News and Articles - Specialist Risk Insurance Solutions

Using iOS 14 to identify cyber breaches

Written by Georgia Green | November 20, 2020

"A cyber breach? It won’t happen to me!"

With a growing trend of businesses adopting agile working as a permanent feature of their operations for a post-Covid world, 2020 has been a year of learning for many organisations.  The lessons learned this year will live long in the memory, not only in how businesses have been forced to respond to the practical challenges of working in a lockdown such as accessing systems and getting staff online at home, but also how we all interact and engage with our customers.

Unquestionably we have all come to value high-speed internet access whether that be video meetings, homeschooling or accessing VPNs and operational systems. As the working environment has migrated to the home and with a significant growth in online sales, some commentators are suggesting that we have seen 10 years of digital adoption in 2020. The ONS has reported that in May 2020, online sales accounted for 33% of all sales in the UK and with lockdown restrictions easing in September that had only fallen to 26%. With lockdown 2.0 likely to cover the peak of Black Friday and Christmas sales it is expected that the percentage of online commerce will exceed the peak seen in May.

This growth in digital adoption has meant that users are now engaging with more businesses electronically.  In February 2020 Newswire.com reported that - An average person has 70-80 passwords, according to the research by the password manager NordPass. To put this into perspective, 80 words can make up a four-verse poem.  And astonishingly there remains a high number of people who are using a single or limited number of passwords for all their online accounts. A 2019 online security survey by Google identified that 65% of people use the same password for multiple or all accounts.

Why is this relevant? Well, the latest cyber claims intelligence points to a growth in ransomware attacks and hackers/threat actors spending longer in systems looking to identify more critical and sensitive information to encrypt or steal. As a result, ransoms are increasing dramatically, in some instances the demands received by UK businesses have been for millions of pounds, not the previously anticipated thousands!

iOS 14: Identify if your accounts have been compromised as a result of a data breach

So how do you know whether your passwords are safe or not? With the most recent release of iOS 14, Apple has introduced a new feature that warns users when their stored passwords have been compromised in data breaches.  iOS includes the Keychain password manager that allows users to save credentials and automatically fill them into login forms on sites and apps. The password manager can be found under Settings > Passwords, and when accessed, allows you to see all your saved passwords or add additional ones. With the release of iOS 14, Apple will now check your stored credentials against a list of known data breaches. When performing this check, iOS "uses strong cryptographic techniques to regularly check derivations of your passwords against a list of breached passwords in a secure and private way that doesn’t reveal your password information — even to Apple."

If an account has been detected as breached or uses an easy to guess password, a 'Security Recommendations' option will appear.  If your accounts are just using easy passwords, the number in this box will tell you how many accounts have issues.  If there is a red exclamation sign, then that means you have an account that has been compromised in some manner and needs immediate attention. It will also flag this when entering passwords on websites and on portals. Clicking on a password will either tell you if its easily guessed, compromised in some manner, or been found as part of a data breach. Keychain will then prompt you to change your password, which will open the site to either the password reset page or its homepage.

We recommend that any iPhone users examine this feature as the results could be surprising and it may help avoid a more serious issue later!

So what does it matter if someone has your password? Well www.haveibeenpwned.com have (at the time of writing) recorded over 570 million breached passwords. These are available to acquire on the dark web for an astonishingly small cost and threat actors can automate untargeted attacks to try and penetrate your access to sites/accounts and once one account has been compromised it is extremely likely that others may also fall and it may only be a matter of time before a breach impacts your business and ultimately your reputation.

Credential Stuffing

Credential stuffing is the automated injection of breached username/password pairs in order to fraudulently gain access to user accounts. This is a subset of the brute force attack category: large numbers of spilt credentials are automatically entered into websites until they are potentially matched to an existing account, which the attacker can then hijack for their own purposes.

This is a serious threat for several reasons:

  1. It is enormously effective due to the password reuse problem
  2. It is hard for organisations to defend against because a successful "attack" is someone logging on with legitimate credentials
  3. It is very easily automatable; you simply need software which will reproduce the logon process against a target website
  4. There are readily available tools and credential lists that enable anyone to try their hand at credential stuffing

What happens if my business is the victim of a breach?

The cost of a breach goes beyond the amount of data lost or disclosed depending on the time it takes to find it. According to IBM, on average, companies take about 197 days to identify and 69 days to contain a breach. This means that any system compromise has the potential to cause not only significant interruption but significant costs to remedy and the potential for lasting reputational harm is significant. A Cyber insurance policy not only covers your business in respect of costs and awards, but it provides funded access to a suite of experts who will work to manage any issues and prevent lasting reputational harm.

For more information on our Cyber insurance offering, please click here. We can arrange bespoke insurance cover for a diverse range of commercial businesses, with particular expertise in those operating in high-risk industries. Please click here for more information on our solutions for your industry.

Get in touch with our cyber experts to receive a Cyber quote that is tailored to your business’s unique requirements:

020 7977 4800

cyber@specialistrisk.com

Alternatively, you can request a call back using the button below.