IT security from cyberhacking

March 25th, 2021
IT security from cyberhacking

Whatever the hack, Castlerock’s got your back

Cybersecurity is a topic that has been receiving an increasing amount of press and social media coverage over the past few years. There’s good reason for this. According to 2020 data, cybercrime now costs the world economy more than 1 trillion dollars annually (a 50% rise since 2018), while every hour South Africa is subjected to 577 attacks.

To protect their business, the office layperson has had to grapple with relatively new terms such as malware, ransomware, phishing, DoS attacks, hacktivists and rogue security software, to name a few. While they may sound like something out of a fantasy comic, the threat posed by these types of cyber attacks is very real. For example, some years ago, there was an exposé about how a rogue SARS unit had allegedly used spyware to observe the computer activities of top SARS officials’ business adversaries.

The media interest has, of course, intensified following the announcement that Microsoft’s Exchange email service (trusted by millions and used by businesses and organisations worldwide) was recently breached by a China-based hacker network, and has been vulnerable for perhaps up to a decade.

What motivates cyber criminals you may ask? Much like other criminals, money is often the biggest motivator, while access to desired information can also be a key driver, along with political or personal motives. Hackers are known to target email software specifically because it’s here they’ll find the “Holy Grail” – potentially valuable data relating to all aspects of a business, from its sensitive financial and security details to employees’ personal information. In the case of the Exchange breach, according to Microsoft’s corporate vice president for customer security and trust Tom Burt, the hackers used a multi-pronged approach dubbed ProxyLogon that appears to have involved stealing passwords and using these to gain access to the vulnerable server, then building a malicious “web shell” to control the server remotely. This remote access then allowed the hackers to plunder data from targeted organisations’ networks around the world.

This is why the recent Exchange hack has left millions of organisations and companies (as well as their IT teams) in a state of panic globally. It should come as a relief, then, that Castlerock clients have been left unaffected by the breach, because of measures already implemented by the company to avoid these types of threats.

How was this achieved?

  • Firstly, Castlerock doesn’t run on-premises Exchange servers. As the recent security breach has proven, on-premises servers can be more vulnerable than their cloud-based counterparts to unauthorised access.
  • Secondly, by using a targeted approach (as well as being constantly proactive to secure against future threats), Castlerock is continuously monitoring and patching clients’ systems, ensuring that they’re as secure as possible.
  • Thirdly, Castlerock’s bespoke security solutions are designed to go above and beyond regular measures implemented by IT services elsewhere. By extending beyond the perimeter and providing end-to-end protection (from antivirus, firewall and endpoint protection to encryption and two-factor authentication) the Castlerock managed IT security approach safeguards clients’ systems against a variety of threats, from everyday stability issues to malicious attacks.

By closely collaborating with clients on a personalised basis while having the luxury of partnering with global vendors such as Dell, Cisco and Microsoft, Castlerock can continue to ensure a safer, more secure user experience that is tailored to clients’ individual needs and will safeguard all your sensitive data, only allowing access to those for whom it is intended.

When the chips are down, who is your rock to lean on?
Make sure it’s Castlerock.