I had hoped that the survey would be distributed to as many people in the club as possible to view the staff’s attitudes towards cyber security. However, as it happened, most clubs provided a single response, usually from the manager (71% of respondees). Sixty-eight staff members from 60 golf clubs answered the survey, presented in five sections looking at general information, knowledge of cyber standards and initiatives, attitudes towards future cyberattacks, how email links and attachments are processed, and knowledge of passwords and password management.
Continue readingAuthor: Paul Mainstone
How to defend a golf club from being hacked.
In previous articles, we looked at whether golf clubs were a target for cyberattacks; phishing and spear-phishing emails; password strength and management and, most recently, how to launch a cyber attack on a golf club. This article attempts to bring these articles together and provide you with ways that may help you mitigate any attacks.
Continue readingWhat’s in a password?
The bad guys are using ever more sophisticated means to get your login credentials to access your personal information and gain access to the club’s data. Yes, there are still thousands of immediately recognisable phishing emails used by amateur criminals. But, the clever criminals are now carefully researching us and then targeting us with highly plausible ‘spear phishing’ emails tricking even the most cautious of us to click on a malicious email link. The recent Human Cyber Awareness survey has highlighted that managers generally consider themselves cyber aware, yet 75% do not have a cybersecurity policy and over 90% rely on the club’s hardware and software suppliers to protect them. What about all the other staff at the club who have access to the club’s systems? We are all fallible and can click on a malicious email link. Phishing emails either take us to an authentic-looking login page for the site we think we wish to log into or download malware onto our computers which may then spread throughout the club. Either way, the results are good for criminals but not for us.
Continue readingHow are your defences against spear-phishing?
Let us look more closely at phishing or, more specifically, spear-phishing, what it is and how the fraudsters trick you into clicking on a link or downloading an email attachment. Most common phishing attacks are blocked by your internet service providers, anti-virus software and software providers. But spear-phishing is a little different, and these emails are far more likely to evade your hardware and software defences and appear in your inbox. In case you think clubs are not a target, remember that you have both staff and many members, providing a broad attack surface.
Continue readingAre you or your club a target for a cyber attack?
Information security is probably not at the forefront of most people’s minds during this pandemic. However, the explosion of Internet usage caused by home working and ordering products and services online has offered many new opportunities to Internet fraudsters. At the same time, the reduced pressures from the course and clubhouse provide club managers with an excellent chance to consider how these potential threats may affect them and how they could be avoided.
Continue reading