The cyber basics are important, says cyber security consultant, Sarah Knowles from Nexor. Heading into a rabbit hole of predictions could do much more harm than good, she warns.
When the National Cyber Security Centre (NCSC) released its report titled Common Cyber Attacks: Reducing the Impact in 2016, the UK Government’s Department for Digital, Culture, Media & Sport (DCMS) also released a paper titled The Cyber Security Breaches Survey 2016. Each report detailed what a common cyber attack looks like, ways in which to prevent the attack and also what the most common form of attack was on businesses. At the time these were the top three:
Viruses, spyware, and malware;
Others impersonating an organisation in emails or online; and
Denial of service attacks.
The latest Cyber Security Breaches Survey as of 2020 lists the following as main threats:
Fraudulent emails or being directed to fraudulent websites;
Others impersonating organisations in emails or online; and
Viruses, spyware, and malware.
Two mediums of attack remain a constant, likely due to the success rate and with fraudulent emails now listed, we have three very sophisticated and fruitful means of attack. So it’s no surprise then that between the two surveys, the number of businesses reporting a cyber breach had almost doubled to 46% in 2020.
The majority of these threats can be grouped as phishing attacks. A phishing attack is a type of social engineered attack where threat actors masquerade as a trusted entity. This means that the recipient of an email, telephone or text message is misled into providing sensitive information, to what they believe is a trusted person.
This method of attack is usually accomplished by luring the victim into clicking a malicious link, which consequently can trigger the installation of malware, a ransomware attack or the revealing of sensitive data such as sensitive personal information, like passwords to banking and credit card details. Some of the most recent and sophisticated phishing campaigns have come from those acting as the US Centres for Disease Control and the World Health Organization (WHO) targeting victims with malicious links. The focus of cyber security protection shouldn’t always be about trying to anticipate the latest means or technology that could impact a business, but instead, focussing on the same tactics and how these can specifically adapt. Phishing schemes are incredibly versatile and sophisticated which is why they’re so successful and they will adapt to what is going on in the world and take advantage of it wherever possible.
It’s key then that businesses refocus, cut out the noise and focus on the basics to ensure the most common attacks are covered. The Cyber Essentials scheme was released to guide businesses in their cyber security provisions. The scheme covers the following areas, which should be implemented:
Firewalls – ensure you have adequate protection at your network perimeter. Make sure your firewall policies are effective and only allow network traffic required for your business;
Malware protection – ensure all your devices have malware protection installed and that this is kept up to date on a regular basis;
Patch management – patching your software to the latest version will prevent cyber attackers attempting to exploit known vulnerabilities and gain access to your information assets;
Secure configuration – ensure your devices have any unused functionality removed; this includes the removal of unused accounts and software; and
Access control – ensure that all the user accounts on your network operate on the principle of “least privilege.” This means that your users only have enough permissions to carry out the duties they are assigned.
As remote working looks set to stay it is worth remembering that home workers extend the company network, so all of the Cyber Essentials scope also covers equipment that staff are using at home.
Biggest threats in 2021
In 2021, we’re likely to see similar threats to previous years – specifically relating to phishing attacks with threat actors impersonating organisations in emails or online. Ransomware threat actors are continually evolving their attacks, meaning defenders need to be keeping up with the changes and the defences.
As we know, an attacker only has to be successful once and defenders need to be at 100 per cent all of the time to keep their infrastructures safe. This means that all businesses, regardless of size are at risk of an attack. We might not be able to protect against all the threats and vulnerabilities, but by keeping up with the basic fundamentals, businesses are making it harder for the attackers to gain access to their networks.
In summary and to give a real world example – people will never be able to stop their house from being burgled, but we can all deter casual thieves by locking doors and windows and having a burglar alarm fitted. The case is the same when it comes to cyber security. By ensuring that the basics are followed and implemented into the business from top to bottom, businesses can at least ensure deterrents and defences remain strong when potentially compromised.
