In the last 6-7 years, we have added a cybersecurity arm to our business, where we offer very specific solutions to very specific problems – such as safely ingesting file types from USB Pens or Web Applications, removing excess admin rights from endpoints before adding them back through a Just-In-Time-Access model and our Managed Security Operations Center. We have been blessed to work with wonderful customers such as Landsbankinn, BidX1, and a leading EMEA-based public sector client.
The journey has been challenging but always rewarding and part of the excitement that motivates the team every day is seeing how the world and technology adapt – as technology is certainly not the same as it was 1 year ago, let alone in 2006!
Can you introduce us to what you do? What challenges do you help navigate?
So, I’m Jonathan Adams, the Territory Manager for cybersecurity at LoughTec, and my main role is to engage, help, and ultimately bring in wonderful new customers for us to work with long-term. I also manage our current customers, ensuring they are happy with the service and are fully utilizing our cybersecurity solutions to get the best from them.
The challenges I navigate for our customers are very specific and often very niche use cases, such as being able to safely ingest files on portable media devices, such as USB Pens or even floppy discs, into very secure networks like an offshore oil rig or nuclear power plant. Or it can be giving general best practice advice, such as basic cyber hygiene, staff awareness training suggestions, and disaster recovery advice.
What I really like about cybersecurity is that no two days are the same, especially with all the new threats discovered on a daily basis – so this is also a daily challenge that I help navigate. Who knows what challenges are next to come!
What cyber threats affecting organizations do you find the most concerning at the moment?
Where do I start! With the obvious colossal issues ongoing at the moment, the most concerning threats I see impacting organizations is the potential spillover of cybersecurity attacks from the Russia & Ukraine crisis, in addition to the general year on year increase in cyberattacks in general. For threat actors, the rewards are higher than other crimes and the risks are less.
Specifically, the main types of cyber threats that I feel are concerning for organizations are:
- Malware, such as ransomware, where threat actors encrypt your data and threaten to publish it online unless you pay a large ransom, and Spyware, which collects users’ information, which is then used for blackmailing purposes.
- Phishing – the old classic. Email phishing is the most popular and easiest way to launch a cyberattack. 94% of malware is delivered through the inbox, via malicious emails!
- Denial-of-Service (DOS) Attack – DoS attacks work by flooding systems, servers, and/or networks with traffic to overload resources and bandwidth. The result is rendering the system unable to process and fulfill legitimate requests.
- Zero-day Exploit – a Zero-day Exploit refers to exploiting a network vulnerability when it is new and recently announced before a patch is released and/or implemented. Zero-day attackers jump at the disclosed vulnerability in the small window of time where no solution/preventative measures exist.
The wide range of threats doesn’t make the lives of the IT Security Teams any easier!
How do you think the recent global events affect cybersecurity as a whole?
The ongoing crises have been one of the first occasions we have seen cyber security as an equally important attack vector compared to soldiers and tanks. Intelligence has found that Russia has initiated cyberwarfare techniques against Ukraine as military engagement escalates. Examples include:
- Malware – new malware dubbed WhisperGate requests a ransom payment and destroys files even if the ransom is paid.
- Distributed Denial-of-Service (DDoS) attacks – targets include Ukraine’s armed forces, defense ministry, public radio, and two large banks. Several vital services were turned offline, and people were unable to access their bank accounts, use mobile apps, or issue online payments. Many suspect a potential attack on the Ukrainian power grid, as was executed during the 2015 Russian invasion of Ukraine.
As mentioned, my concern is threats like these will spill over into businesses outside of the conflict, as ‘retaliation’ against some of the sanctions imposed on Russia. I feel this can then spiral out of control as there have been reports that Russia will use cyberattacks to help fund its military effort. This situation is grave and concerning – my advice is to remain vigilant and to conduct a thorough review of your cybersecurity posture. As I always say, do the simple things right, as these go a long way in protecting you!
Many companies have recently chosen cloud solutions as a way to enhance security. Are there any details that might be overlooked when making the switch?
Cloud security is a very attractive proposition, as it’s cost-efficient and very scalable – therefore a good fit for many organizations. However, numerous risks can be overlooked, including:
- Security and privacy in the Cloud – for most businesses, security is the principal issue when it comes to cloud computing. By using remote infrastructure, a company fundamentally gives away their private data and information to someone else – things that might be sensitive and confidential. It is up to the cloud service provider to protect and retain that data. This makes it extremely important to spend a little more and get a trusted and reliable cloud provider. On a similar note, privacy in the cloud becomes a potential issue. Companies need to entrust their cloud service providers with their data, and trust that they will keep it away from unauthorized users.
- Dependent on an Internet Connection – a big concern for businesses is that the whole cloud setup is dependent on Internet access. So, if your network fails or you have connectivity problems, it will put a quick stop to the operation of your business.
- Vulnerability – cloud-based solutions work through the public Internet, and thus are more vulnerable targets for hackers. As we have learned from the past, nothing placed on the Internet is 100% secure. Even large companies and government agencies have been the victims of attacks.
Why do you think certain companies are unaware of the dangers hiding in their own networks?
Personally, I think companies are unaware of dangers within their own network simply because they do not have the correct tools to identify all the known and unknown threats, or skillset to utilize them. Cybersecurity experts are in short supply, so a lot of companies do not have the team in place to discover the threats, let alone mitigate/remove them.
I also think some companies are aware of the threats and dangers, but simply do not feel these are important or worth preventing, so do not invest in IT Security. These are the companies that get hacked and ransomed.
In my opinion, unless they are a massive global company with 100s of IT Security staff, a business should always outsource their IT Security to an expert who has the tools and skillset to properly protect a network. I’m a firm believer in knowing when to ask for help, but sadly, we see a lot of companies suffer due to the fact they feel they know their network and everything on it.
In your opinion, what are the key security principles a company should stand by when it comes to the remote workforce?
I am a big believer in remote working; however, I am also an even bigger believer in the threats it poses! A strong remote security policy is critical to daily operations and network resilience. Here are some suggestions companies can take to protect themselves from remote threats:
- MIGRATE YOUR BUSINESS APPLICATIONS TO THE CLOUD. Cloud applications like Office 365 and QuickBooks Online offer 24/7 access. They include updated security features that are compliant with industry regulations.
- REQUIRE EMPLOYEES TO CONNECT OVER VPNS. Virtual private networks, or VPNs, are similar to firewalls. They are one of the most popular security tools for remote workers because they protect laptop data online while retaining the same security, functionality, and appearance as if they were within the company network.
- INSTALL MULTI-FACTOR AUTHENTICATION. Many businesses resist instituting multi-factor authentication because, honestly, it’s a hassle. Waiting for an authentication code is a step many people would rather not take. However, this one practice is remarkably effective in preventing security breaches.
- IMPLEMENT BYOD/MDM POLICIES. Enforcing BYOD (bring your own device) and MDM (mobile device management) policies protect users from a range of attacks.
- USE PASSWORD MANAGERS. Require employees to use encrypted password software to ensure password safety.
- TRAIN EMPLOYEES ON BEST PRACTICES. Create clear security guidelines for your employees so they understand how to protect themselves and their data.
Talking about average Internet users, what personal security measures do you think everyone should incorporate into their daily lives?
This is a great question, no matter how technology moves on, the user will always play an integral role in IT Security. To be safe in your personal life, my recommendations are:
- If something doesn’t look right, don’t click on it. If you don’t know the sender, don’t click. Always think before you click!
- Use an email filter
- Use a high-quality antivirus tool
- Use MFA
- Think before logging onto unsecured wifi – do you really need to use it?
- Back up your data regularly!
These tips will not protect you from all cyber threats, but they will go a long way in helping you protect yourself and ensure you aren’t an easy target. Always do the simple things correctly!
Would you like to share what’s next for LoughTec?
Both the short and long term for LoughTec include significant growth! With having the pleasure of onboarding some wonderful new customers, such as leading Oil and Gas organizations, a leading EMEA Insurance company and a global Pharma giant, we are also expanding our presence in Ireland more and more every day, which has allowed us to grow our team, which is very exciting!
This has also allowed us to further grow our skill set by continually searching for new solutions that can add value to our customers. So, watch this space for some exciting new releases in the future! If you would like to reach out regarding anything cybersecurity-related, please feel free to connect on LinkedIn, drop me an email, or give me a call (M:+44 (0) 7775 826 874).