This week, reports ComputerWorld, an IT Consultant named Steven Oakes was jailed for 3 years for spying on the communications of a share recommendation firm called Port Phillip Publishing (PPP).
In a period from 2012 to 2016, the Victorian man used a device known as a Wi-Fi packet sniffer to copy and then decrypt messages sent between devices on the PPP network.
He then used that information to make share purchases ahead of formal announcements by the firm. Once the information was published, the recommended company’s share price typically increased, which netted Mr Oakes a profit when he then sold the shares.
It’s a real-life example of how your organisation can be the target of a breach even when you don’t think you’re big enough and/or don’t feel it when it happens.
What can you do to protect yourself?
The best way to be sure you’re ready to resist an attack is to conduct an Information Security Audit – a thorough, arms-length review of your information security policies and processes and a practical test of the security apparatus within your network.
An information security audit will be customised to your organisation. The criteria against which your organisation will be assessed will be established before the audit begins in earnest. We recommend assessing both the processes and the real-life preparedness of your network to resist an attack with a penetration test.
The results of a thorough security audit are often surprising. But even though they can expose some weaknesses, you’ll find you are much better prepared for a real-life attack afterwards.
Give us a call to discuss how we can help.