Phil Chapman, Head of Curriculum, Cybersecurity at Firebrand Training, goes over what cybersecurity risks businesses can expect in 2022.
Cyber attacks have been on the rise over the past few years with the National Cyber Security Centre (NCSC) revealing it defended the UK from 723 cyber incidents in the last year alone. Different trends are emerging at an unprecedented speed with malicious software and jargon that didn’t exist a decade ago such as ransomware, botnets, cryptojacking and cybercrime as a service now commonplace.
Coupled with this rise in attacks and the speed of their progression, cyber criminals are also becoming more sophisticated and agile and are increasingly working together. Through this they’ve found new technologies to commit large scale attacks against businesses, healthcare systems, governments and individuals to name a few.
These crimes are borderless and can cripple those who are targeted. On average, cyberattacks against UK SMEs are estimated to cost over £8,000 annually for those who lose data. It’s therefore crucial that businesses of all sizes across all industries are taking notice of the real threat facing them. So what exactly should organisations be keeping an eye out for in the next year as trends evolve?
The rise of ransomware
While ransomware is nothing new, it has become one of the biggest threats to national security and UK businesses in the past few years. The first half of 2021 saw a 93 per cent increase in the amount of ransomware attacks compared to the same period the previous year.
Ransomware attacks are so devastating to organisations because they allow access to one of the main assets businesses need to function – data. Even the shortest disruption to the most basic functions can bring an entire organisation to its knees. Until recently, these attacks focused on the availability of this data and aimed to lock users out of their systems via encryption or the modification of passwords. However, realising the price point of the data they had their hands on and the preemptive actions of businesses to back-up their files and systems, cybercriminals are now threatening to post this stolen data in the public domain.
This shift in tactics now means that businesses can no longer ignore the demand for payment as they restore their systems. Those targeted now have to take into account the risk of a data leak, which brings reputational risks as well as heavy fines. A recent report has revealed that 2021 had the highest average data breach cost in 17 years, rising from USD 3.86 million to USD 4.24 million.
With the likelihood of even more sophisticated attacks in 2022, businesses need to prepare themselves. Once a ransomware attack hits an organisation, it’s already too late. Businesses need to look to prevent an attack and stop one in its tracks before it gets near to any data.
The rising botnet threat
Botnet attacks have arrived in full force. In the UK alone, botnet attacks rose by 41pc in the first half of the year with human-initiated attacks falling by 29%. The financial services industry and media businesses bore the brunt. Botnets are networks of hijacked computer devices and once within a hijacked device, criminals can gather data, monitor a users’ activity, send files and other data as well as reading and writing system data. These attacks are usually motivated by financial and information theft, services sabotage and using the access as a selling point to other cybercriminals.
Botnets enable cyber criminals to speed up their ability to carry out mass attacks such as malware distribution, data theft and the crashing of servers which can bring down an entire business and network in a matter of seconds.
These types of attacks occur via the more obvious hacking of weak passwords and disguised email attachments which unknowing users open. But the rise of IoT devices – particularly in the home – are becoming the new ‘go-to’ for cybercriminals. These devices often lack protective security software and have weaker encryption than their computing counterparts making them easier targets. Yet, organisations and their employees are often unaware of the common pitfalls and weak links and protect themselves against this.
Preventing an attack
One of the main weak links in an organisation is a lack of awareness and understanding among the company as a whole. Education matters and it’s vital that businesses are providing up-to-date and continuous training to their IT teams and beyond by weaving this into their larger cyber security strategy – especially with another shift to working from home in the UK. Troublingly, however, a recent report found that only 6% of businesses say they are “open” to investing in cybersecurity training.
It is essential within a business that it becomes second nature to staff to not click on links in phishing emails, open attachments from unknown senders or use weak passwords which can put the company at serious risk of suffering a ransomware or botnet attack. It’s also important that employees are aware of the risks of sharing too much personal information and data over social sites like LinkedIn as well as in out of office emails (such as colleagues’ email addresses). Oversharing information, no matter how small, can help criminals piece together enough clues to build a profile of an individual or an organisation. While to some these might seem like obvious signs, employees outside of the IT and security teams need continuous cybersecurity training to keep these learnings top of mind to protect themselves and the business.
Alongside regular training, a business must also implement strict network security policies which should clearly define these policies and security procedures as well as state guidelines for computer network access. Users must make regular backups of all data and systems which will ensure this can be recovered in the event of a ransomware or botnet attacks. Installing two factor authentication will ensure that all networks and devices which contain sensitive data are better protected against cybercriminals looking to exploit weak links within an organisation.
While attacks can still happen against the most secure systems, it’s important that businesses of all shapes and sizes understand that they are a target. Businesses need to work with staff and security teams to bolster security and awareness.
