An IT Support Blog from London

DDoS attacks are typically designed to inundate servers and entire networks by consuming computing resources through large volumes of traffic, connections, or requests. And so, because cloud infrastructures are assumed to be backed by a large assemblage of such resources, many people believe their servers are less susceptible to these types of attacks if they’re hosted in the cloud. But that’s not entirely true.

If your servers are hosted in a multitenant environment along with a bunch of other servers belonging to other organisations (which is usually the case in a public cloud), your servers could be at risk of collateral damage. If those other servers (note: not yours) are bombarded by a DDoS attack and your cloud service provider (CSP) attempts to absorb the attack, your own servers, which share the same underlying infrastructure with those other servers, could also suffer.

Love it or hate it, IT departments cannot prevent users from engaging with Wi-Fi networks; the convenience factor is simply too high. The IT security risks are real, however, whether your users are roaming – or using Wi-Fi where you have some control over internet security, such as the office space. It is also an evolving threat, with the gold standard of Wi-Fi security, WPA2, losing its shine. In this article, we discuss the next generation of Wi-Fi security, WPA3, and the measures you should currently be taking to boost your company’s Wi-Fi security.

With the losses associated to cybercrime expected to hit around $6 trillion by 2021, security has become a top priority of many businesses. These companies diligently implement compliance initiatives in hopes that they can ensure security within their organisations. But here’s the thing: achieving compliance doesn’t necessarily mean that your business is fundamentally secure.

Last year, Verizon published a report that revealed a major eye-opener regarding compliance. According to that report, 45% of PCI DSS certified customers needed remediation. Meaning that these businesses still needed to improve their security controls in order to be considered secure as per PCI DSS.

It’s important to note that these businesses actually already passed a previous compliance audit. In fact, they were certified to be fully PCI DSS compliant. In other words, they had already spent a considerable amount of time, attention, and money establishing IT security controls that met PCI DSS requirements.

The cyber threat landscape continues to evolve and in order to maximise your cyber security budgets and position resources where they are most needed, you need to know what threats are most likely to make an impact in the near future. To help you, we’ve put together a list of what we believe are going to be the top 4 cyber threats in the UK. 

Let’s say you’ve already invested a fortune on network security. How do you determine that investment’s effectiveness in preventing a data leak or withstanding a deliberate cyber attack? Your best option would be to conduct a penetration test or pen test.

Technology expenditure is usually taken on in a reluctant manner: few businesses rush forward with adopting the latest technologies, instead deferring IT expenditure for as long as they can. Whether it is updating on-premise servers, migrating to the cloud or overhauling a creaking website – management teams tend to delay spending the funds for as long as possible. But is this wise? Are there hidden costs to squeezing the last bit of usage out of outdated technology?

Of all the types of malware wreaking havoc these days, one clearly stands out - Ransomware. This troublesome malware appears to be gaining a lot of fans in the cybercrime community and has, in turn, caused considerable stretches of downtime on a large number of organisations.

It is without question a risky affair: allowing employees to use their personal devices to access your network and valuable, often confidential company data. Yet despite the risks BYOD (bring your own device) marches on and companies and organisations around the world are adopting tactics and technologies to make it work.

There used to be a time when it was relatively easier to prevent malware from infecting our systems. We’d install an antivirus, keep its database updated, and equip end users with a laundry list of things to avoid - like suspicious email attachments and unfamiliar websites. Today, drive by downloads are making malware avoidance a more challenging task.

A drive-by download is a malware infection procedure that doesn’t require the user to download anything or even click a link. For his/her system to get infected, the user only has to visit a site that’s been compromised. The infection process then takes place behind the scenes, without the user ever noticing anything unusual.

In the wake of Brexit, it seems like there has never been a more important time to attract businesses to the UK. There are still plenty of reasons for multinationals to set up shop here. While it has experienced setbacks in recent times, London has retained its status as one of the world's financial hubs. We also have the fifth largest economy in the world according to GDP (Nominal), and despite the current uncertainty, there are still solid strategic reasons for companies basing themselves in the UK.