Nettitude Blog

By Sam Bohnel | Security Consultant at Nettitude 

May 2017, the ransomware attack named WannaCry targeted computers running outdated and unpatched Microsoft Windows operating systems. The cyber-attack encrypted user’s files and unsuspecting victims were held at ransom to return their data. It was estimated the attack affected roughly 300,000+ plus computers worldwide.

One of the major victims of WannaCry was the National Health Service hospitals in England and Scotland, with up to 70,000 devices said to be infected by the ransomware cryptoworm. Critical medical devices including MRI scanners, blood storage refrigerators and theatre equipment were affected, resulting in severe disruption to the NHS and an estimated £92 million-pound expense.

WannnCry is just one case study of numerous health organisations becoming victims of cyberattacks. But, just why is the health sector such an enticing target for hackers?

By Jenny Wu | Senior Incident Response Consultant at Nettitude

The move to the Cloud and remote working models has changed the way networks are connected. Today, we are shifting focus from security to protecting assets rather than the traditional perimeter. Traditional anti-virus is no longer able to keep up with newer attacks and vulnerabilities, allowing compromises to occur more frequently; especially for the healthcare industry which is frequently targeted. They therefore need additional protection in the form of Endpoint Detection and Response (EDR) Tooling.

By Nettitude

Cybersecurity. While the rest of the world has almost shut down this past year, cybersecurity is one of those industries where the cogs keep on turning. In fact, the vulnerabilities of most other industries have created a sharp rise in cyber-attacks during this time. From ransomware attacks on the healthcare sector, to increased risk for financial services as organisations shift their focus to survival mode.

Our Head of Threat Intelligence and Advisory Consulting, Anthony Long, recently presented at the EVOLVE 2021 Webinar on "Cyber Security In A World Under Pressure." In the webinar, we took a look at the impacts of the pandemic and how this has triggered an increase in cybercrime. 

By Nettitude

Today, we’re excited to announce the launch of our Nettitude Bug Bounty programme .

Over the past few months, we’ve been running a Bug Bounty trial with a number of our clients, which we’re pleased to say has been successful. Now, we’re ready to open our Bug Bounty service up to the world.

By Nettitude

Today, just 19% of the technology sector is represented by females. While it’s true that the industry still has a long way to go in achieving true gender equality, we are slowly and surely beginning to see change.

Nettitude can attest to this. As an organisation within the technology sector, Nettitude are proud to be one of few organisations within our industry to be led by a female CEO. Under the direction of Karen Bolton, and as part of the Lloyd’s Register Group, our values and vision for the future are bright when it comes to women making an impact, in which each Nettitude colleague is viewed as an important and impactful individual, despite their gender.

By Nettitude

A cyber breach can be a terrible thing for any company to go through, with significant impacts such as halting production, reputational damage, regulatory fines and operational viability. The cost of a breach is often in the millions as highlighted in IBM’s recent report detailing average breach costs across industry verticals. Data breach prevention measures exist, but are often not sufficiently invested in to prevent the worst-case scenarios from developing.

In this blog post, we’ll take a look at the true cost of a data breach and identify how objective based testing can help organisations to reduce their risk.

By Matt Tryphona | Security Analyst at Nettitude

The Healthcare industry remains highly targeted by hackers due to the great deal of personal data that is used and handled on a day-to-day basis. One of the biggest cyber Risks within healthcare is IoT devices, as they can be used as a gateway for capturing sensitive data if not secured correctly.

When we think of an IoT device, you may think about smart-home devices, such as a smart plug, or smart bulb controlled from an app on your phone. We may even think of a ‘smart’ assistant controlled by our voice, which can do much more than just tell you the weather. The ‘smart’ assistants can act as an IoT hub that control our devices to provide a seamless futuristic experience.

It’s one thing for the security of devices in the home to be breached, but within a healthcare environment, this can have a detrimental knock on effect across the board in light of an increasing variety and severity of healthcare cyber threats. Below we’ll take a look at what IoT is, how it’s used within the healthcare industry, and how a security breach could impact the industry.

By Greg March | SOC Platform and Security Analyst at Nettitude

Technology is at the forefront of innovation with new hardware, software and AI breakthrough announcements on a daily basis. From the creation of the first computer (ENIAC developed in 1946) to the rise of IOT smart fridges, data remains the key to the interconnected world around us.

Over recent years, the rise in cyber-criminal activity has highlighted the pressures and importance of developing secure technology - whether that is for data in transit or at rest. Transport encryption such as SSL(secure Socket Layer)/TLS(Transport Layer Security) and HTTPS (Hyper Text Transfer Protocol Security) technologies are exactly that, they provide a secure method of transporting encrypted data from one machine to another, preventing unauthorized actors from stealing private information.

Although encryption was first developed with security and privacy in mind, hackers and cyber criminals of even low sophistication levels have incorporated the advantages of encryption in their attack techniques.

By Mike Buckley | Pre - Sales Consultant at Nettitude

Transforming on-premise environments to the Cloud is not new, many organisations have already been through this process, and those that haven’t or are part way through should understand their strategy for doing so. While each organisation has their own business goals, those goals will loosely align with basic architectural requirements structured within the Cloud environment, whether that be IaaS, PaaS or SaaS or a combination of all. Gartner’s “Top Security and Risk Management Trends” highlighted “Cloud Native” as one of the three architectural building blocks of Cloud security transformation, alongside “SASE” and “Zero Trust”.

By Stuart Wright | Global Head of Compliance and Risk at Nettitude

Employee awareness of common security threats is a crucial line of defence when protecting your organisation from attacks. Within the retail sector, this is especially important as any security compromise could expose the payment details of thousands of customers.

For this reason, it is essential that retailers have a solid PCI DSS employee training programme in place that ensures employees know what best practice to follow to help prevent data leaks or cyber-attacks. But what should your training program look like? In this blog, we’ll try to shed some light on this and give some practical tips on how to approach this requirement.