It's a sad fact of modern business that cyber security continues to pose major risks to prospects. Cyber criminals are more active than ever, with around 90% of UK businesses being the victim of attempted attacks; many of which prove successful. Attacks can be absolutely devastating, with hackers sometimes causing millions of pounds in damages.
The methods vary, but it’s almost always the same target: your communications infrastructure. The most valuable commodity in the digital hacking world these days is personal data and business information. If criminals and cyber attackers can access this through your communication channels, they can reap the rewards.
So, what are the latest developments in cyber attacks when it comes to communication? What are the new cyber security threats for businesses in 2020, and how can you put a stop to them? The guidance from our technical experts here at eFax aims to help support organisations facing cyber vulnerability.
Email remains one of the most popular forms of digital communication in the world. Figures suggest around 125 billion business emails are sent every single day — and that number is only rising. Far from being a comfort that communication is more free-flowing than ever, cybersecurity experts will find this notion alarming.
By definition, email is a very insecure system. The technology centres around a series of methodologies that make it very difficult to secure. From challenges protecting methods in transit to verification of senders, there are so many issues with email that it warrants its very own blog. If you think about it, everything you do online registers to your email in some way. How many opportunities are there for hackers to learn your details, crack your password and access your account?
This is something we will talk about in more detail soon. For now, though, take our words as experts in technology that emails are highly vulnerable. And if you won’t take our word, listen to the data.
In 2019, Microsoft reported on over a billion hacked email accounts known throughout the industry, belonging to private individuals and business organisations. This means that roughly one-third of all internet users have a compromised email account. What happens if your email account becomes vulnerable? All your sensitive data shared to and from the account becomes available to hackers. Financial data is discovered and personal information accessed. Company secrets become public knowledge.
This happened to Sony Pictures in what became one of the most infamous email hacks in history. Masses of information was stolen and shared publicly after hackers infiltrated Sony’s email systems. Dirty laundry was aired, and Sony took a massive hit in terms of reputation and financially. None of this would have happened if they had transmitted their data more securely than email.
The executives at Sony appeared to learn from this lesson. Instead of email, they turned to fax.
The idea was simple. Pivot away from digital technology, return to analogue routes that are considered “unhackable” and keep data secure. But the problem was not actually with digital technology at all. It was just with email. Emails are vulnerable to hacking, but that is not true of all technology.
The move to fax opened up several security threats that could again prove challenging for Sony. Fax hardware communications are not encrypted, which makes the transmission of data very insecure. The physical nature of documents also stops them being protected for unauthorised viewing and makes for easy dissemination.
Fax machines were not the answer to this problem. But what is? If you can’t email and you can’t fax, how do you send communication effectively without risking hacking vulnerabilities?
The answer is dedicated cloud-based technology.
Cloud-technology is an upgrade on email servers. Cloud systems provide much more secure data transmission through high-level encryption. The information is also transmitted internally between different contacts within the same cloud system, rather than through different servers, means it’s much harder for messages to be compromised.
For example, eFax cloud-faxing is a cloud-based system. If you and your recipient use eFax, the document you send stays within our servers. There is no weak link in the chain, as there is with email. Emails bounce around from server to server until they reach you, while eFax is direct. Imagine taking a flight straight from one airport to another, compared to travelling over a series of several connecting flights. On each connection, you have the chance for problems — lost luggage, missed departures, stolen goods at the airport. This analogy works to convey the differences between email vs the cloud. The connecting flights are email, while the direct flight is eFax.
The documents sent using cloud-technology also remain digital, removing the vulnerabilities of physical transmission through fax machine hardware. If you want to avoid the risks of email, it’s important to move communications to cloud-based technology like eFax.
But there are other benefits to eFax, too. It’s not just about protecting your business from the risks of emails.
It turns out you can teach an old dog new tricks. In this case, hackers can teach your old fax machine to give them access to your new IT systems.
Recently, a hacking method was discovered dubbed as the “faxpliot”. It works very simply in practice but can cause nightmares for your business. A fax machine receives information and converts that information into a printable image. It doesn't ask questions about what it receives — it just does what it is told if the message is compatible. Hackers have realised they can send a fax machine code the hardware believes is an image, but actually gives the hackers access to the fax machine itself.
We know what you are thinking: what's the worst they can do? Print rude images on your fax machine?
Well, they can actually do a lot of damage. First off, they can take control of your machine, stopping other inbound and outbound fax and slowing your operation down. However, this is not the primary reason hackers attack your fax machine. The fax machine has no firewall or antivirus — basically, in terms of modern data security, it is useless. It cannot stop malicious programs from activating within the system. Once they've gained access to your fax machine, hackers can follow network connections from your machine into your other IT systems, such as your business computers and servers. Because the malicious code is already in the system, the network isn't going to notice (unless your system is very advanced — we're talking MI5 levels of technology, here).
The fax machine effectively becomes an unlocked backdoor through which hackers can enter. Using this form of cyber attack, hackers can compromise cyber security and get into your systems to steal data, cause damage, plant spyware, ransomware and do much, much more.
But how do you combat this new cyber security threat if you need to fax?
The problem with faxploit, as opposed to other cybersecurity threats, is it exploits old hardware. This makes it very difficult to protect against, as fax machines were not designed to be part of the digital age. They are simply not as adaptive and responsive to 21st-century threats from cyber attacks. When faxpliot was discovered, researchers managed to design a patch to stop the code they identified as a cyber threat from running. This patch, however, only provides a solution to a specific computer script and hackers simply develop new ones. The way fax machines operate means there is no real way to solve the problem.
Instead, you need to look at ways to send a fax without a fax machine. eFax online fax solutions enable complete fax functionality using computers and phones — devices that can be protected by modern security protocols. There is no need for fax hardware at all. You can keep faxing and ditch fax machines today. With the threat of cyber attacks looming, moving to eFax can give you the confidence to carry on sending essential fax without worrying about the implications of owning an outdated fax machine.
Our cloud-based technology removes yet another major risk for your business security. And we’re still not done.
Phishing attacks are certainly nothing new. The concept is basic in principle and has been around for many years. Hackers pretend to be legitimate organisations to obtain details like passwords or credit card information for identity theft. Most people are clued up to this and can spot a phishing attack a mile away, but now hackers are adapting to awareness and seeing an unsettlingly high success rate according to statistics.
So what's new?
It is the complexity of attacks that is causing problems, as no one is really prepared for the level of commitment people are now putting into their phishing attempts. Email is often the target, and what hackers will do as part of this cyber attack are things like setting up fake accounts under the same name as a co-worker or boss. They'll also replicate websites to look identical to tools they know your businesses use. It's effectively a con-job where they convince you the interaction is genuine. It isn't a thinly veiled disguise anymore — we're talking Sherlock-Holmes level subterfuge.
Cloud-technology removes the ambiguity of messages. The direct contact that comes from a message sent through cloud systems like eFax means the communication is always going to be genuine. Take, for example, another cloud-based tool, Slack. Slack is a messaging tool that you access via a specific login system. Once in, you can send direct messages to other people like an SMS service. However, it’s always clear who you are being messaged by. It’s not a random mobile number claiming to be somebody they might not be or an email message that appears to be from your boss but isn’t. People cannot fake the account sending the message. The only way to access message boards is to be part of your organisation, be assigned a defining username, and given access to conversation channels.
A restricted messaging system completely removes the chance of phishing attacks taking place. You’re never in a position where you don’t know if the sender is actually your colleague. eFax — and many other systems — do the same thing via the cloud. You are all connected by a validated internal system. Identification becomes impossibly easy, which means getting tricked becomes impossibly difficult.
What you’ll notice about these three major problems is they’re all targeting out-of-date systems built before the digital age exploded. They were not fundamentally designed to face the challenges of modern data security. At the time of their inception, the cybersecurity threats just didn’t exist.
But that isn’t the case for cloud technology.
Cloud tech is not the newest solution, but its rise to prominence only happened around 2005, making it far newer than systems like email and fax. The architecture cloud systems are built on was developed during a period when we had a much better understanding of cyber security threats, which means at the core of cloud technology is a structure designed to protect against problems.
To use another analogy, imagine systems like email and fax are medieval civilisations that have never been attacked. They built interlinking villages that offered flexible trading and free-flowing culture. It was easy to go from one village to the other. Then the Vikings attack and the villages had no way to defend themselves because they weren’t prepared. Cloud technology is built on the history of defeats. It’s the villages that built walls and fortifications to keep out invaders — the ones that stopped letting just anyone in.
Build a fortress around your business and stop cybersecurity invaders stealing and destroying what’s yours. Introduce cloud technology and protect yourself from threats to your communication channels.
Cybersecurity threats will remain a risk for businesses into 2020 and far beyond. Now is the time to act to protect your company and develop cloud-based systems to fend off the most dangerous threats. eFax online fax is cloud-hosted software that features high levels of encryption and data protection solutions.