The rise of cyber attacks

Four tech experts explain why event profs need to protect themselves against cyber attacks, sooner rather than later.

Twitter Facebook Google+ LinkedIn
Cyber-attack-stock-new-resized.jpg

When it comes to cyber security, there are no absolutes.

 

“Security is a line,” Simon Clayton, chief ideas officer at RefTech, tells EN. “At one end you’ve got a machine that’s really easy to access, on the internet permanently and has no password: accessible but not secure.

 

“At the other end of the scale you’ve got a computer that’s not connected to anything, has no power and a flat battery and is buried in concrete: secure but not accessible.

 

“Security is finding your happy point along that line.”

 

Over the past several years, a number of high profile hacks have been making headlines in the UK and internationally. In October 2015, a massive cyber attack against internet provider TalkTalk saw 157,000 customers’ details stolen, costing the company an estimated £60m.

 

Another data breach saw the personal information of around 32m users of infidelity dating site Ashley Madison stolen and published online.

 

With these large-scale attacks causing such chaos, event organisers may well be wondering what more can be done to protect the information of their visitors and exhibitors.

 

Human error

 

The good news (or perhaps the bad news) is that a huge number of data breaches are the result of human error.

 

In early 2016, Google teamed up with the Universities of Michigan and Illinois to conduct a cyber security experiment, which posed a simple question: would users plug in a USB drive they found in the street?

 

The answer, at least 48 per cent of the time, was yes.

 

“Most data breaches come from mundane, stupid stuff,” says Clayton. “In 2003 there was a study that asked commuters at London Waterloo to reveal their network password in exchange for a free pen. Not even an expensive pen. Ninety per cent revealed their password.”

 

While this does mean that no matter how much a business spends it cannot completely guarantee security, it also means that there are some simple and inexpensive steps organisers can take to make their data safer.

 

“Passwords is one of the most common weaknesses that people don’t take seriously enough,” says David Chalmers, senior marketing director, Europe, at Cvent. “Strong password formats should be enforced, with regular expiry and updates.

 

“They should never be shared or stored publicly, and if you do use shared accounts always remember to deactivate accounts for users who leave your company or change roles.”

 

Sharing information between large groups, emailing (rather than sharing) important spreadsheets and transporting information on unencrypted machines are also behaviours that are best avoided when it comes to cyber security.

 

“Emailing a spreadsheet of personal data is possibly the worst thing that you could do, and it happens all day every day,” says Clayton.

 

Gone phishing

 

The types of attack a website or business can experience are incredibly varied, ranging from amateurish spam to sophisticated and specifically targeted acts of sabotage or theft.

 

One common type of attack, which almost everyone with an email address will have experienced, is ‘phishing’. Phishing frequently takes the form of a malicious email masquerading, or attempting to masquerade, as a trusted source.

 

This could be anything from a foreign prince looking to share his vast fortune to a seemingly mundane email from a local bank.

 

One particularly stomach-churning example has taken advantage of the Syrian refugee crisis to try and trick well-meaning internet users out of their hard-earned cash.

 

“Phishing can also come in the form of a fake web page asking you to provide your login and password,” adds Chalmers. “Any reliable software company will never ask you to do this in any of these ways. Your event webpage can be copied and used for phishing, so watch out for that.”

 

Event organisers should also pay attention to what happens to the data collected from visitors and exhibitors, adds digital law specialist Heather Burns.

 

“No one is a happy bunny when they register for an event and start getting spammed off the exhibitors,” she says.

 

Organisers should be clear on their event registration page about what will happen to the data that is being collected.

 

“Is the data being passed to third parties?” asks Burns. “Is it being transferred overseas?”

 

Hold it ransom

 

Another common type of attack is ransomware, which commonly attacks private businesses but has also made headlines internationally for targeting police forces and universities.

 

“Ransomware is the fasted growing malware in the world at the moment,” explains Clayton.

 

“You accidentally open an email attachment that you shouldn’t, it encrypts your entire hard drive, and then says if you want it back then you need to pay this ransom. They’re making millions of dollars.”

 

Certain events can be subject to attack because of particular people speaking at or even just attending them.

 

“Tech events have been targeted and hacked, the G20 was targeted and their attendees were revealed, a high profile security conference was hacked,” says Clayton. “There are different pockets of problems.”

 

The worlds of tech and gaming in particular have been enthralled in an on-going controversy, known as Gamergate, since August 2014. Gamergate saw several high profile female figures in the gaming industry being intimidated and targeted, some of which continues to this day.

 

“There’s a woman who is central to that, and it’s got to the point where bomb threats have been called into schools where she has been speaking,” explains Burns. “But that is an extreme case, it’s not something that the average event organiser will have to deal with.”

 

“The event you are undertaking should relate to the security planning you undertake in the cyber arena just as in the physical world,” adds Kieron Garlic, MD of Present Communications.

 

“The potential rewards for a hacker vary according to the nature of an event, from corporate jeopardy, the accessing of confidential information or even state sponsored attacks.”

 

Ch-ch-ch-changes

 

On 25 May 2018, a new data protection regulation will take effect, one with significant and far-reaching implications for event organisers in the UK.

 

“Many organisers are completely oblivious to the fact that they have not only a moral but a legal responsibility. It’s really scary,” continues Burns. “The new regulations have teeth. There are penalty fines and all sorts.

 

“We never like to scaremonger people, but it’s actually really good in the lead up to 2018 for people to be a little bit scared. It’s going to make everyone sit up and get to grips with it. We are telling people to start now. Data protection is about on-going business processes, this isn’t a tick box exercise you can slot together the week before it takes effect.”

 

The rise of the Internet of Things (IoT), adds Garlic, could also prompt a sea change in cyber security.

 

“As every light bulb, speaker and microphone becomes a network connected device, there is much more to do to protect from a cyber-attack that could terminate your event and ruin a reputation,” he says.

 

Whatever the future holds for cyber security, event profs need to be prepared for the huge impact that it will have on businesses in the EU, Even Brexit won’t prevent UK businesses from being subject to the new regulations set to take effect in 2018.

 

“In order to continue doing business with Europe, the UK will have to prove that it has a data protective regime that is equal to the EU’s regime,” explains Burns.

 

“If it’s not adequate then we can’t do business with them. Brexit is irrelevant.”

Twitter Facebook Google+ LinkedIn

Related Stories

Only one day left to get your EN Awards entries in

Only one day left event profs! One day to make it count and enter your very best people, shows and companies into the 2017 EN Awards.

30% of Confex exhibitors are NEW

The Confex Showfloor, always a hive of activity, colour and buzz, welcomes a host of new exhibitors bringing even more pizzazz with new and unusual venues and destinations from all over the globe.

Procurement Manager

Experienced Procurement Manager required for new Head of Procurement EMEA for International Event Services Company. If you have exceptional negotiating skills, great communication skills and experience in sourcing or procurement for Commercial Industry, this is the role for you.

Elsewhere on EN

Only one day left to get your EN Awards entries in

Only one day left to get your EN Awards entries in

Only one day left event profs! One day to make it count and enter your very best people, shows and companies into the 2017 EN Awards.
Movers & Shakers 18/01/16

Movers & Shakers 18/01/16

People moves at Inntel, Sodexo and BCD M&E and Zibrant Live!
Fast Forward 15 encourages future female talent to apply

Fast Forward 15 encourages future female talent to apply

Industry initiative Fast Forward 15 is looking for its third intake of mentees.

WATCH THE EN AWARDS 2016 HIGHLIGHTS


silverstream.tv

Most read Stories

Building emerald cities

Building emerald cities

From Malaria to Blenheim, through to UBM, Jane Risby-Rose – the 20-year story of her yellow brick road industry journey.
5 top marketing tips from AEO Forums 2016

5 top marketing tips from AEO Forums 2016

Looking to the future and learning from the past at AEO Forums 2016.
2 Minutes with Sarah Mayo

2 Minutes with Sarah Mayo

Sarah Mayo, marketing director EMEA, Freeman and FreemanXP talks about her new role, playing golf with Westlife and the skills needed in our industry.

Latest News

Only one day left to get your EN Awards entries in

Only one day left to get your EN Awards entries in

Only one day left event profs! One day to make it count and enter your very best people, shows and companies into the 2017 EN Awards.
Movers & Shakers 18/01/16

Movers & Shakers 18/01/16

People moves at Inntel, Sodexo and BCD M&E and Zibrant Live!
Fast Forward 15 encourages future female talent to apply

Fast Forward 15 encourages future female talent to apply

Industry initiative Fast Forward 15 is looking for its third intake of mentees.

Latest Galleries

London Boat Show 2017

London Boat Show 2017

Award-winning British actress Joanna Lumley OBE was on hand when the London Boat Show officially opened to crowds at ExCeL London.
NHM’s last dance with Dippy

NHM’s last dance with Dippy

The Natural History Museum hosted a New Year celebration for 600 revellers to make history and be part of the final event with the iconic Dippy the Diplodocus in the Hintze Hall.
Christmas lunch at ExCeL

Christmas lunch at ExCeL

Mash Media, ExCeL London and Brand Events came together with other industry bodies to host a festive lunch across East End London for Newham communities.

Latest Opinions

30% of Confex exhibitors are NEW

30% of Confex exhibitors are NEW

The Confex Showfloor, always a hive of activity, colour and buzz, welcomes a host of new exhibitors bringing even more pizzazz with new and unusual venues and destinations from all over the globe.
10 years in the making

10 years in the making

As the association has gone from strength to strength over the last 10 years, Andrew Harrison, ESSA director talks achievements, expertise and knowledge.
The Dealmaker in January

The Dealmaker in January

Steve Monnington of Mayfield Media Strategies runs the rule over the latest global exhibition deals.