individual response
School, the ten most powerful cyber nations are, in order: the United States, China, United Kingdom, Russia, the Netherlands, France, Germany, Canada, Japan, Australia.
This is good news for UK business. It indicates that, as ever, GCHQ and NCSC do an outstanding job of keeping us safe, not only through surveillance of domestic and international threats, but also in terms of controlling the information environment, enhancing domestic industry growth and defining international cyber norms and technical standards.
But this reflects technical capability, and it is now true to say that the huge majority of boards view cyber security related risk as a business risk. So whatever is happening on the cyber landscape, it is beholden on business to shift the emphasis away from mere awareness and technical responses and establish and develop a cyber risk aware culture, utilising social sciences and behavioural economics to improve that culture and influence behaviour.
Cyber crime is no respecter for borders
Of course, the difficulty has always been that cyber protection, responses, capacity building etc. are tackled at a national level. The beauty for the cyber criminal is that the information highway has no borders and the last two years have seen it become increasingly professionalised with “cybercrime as a service” being frequently observed. What we previously categorised as “nation state actors” now is likely to be include of organised crime groups.
Cyber crime trends
Ransomware attacks have increased massively as has the availability of stolen data on the dark web; ransomware group Conti has been prevalent in Russian attacks on Ukrainian critical infrastructure. The Log4j vulnerability saw nearly one million exploits within 72 hours, eliciting dire warnings from several western governments, and the financial sector has had to scramble to deal with the re- emergence of the Trojan Trickbot, less than ten months after Europol announced its take- down. This malware was already documented, but was joined by over 160 million new types of malware in 2021, the vast majority being Trojans. The money made by the crime groups who subsequently sell stolen data would bail out many a third-world nation, not to mention a Spanish football club!
© CITY SECURITY MAGAZINE – AUTUMN 2022
The major cyber crime trends are very familiar. Phishing continues to be the criminals’ favourite, particularly now fear can be mobilised in so many directions. COVID-19 Omicron variant is an obvious facilitator; the re-homing of Ukrainian refugees has been exploited by the setting up of fraudulent charities, and people’s eagerness to “do something” has seen criminals inviting innocent parties to help launch DDoS attacks, the links then infecting the willing parties’ systems. Increased concerns over the environment, in all its guises, are being exploited in very similar ways and, of course, the turbulence around so many heads of government has not gone unnoticed, with people’s willingness to add their e-signature to online petitions opening up a further line of attack.
Supply chain attacks have increased since March 2020. Vulnerabilities in the supply chain of multiple companies are being attacked in single efforts, whilst the German government has recently warned of frequent attacks on smaller businesses which then run riot through the whole supply chain. This has been made possible by the criminals focusing on service providers and exploiting the weaknesses within an extensive network. Expanded ransomware scams have seen crime groups demanding ransoms from customers and partners of the original victim, having already stolen data relating to those entities in the initial attack. You can imagine that the discovery of non-disclosure agreements and shared intellectual property can be a potentially lucrative bargaining chip.
Hybrid working has vastly increased the projected costs of data protection for companies. Insecure phones and laptops connected to the company network are an obvious logistical and security nightmare and this is exacerbated by the increased “connected time” that employees tend to have when they are working remotely. Simply put, the security concerns become exhausting and thus too regularly ignored.
The new game in town is the deepfake. Exploiting our reliance on video conferencing was always likely to be exploited but the increase in deployment of AI tools to protect against cyberattacks is also being exploited by criminals. Last year, Forbes reported the use of a director’s cloned voice to defraud a Hong Kong bank out of $35m.
www.citysecuritymagazine.com
People must be at the heart of the response
In terms of response, best practice is the same wherever you are. The difficulty will be in applying it successfully across a very varied global map. Our people will always sit at the heart of our security posture. At the start of this piece, I referred to culture and the need to employ a sociological rather than a technical solution to our defences. We need to be aware that many developing countries have implemented a digital framework that is piecemeal, based on facilitation rather than security, and may even have an unfriendly (to us) backer/implementor. In a similar vein, one should be aware that public sector IT infrastructure is often outdated. This makes it hugely attractive for the attacker. Operational technology poses a similar risk, again because software is often outdated owing to the cost of updating large networks. In this case, proactive protection and proof of rigorous compliance measures is crucial.
Attacks on production have increased as the manufacturing industry has increased its connectivity; we are seeing the adoption of industry standards which does force an awareness onto all parts of the supply chain. This is definitely a good thing! The retail sector is more exposed than it ever was, due to the rush to online and e-based selling. Its biggest weakness may be the fast turnover in staff and thus maintaining a consistent level of awareness; and seasonal issues, particularly around Black Friday and Christmas.
We have travelled the full circle. The global threat to our corporate and individual cyber security is undeniable and growing; the response and our security ultimately sits in the hands of every individual who accesses the worldwide web.
Neil Sinclair Programme Lead for Police CPI’s Digital Security Provider Initiative.
www.policecpi.com
> 6
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40
