- Security TWENTY
- Women in Security
A knowledge of changing cyberthreat landscapes can offer you a better understanding of cybersecurity, writes Mark Rodbert, CEO of analytics company idax software.
Cybercrime is everywhere. Every 39 seconds a business falls victim to a ransomware attack – by the time you have read this another business will be at the hands of cybercriminals. That’s how serious an issue it is to understand the shifting threat landscape, specifically how cybercriminals are adapting the tactics they use, how they would access your systems, and what damage they can cause. Without this understanding it is impossible to ensure your systems are as secure as they can be.
Ensuring that businesses have an understanding of exactly how cybercrime is shifting and changing is vital to being secure and ‘cybersafe’. Agility is key when it comes to remaining secure against cybercriminals, constantly shifting and adapting your policies and defences to combat the latest cyberthreat.
A ‘living’ nightmare
The truth behind cybercrime is that it is ever-changing – it evolves to fit its surroundings, changes its form and shape to be the most effective in its current environment. An effective cybersecurity policy will be fluid and easily adaptable to be effective against cybercrime, no matter what form it takes. Where one avenue of attack is detected and closed off, another is found and exploited, and the cycle continues. Cybercriminals only have to get lucky once, whereas defenders have to be lucky every minute of every day.
The threat landscape also changes depending on societal conditions, adapting to be the most effective in the current circumstances. The majority of attackers deploy methods relating to current themes, trends, or news, to trick victims into clicking on malicious links, which would subsequently allow the criminals access to information such as passwords, data, or entire networks. If one form of communication is becoming more popular – as is currently the case with Zoom, Google Docs, and even Facebook Messenger – then cybercriminals will use this to target the mass markets.
To stay ahead of the curve, businesses have to be aware of the vulnerabilities that cybercriminals are exploiting, as well as the different cyber defence solutions and options available to combat cyber attacks.
Less security focus
The COVID-19 crisis is a prime example of how current social and economic conditions are dictating methods of cybercrime. A National Cyber Security Centre investigation shows an increasing number of malicious attackers exploiting the current pandemic for their own malicious gains. The report and investigation show that whilst the overall level of cyberattacks has not increased, attackers have shifted the tactics and themes they are using to take advantage of the crisis.
Whenever a crisis strikes, attention rightly turns to how best to combat it. COVID-19 has also led to a lowered security focus due to the world working from home. The lockdown came into play almost overnight, forcing businesses to adapt in a short space of time. The urgency meant that many people forgot to take their cybersecurity into consideration.
The COVID-19 crisis has forced businesses to rapidly deploy unified communications solutions and adapt the ways in which we communicate. This has given cybercriminals the opportunity to exploit users’ uncertainty and the significantly higher dependency that we are placing on technology.
Working from home also poses another threat to security, in the form of insecure IoT devices in employees’ homes. Despite frequent warnings, too many consumers still do not change the default passwords on connected devices, and although most businesses have policies about installing such devices in the office or workplace, employees’ homes are not subject to such rules. Smart kettles, security cameras, and thermostats can all inadvertently create a ‘way in’ to your business for cybercriminals, if employees are logging onto the corporate network from home.
COVID-19 is rightly causing cybersecurity concerns, but it shouldn’t be overlooked that there are other security risks that could go unnoticed, such as nation state attacks. With the recent easyJet hack widely suspected to be the work of a Chinese state-sponsored group, it is no surprise that organisations of all sizes are growing more concerned about nation state cyberattacks. These attacks no longer target only government offices or official agencies that are known to contain sensitive information or data.
When a nation state attack hits, it can often be more destructive than a regular cyberattack – with the might of a powerful nation behind it – leading to an increased data or revenue loss in comparison to other attacks. These attacks are orchestrated by highly organised groups, deploying sophisticated techniques that are designed to interrupt business operations or leak confidential information.
Although there are definite trends in the threat landscape, at the end of the day, you can’t predict all threats, and it would be poor decision making to try to preempt every different type of threat that could pose a risk. There’s a real need to invest in proper security tools, leaving some of your cyberdefences to automation.
There is a belief in business that investing in cybersecurity makes you invulnerable to attack – a perception which is entirely wrong, and frankly dangerous. There are, however, steps that you can take to make your cybersecurity more solid. It is critical to ensure that employees have a clear understanding right from the top of the chain to the bottom. Whilst it is vital to be flexible within your cybersecurity methods, maintaining a consistent policy is just as important, ensuring everybody pulls in one direction, striving for one common goal.
However, just because your employees are all engaged and well-trained, does not mean they are not a potential source of insider threat; non-malicious insider threats account for a large proportion of cyber incidents. Dynamic identity and access management is critical to combat this, and ensure that even if an attacker does trick their way into your systems, they won’t be able to automatically access sensitive information.
There are always going to be events or crises which cause you to adapt your security practices, but having an understanding of what risks can be brought about by different attacks will ultimately give you a greater chance of defending yourself and your business against cyberattacks.