UK businesses are being urged by the Department for Digital, Culture, Media and Sport (DCMS) to protect themselves against cyber crime after new statistics show over four in ten (43%) of businesses and two in ten charities (19%) suffered a cyber breach or attack in the past 12 months. IT security experts commented below.
Koby Kilimnik, Security Researcher at Imperva:
Cybercriminals have adjusted their methods over time in many ways. For example, while ransomware targeting file servers is presently the most prevalent, cybercriminals develop other extortion-type attacks including data manipulation and database hijacking. DDoS (distributed denial of service) is textbook extortion targeting enterprise apps, although perpetrators are also looking at other methods. For example, hackers can now lock all of the doors at a hotel and demand a ransom to unlock them. This gives new meaning to “denial of service.” The emergence these tactic shows just how sophisticated cybercriminal groups have become.”
Patrick Hunter, EMEA Director at One Identity:
The data protection laws now have teeth and those teeth are sharp. The UK has always been blessed with strict data privacy laws and the government has spotted the loopholes with technology and has moved to block them. Perhaps a bit late in the day but it’s a move in the right direction.
As the report tells us, it is rarely an initial direct attack on the firewalls and servers of the target company. The attacks target the weakest link, us and our human nature. Every time a phishing mail is received why do some people still click the links? Lack of education is the biggest culprit. The “phishers” are getting significantly better at making those mails look real, even making them look like they’ve been sent internally and those people using the technology need to be educated to keep up! Many companies now play “games” with their employees to teach them how to spot real versus phish style mails.
There are other ways to protect the precious data stored on those computers. If the worst comes to the worst and our hacker has gained access then what can be done? Restricting access will always limit the damage that can be done. Using a combination of Identity Management and analytics (Identity and behavioural) a CISO can be sure that anomalous behaviour can be flagged faster than ever before and stopped in its tracks. Make sure that all of the accounts that have super user or privileged rights are locked away and cannot be used directly without secondary permission or two-factor authentication.
Cybercrime is becoming a part of everyday life, it’s the new route to market for organised crime. We have to get better at protecting ourselves and fast.”
Mark James, Security Specialist at ESET:
If you were in a position to have the expertise and knowledge to design, implement and host your security measures in house so it’s completely in your control, it would be great, but for so many companies that’s just not possible. You will have to rely on someone else’s ability to protect it.
Securing our perimeters from direct and indirect attacks can be extremely difficult. Often the attackers will utilise methods that the user is actually not only expecting but often essential in their everyday work load. We need to install software or hardware to allow the end user to do their job without having to analyse every aspect of their job, then of course we need to educate them, so if something does present itself they have the tools needed to stop it becoming a business critical issue.”