Ransomware is a major concern, but it isn’t the only cyber risk your organisation will face this year. Edward Whittingham, former police officer and qualified solicitor, now founder and MD of The Defence Works, takes a look at the expanding array of threats and vulnerabilities that has kept the cyber security industry on high alert this year.
Attacks involving phishing, malware, mobile apps and smart devices are growing in sophistication, putting the intellectual property and personal data held by corporations, governments and individuals under constant risk.
Despite valiant attempts by security vendors to develop better defences, cyber criminals are an inventive and resilient bunch. Hacking is here to stay; and as business models continue to go digital, things could potentially get worse.
The Information Security Forum warned in its 2019 review of the cyber security landscape that globally, businesses face more disruption. That’s down to:
- The increased sophistication of cyber crime and ransomware
- The proliferation of smart devices, and vulnerabilities inherent in the Internet of Things (IoT)
- Supply chain risks; and
- The growing insider threat
With the cost of cyber crime set to hit £4.75 trillion by 2021, here is a closer look at the most significant security threats for the rest of this year and beyond.
Phishing gets more sophisticated
Phishing attacks involve creating crafted emails, texts and instant messages to fool people into clicking on a link that installs malware on their machine, and opens the company network up to intrusion.
As more organisations invest in security awareness training, employees have become more conscious of phishing and the risks in clicking on links sent by someone they don’t know. But cyber criminals and hackers are upping the ante, using AI tools to create convincing fake messages more quickly in order to compromise networks and systems. Once inside the corporate network, attackers can steal user logins, credit card details and other types of business, personal and financial information.
Ransomware strategies evolve
Ransomware attacks are on the rise, costing billions every year as hackers use malware to lock up an organisation’s systems and data and hold the unlock key for ransom. Cryptocurrencies like Bitcoin have helped make ransomware attacks more popular as they allow payments to be made anonymously.
As companies continue to focus on building stronger defences and back-up plans to prepare for ransomware infections, cyber criminals are turning their attention to other, less well–prepared targets like high-net-worth individuals.
Cryptojacking gathers steam
The growth of cryptocurrency has had another direct impact on cyber – the growth of cryptojacking. The process whereby crypto enthusiasts get paid to help verify (‘mine’) transactions and ensure the crypto network is validated requires massive computing power and expensive ASICS machines. Cyber criminals who can’t afford the equipment (or pay the energy bills) have turned to hijacking home or work computers to mine on the cheap, secretly hijacking someone else’s machine.
For businesses, cryptojacking can cause systems to slow down or lock up entirely, spike energy bills and create costly downtime as IT teams work to track down the source of the issue.
Hacks jump from the virtual to the physical world
Could a cyber attack kill you? The return this year of the Triton virus serves as a stark reminder that the vulnerabilities in computing systems can extend beyond data loss and disrupted operations to causing physical harm.
Triton is a powerful virus that turned up in the industrial control mechanisms of a Saudi oil and gas plant back in 2017. Infected systems included those designed to kick-in when dangerous conditions are detected – closing valves and triggering pressure-release mechanisms, or shutting machinery down completely.
Attackers managed to get their virus into plant systems that didn’t hold information of any particular commercial value, but which would have been the last line of defence against a life-threatening disaster.
Beyond attacks designed to make a profit through theft and blackmail, nation states are now creating cyber attack and infiltration units to breach other governments and test their defences around critical infrastructure. The Bank of England (BoE) warned earlier this year that cyber attacks by rogue states could corrupt the records of high street banks and other financial institutions – possibly over a period of months.
GCHQ has issued warnings about the risk of cyber attack emanating from Russia and China, and the BoE has urged banks to strengthen their defences and back–up readiness to avoid disrupting the City of London – one of the world’s leading financial centres.
According to Statista, the total number of Internet of Things devices will surpass 75 billion by 2025, while the number of IoT devices connected to the internet will reach almost 31 billion by next year. That includes home security cameras, smart household appliances, smart watches, medical devices, manufacturing equipment and inventory control systems.
Connected devices are convenient for end users and capture immense amounts of insightful data for businesses. But more connected devices means a larger attack surface and greater risk of breach. Once a cyber criminal gains control of a device or smart home network they can create havoc, overload devices, lock down essential systems or monitor security cameras to work out the best time to burgle a home.
Smart medical devices and digital medical records
The healthcare industry is going through a major digital transformation as patient records move to digital formats and medical professionals see the benefits of smart medical devices. However, as the industry adapts to the digital age, there are serious concerns about privacy, safety and cyber security threats.
Just this month, US medical equipment giant Medtronic initiated a massive recall of its industry–standard insulin pumps after researchers found serious security flaws in the devices. Through an exploit found in the pumps’ wireless Bluetooth connection, it was feared that an attacker could potentially tamper with the system to over- or under-dose a patient, with serious health consequences.
Earlier this year, Medtronic issued a separate alert when researchers uncovered vulnerabilities in the wireless protocol used by the company’s implantable heart monitors.
Vulnerabilities in the supply chain
Third–party suppliers and contractors can pose a huge risk to the organisations they supply goods and services to. Because they transmit or have access to their clients’ data, suppliers with smaller IT budgets and weaker defences can offer an easier way into the systems of large organisations – the weakest link in the chain.
Supply chain risk is often discussed in the context of manufacturing and retail, but it affects the public sector too. In June police forces across the UK were forced to stop working with the country’s largest private forensics provider after a ransomware attack locked essential case data held on the company’s systems. The company, Eurofins, typically processes more than 70,000 cases each year, including murder and terrorism offences.
Not enough experts – so you need to create your own
As cyber crime evolves and escalates, organisations are struggling to hire enough qualified cyber security professionals to protect essential systems and data. This is a pressing issue now and will remain so for the foreseeable future.
Globally there are understood to be more than a million cyber security roles going unfilled, potentially rising to 3.5 million by 2021. That shortage is a cause for concern since a switched-on digital workforce is essential to fighting the rise of increasingly clever cyber attacks. And that’s why training and a culture of security awareness is so important to cracking cyber crime now.
Harvard Business Review calls security awareness training “the best cyber security investment a business can make”. That includes training for everyone – from executives to employees, supply chain partners, consultants and contractors.
Cyber criminals are weaponising staff, who often become the source of a breach inadvertently by falling victim to a phishing scam. If we’re going to turn the tables on them, arming employees with the skills they need to identify a phishing email or attempted breach can minimise the risk of cyber attack.
By switching everyone on to the telltale signs of an attempted breach, organisations can create a culture of security awareness that – along with investments in the latest security technology – can keep the cyber wolves at bay.
If you would like to join our community and read more articles like this then please click here.
The post The Cyber Security Threat Landscape Keeps Evolving appeared first on Defence Online.