Chris Brown, Fosters Solicitors – picture by Bethany Wymark

Inside the mind of a Hacker

Chris Brown, chief executive of Fosters Solicitors in Norwich, speaks at the Norfolk Cyber Security Cluster inaugural conference at Centrum on Norwich Research Park. Picture: Bethany Whymark

Chris Brown, chief executive of Fosters Solicitors in Norwich, said cyber crime had an almost unique ability to both implicate and victimise businesses who found themselves hit by it, with their bottom line at risk alongside their reputation.

Speaking at the inaugural meeting of the Norfolk Cyber Security Cluster, Mr Brown said: “If a supplier lets you down or a contractor does not deliver, you have some recourse.

“If you are subject to one of these attack, you will not get back the value that is lost. This kind of thing will take an SME down.”

He said there were “myriad reasons” why hackers went after personal data.

“We cannot know what they are after or how they are going to get it. If you cannot guess what the other player has in his hand, all you can do is work out how to play yours. That is what I would suggest your business looks at,” he said.

The Talk Talk hack in October 2015 cost the telecoms company £77m as well as its reputation, with 4% of its customers leaving within a week of the attack.

The 17-year-old hacker from Norfolk was sentenced last December but did not receive a jail term for the incident.

Head of crime and business advice at Fosters Mr Brown added that everyone within a business had a responsibility to improve their cyber awareness, not just those responsible for IT systems, joking that people in his own profession were “notoriously backward” in talk about cyber security.

How companies’ telephone systems could be compromising their cyber security

Your company’s telephone system could be providing a “back door” for hackers to access internal networks, according to a telecoms expert.

And the cost of phone hacking in the UK has now overtaken that of credit card fraud, estimated at £1.5bn, said Russell Marriott, the managing director of telecoms firm Eastern Voice and Data.

He said legacy telecoms systems could act as a “forgotten back door into your local area network”, with hackers able to get in through poorly-protected voicemail boxes or insecure data ports on networks to which the systems are connected.

“These hackers are employing technology on an industrial scale, dealing with robots, bombarding sites and looking for weak ways in,” said Mr Marriott, whose firm has clients across East Anglia, from Norwich Theatre Royal to King Edward VI Grammar School in Chelmsford.

“It is common for people to have no maintenance support [for telecoms systems], but they need specialist advice.”

Mr Marriott said cloud-based phone systems, which can encrypt and store call recordings, are the future even in areas of the region with current poor connectivity. ?“If you are an SME you are going to be getting the same support as the big players,” he said.

He added that the planned phase-out of all old ISDN telephone systems by 2025, in favour of new SIP systems which work through IP addresses, was an opportunity to “get rid of the weak spots in our offices”.

Meanwhile Geoff Connell, head of information management and technology at Norfolk County Council and president of public sector IT society Socitm, said “doing the basics properly” and sharing best practice were key to protecting companies from security breaches.