UK businesses are being urged by the Department for Digital, Culture, Media and Sport (DCMS) to protect themselves against cyber crime after new statistics show over four in ten (43%) of businesses and two in ten charities (19%) suffered a cyber breach or attack in the past 12 months. IT security experts commented below.
Koby Kilimnik, Security Researcher at Imperva:
“Cybercrime is now an industry unto itself. And, just as any industry evolves, so does the cybercrime industry. Data is at the centre of the cybercrime industry and at the centre of today’s digital environment. Additionally, there is more data is in more places than ever before, available through more apps, and accessed by more people. As a result cybercriminals have a far greater attack surface.
Cybercriminals have adjusted their methods over time in many ways. For example, while ransomware targeting file servers is presently the most prevalent, cybercriminals develop other extortion-type attacks including data manipulation and database hijacking. DDoS (distributed denial of service) is textbook extortion targeting enterprise apps, although perpetrators are also looking at other methods. For example, hackers can now lock all of the doors at a hotel and demand a ransom to unlock them. This gives new meaning to “denial of service.” The emergence these tactic shows just how sophisticated cybercriminal groups have become.”
Patrick Hunter, EMEA Director at One Identity:
“Whilst the facts stated are disturbing and disheartening, they are nothing new. Companies in general, whether large, small, charities etc., are starting to wake up and discover that the criminals have moved on and are using the latest technology to get what they want. This wake up is partially attributable to the work done by the National Cyber Security Centre but cynics might decide it is more about the fines and risks to the brand of the organisation breached.
The data protection laws now have teeth and those teeth are sharp. The UK has always been blessed with strict data privacy laws and the government has spotted the loopholes with technology and has moved to block them. Perhaps a bit late in the day but it’s a move in the right direction.
As the report tells us, it is rarely an initial direct attack on the firewalls and servers of the target company. The attacks target the weakest link, us and our human nature. Every time a phishing mail is received why do some people still click the links? Lack of education is the biggest culprit. The “phishers” are getting significantly better at making those mails look real, even making them look like they’ve been sent internally and those people using the technology need to be educated to keep up! Many companies now play “games” with their employees to teach them how to spot real versus phish style mails.
There are other ways to protect the precious data stored on those computers. If the worst comes to the worst and our hacker has gained access then what can be done? Restricting access will always limit the damage that can be done. Using a combination of Identity Management and analytics (Identity and behavioural) a CISO can be sure that anomalous behaviour can be flagged faster than ever before and stopped in its tracks. Make sure that all of the accounts that have super user or privileged rights are locked away and cannot be used directly without secondary permission or two-factor authentication.
Cybercrime is becoming a part of everyday life, it’s the new route to market for organised crime. We have to get better at protecting ourselves and fast.”
Mark James, Security Specialist at ESET:
“Sadly cyber-attacks are part and parcel of our interaction with the digital universe that surrounds us in everything we do. From checking the news in the morning through to ordering your daily shot of coffee for collection, collecting, storing and distributing data is often a key factor of any organisation, no matter of size. Some personal, some private and of course a good amount is public, but regardless of its tag there’s one thing you can sure off – someone, somewhere is trying to get their hands on it.
If you were in a position to have the expertise and knowledge to design, implement and host your security measures in house so it’s completely in your control, it would be great, but for so many companies that’s just not possible. You will have to rely on someone else’s ability to protect it.
Securing our perimeters from direct and indirect attacks can be extremely difficult. Often the attackers will utilise methods that the user is actually not only expecting but often essential in their everyday work load. We need to install software or hardware to allow the end user to do their job without having to analyse every aspect of their job, then of course we need to educate them, so if something does present itself they have the tools needed to stop it becoming a business critical issue.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.