North Korea has been expanding its cyber warfare capabilities and is now poised to launch large scale cyber attacks against other nations states. This comes on the same day that a Freedom of Information request has revealed that 25% of UK councils have suffered a data breach in the last five years.
North Korea poised to launch large-scale cyberattacks, says new report – Washington Post
Councils ‘unprepared’ for cyber-attacks, report says – BBC
Fraser Kyne, EMEA CTO at Bromium below, explaining how this leaves the UK vulnerable to nation state attacks, and how to reduce the threat.
Fraser Kyne, EMEA CTO at Bromium:
“When you consider that 25% of UK councils have been breached in the last five years, this report should raise the alarm for any organisations unprepared for such attacks. But it would be foolish to think that North Korea is the only nation state engaged in such behaviour. Whether it’s a sophisticated zero day attack, or a more simplistic phishing attempt, this report shows that the threat from nation state attacks is very real.
“We have already seen these attacks can have a huge impact on everyday life – just look at all the hospital appointments that had to be cancelled last year following WannaCry. Yet all this disruption and chaos can often be no more than a distraction designed to divert attention from the actor’s real intention. This helps hackers to siphon sensitive data while SOC (Security Operations Centre) teams are busy putting out fires. This type of activity can have serious long-term implications to national security. A determined actor can easily bypass current cyber-defences which are woefully ill-equipped to deal with these attacks. Government and businesses alike are still relying on somehow predicting when lightning is going to strike, and detecting hackers before they can cause disruption – which is impossible and has been proven to fail. Whether it’s a nation state hacker or a bored teenager, the fact is hackers can easily slip through the net undetected. It’s time to accept this and to start changing our approach to focus on protection. Virtualisation is a game-changer. By isolating all applications within virtual machines, malware is rendered useless – hackers have nowhere to go, nothing to steal, and organisations can go about business as usual.”