Many specific industries in the UK are currently being targeted for online attacks in order to access the information which they hold. This information is rapidly becoming a new commodity in these changing times.
The electronic security industry is a definite target due to the ‘low risk, high yield’ target nature of ARCs & Installers for potential attackers coupled with the lack of up to date awareness in many parts of the industry.
The risk from DDoS type attacks in particular is a well founded one but also comes on the back of other concerns in respect of “information security”.
Our industry is at particular risk from this threat for a number of reasons:
In the first case we hold (as an industry) vast amounts of sensitive data on our clients. We are ourselves a means by which access can be granted to further information from our clients. As an example consider an attacker armed with a security firms authorisation credentials or a site password then contacting a client of the ARC whilst performing a social engineering attack. Mobile telephone numbers can lead to location data or voicemail access of end users.
The other aspect to consider is that as an industry we face an increased exposure from this type of attack that can be very detrimental to business. “Electronic security” is not the same thing as information security but to end users and clients this distinction is not so clear. We operate in an environment of trust and robust security protocols. Clients would potentially steer clear of the victim of a data breach as they would be seen as ‘untrustworthy’; this can have a massive impact within the industry. 
A small investment in time and resources now could save businesses a great deal of cost and time at a later date.
Following some basic principles  of system management will help. In the long term a complete managed structure is the only effective solution to mitigate the increasing risk and exposure.
To manage system updates, audit all of the many server and client machines, keep up to date with trends and exploits and to effectively harden the many networks, software platforms and systems is a lengthy and laborious task which businesses small and large may struggle to keep up with.  
Threats & Exposure
To understand the risks and better manage them we ought to first understand who would be aiming to access data.
I believe we can categorise the majority of potential attacks as coming from one of five primary sources presenting the highest risk factors for our industry:
- Staff / Industry competitors
- Script Kiddies
- State sponsored
For the modern ARC or Installer there are several attack vectors and points of exposure:
- External webservers / client interfaces
- Company websites
- Mail servers
- Corporate intranets
- USB / Removable media
- Precompiled VMs
- IP Signalling device connectivity
- Receiver software / firmware
You must ask questions of yourselves in relation to each of the above vectors remaining honest with yourself whilst doing so.
- Are each of your systems adequately protected?
- Is the authentication procedure appropriate to the risk exposure?
- How do you know if you have already been infiltrated?
- What measures can you take to prevent exposure to each of the above?
- Are your staff members trained to respond to and recognise these risks?
- Are you opening up more data than is required to perform the task at hand? If so why?
- Are your contingency arrangements formed with these risks in mind?
- Does your backup procedure give you scope for recovering to a point prior to an attack occurring which may be discovered at a later date?
The reality in our industry is that the technical expertise employed within and by third parties on behalf of ARCs and Electronic Security Installers is often quite specialised.
Whilst there are very many incredibly talented individuals working in the industry, it does not follow that they are necessarily aware of all aspects which are required in order to effectively protect company assets.
There is no "one size fits all" solution that would work for all types of businesses. There are however, some good practises and recommendations that can be made.
Where possible implement managed network provision from a suitable supplier. Ensure that you have the support of any ISP utilised in order to help counter DDoS types of attacks.
There has been a gradual evolution of some signalling products and back office systems to utilise remote access and various forms of IP technology. Ensure that the systems you are utilising have approached the implementation of this technology with a sound understanding of the risks involved. Other products have been designed from the very start around the core principles of data security and robustness, this should be a primary consideration.
With all the points raised above, the key thing is awareness. Understand the capabilities and weaknesses of each product and perform your own risk assessments.
You may conclude that it is no longer appropriate to utilise some equipment or demand more robust solutions from the supplier. In either case at least you are prepared and aware.
Ensure that you are able to accurately track the flow of data in and out of your business and be able to see the status of all critical equipment and networks instantly at any time (keep your fingers on the pulse).
We are all in the habit of assuming the worst case scenario in order to minimise risk. This puts our industry in a good position to be able to overcome such issues as and when they arise as long as we continue to be prepared.
Consider your existing networks and infrastructure carefully. What is your exposure to risk? Can action be taken to reduce or ideally, entirely negate the risk?
It will become crucial in future for Installers and ARCs to communicate effectively to highlight and manage risks.
We have already begun to see the efectiveness of this approach when nationwide issues occur and in future we should all take advantage of these networks to help mitigate and protect from risk.