Part of TechUK Cyber Security Week
David Holman, Director of Armour Comms explains why an independent secure comms channel is particularly crucial when recovering from a cyber attack
Cyber threats are wide ranging
Every enterprise, great or small; every public sector organisation, national or local has sensitive information crucial to operations. It is imperative that this is protected. From customer lists, to employee data, corporate intellectual property and commercial secrets, a cyber breach could prove catastrophic.
The UK Government’s Cyber Security Breaches Survey 2022 updated in July provides a snapshot of the cyber threats faced by UK organisations each year. 39% of organisations identified a cyber attack, and of these 83% were phishing attempts. One fifth were sophisticated attacks including denial of service (DDOS), malware, ransomware etc. A third of businesses are attacked every week. One ray of sunshine is that 80% of boards recognise that cyber security is an important issue.
Are your communications about attacks secure?
Secure mobile communications play an increasingly important role in protecting sensitive data every day. Less well understood is their role in effectively responding to, and recovering from, cyber attacks. It is imperative that a secure comms channel can be used for the organisation to communicate without the hackers potentially eavesdropping. Don’t rely on the very channels that have just been hacked, because your adversaries will be monitoring them.
Are the hackers listening in?
It is very common when hackers have compromised a system for them to watch for the responses from the IT resources tasked with countering their attack. Typically this includes monitoring and subverting any communications channels the IT team are using, including voice calls, email or messaging apps. It is not unusual for hackers to send spoof messages to try to assess just how well the IT team understands the nature of the attack, to capture updated passwords or other changes to security, and prevent key security messages from being delivered.
During the initial investigation phase of a cyber attack it is difficult to know what systems have been compromised, so it is best not to rely on any of them, if possible.
Safeguard your comms with an independent secure channel
By protecting the communications of the IT and digital forensics team, you are blocking a very useful source of information from being intercepted or modified by the hackers. In addition, by using a secure communications platform, such as Armour Mobile or SigNet by Armour, and having the secure comms hosted by a third party, you are further isolating the IT team’s comms from the potentially compromised systems that they are trying to recover.
Even on BYOD devices
In addition, enterprise-grade secure communications apps like those provided by Armour Comms can also be used on BYOD devices. All information is sandboxed within the Armour app, meaning it can’t be shared, deliberately or otherwise, with anyone other than trusted colleagues in the same secure group, keeping sensitive information protected. After the incident has been dealt with, information can be securely wiped.
For third party ‘blue teams’ brought in to handle such hacking situations it makes perfect sense for them to bring their own secure comms solution with them – and this is a question that you should be asking any would-be supplier when tendering for such services.
Armour is now working with a number of organisations that can provide specialist technical consultancy and cyber advisory services, from penetration testing and assurance, to incident management and response, and technical security research.
Of course, Armour’s apps can also protect all your organisation’s sensitive communications, from the board room to protecting your teams when travelling overseas.
