Increasing attempts by cyber criminals to take advantage of major events means that users and organisations need to be more aware of threats than ever, writes AJ Thompson, pictured, CCO of the IT firm Northdoor plc.
Cyber criminals are always looking for new ways to gain access to sensitive data and a company’s infrastructure. For a number of years, they had been targeting users as the weakest link in a company’s security structure. This has increased as more employees are working at home or in a hybrid role.
The fact that there has been such an increase in the level of sophistication in cyber-attacks means that cyber criminals tend to be at least one step ahead of an organisations’ passive cyber defences.
Impact of hybrid working and security fatigue on cyber defences
With cyber-attacks increasing in number and sophistication companies have to better manage employees and devices. Alongside employees now regularly working outside of the corporate security network, they are also suffering from security fatigue.
For example, many companies have a policy where employees are warned every time an email comes in from outside of the company. This tends to lead to users ignoring such warnings and opening emails without the necessary contemplation about the possible risk. This risk is exacerbated by the fact that so many are now working in remote or hybrid roles, outside of the corporate network.
Cyber criminals have seen an opportunity with this new trend and are now looking at ways to take further advantage.
Major event attacks
So, with organisations and employees at more risk than ever before there has to be real awareness of what the latest threats look like.
One tactic increasingly used are attacks coinciding with major events. The last five years has seen cyber criminals taking advantage of the uncertainty, fear and need to resolve issues that are associated with major events.
For example, most recently we saw TUI customers targeted by cyber criminals, taking advantage of the chaos caused by flights being cancelled across the UK and Europe. In amongst the confusion and determination of passengers to secure some form of compensation, criminals were quickly sending out links and messages encouraging users to click on links to start the compensation process.
These links were actually malicious and had the potential to add malware on to devices and give criminals the ability to steal personal and corporate information.
One of the most callous examples of cyber criminals taking advantage of major events is the increase efforts they made during the worst days of the pandemic. They targeted organisations in the front line of dealing with and finding a cure for COVID, with some stats showing that the education/research sector saw attacks rise by 75 percent and the healthcare sector rise by 71 percent.
Many of these attempted and all too often successful attacks were targeted at individuals in organisations. Not only did the number of attacks increase but also the level of sophistication. Indeed, a Deloitte report found that prior to the pandemic around 20 percent of cyberattacks used previously unseen malware or methods. During the pandemic however, this rose considerably to 35 percent.
Therefore, users were not only having to deal with a sudden increase in the number of attacks, but they were coming in new forms, perhaps not as easily identifiable as before.
This trend of taking advantage of major events is only likely to get worse over the coming months. The cost of living crisis is driving people to try and find solutions to their financial situation, of which cyber criminals are very keen to take advantage.
Zero trust approach securing the hybrid environment
With the likely threat of criminals taking advantage of events only increasing, it is going to be critical for companies to better manage their hybrid and remote teams outside of the corporate security environment.
Companies are doing this in a number of ways including implementing a zero-trust approach. The days when companies could sit behind a firewall with all of their employees and assets safely hidden from potential criminals have gone. The new reality of remote and hybrid workforces means that for many, most now sit outside of that bubble.
Organisations are faced with the prospect of employees working away from the office, on their own devices, impacted by security fatigue and facing ever more sophisticated and numerous cyber-attacks. As such the implementation of a zero-trust approach, where nothing inside or outside the corporate network is taken on face value, has to be a sensible approach. Zero-trust wraps layered, proactive, AI -powered around every user and every element in your infrastructure.
By gathering all information and controls across an organisation’s hybrid infrastructure into one place, IT and security teams are able to gain a clear, and critically, real-time view of risk across their network. This enables them to respond rapidly making informed decisions on how to deal with emerging threats.
