US Treasury Cyber Attack

The growing list of significant breaches underlines the fact that cybercrime knows no boundaries and everyone must be diligent, now more than ever.

While details of this incident are still emerging, a major security theme of this year has been vulnerabilities in leading perimeter security platforms – particularly those used to facilitate secure remote access for the instant army of remote workers the COVID-19 crisis presented us with. As a result of fast implementation and scaling, patches and upgrades for these are taking far too long, and this problem appears to be getting worse. State-backed and criminal hackers have noted this opportunity and pivoted dramatically to explore it, with devastating effect. Several major compromises and breaches exploited vulnerabilities in security products, including ransomware attacks, and these vulnerabilities are a popular constant in state-backed hackers’ arsenals.

We return again to the fundamental question of how we deal with a new world where hacking is big business and we are up against some pretty smart and well-motivated adversaries. Firstly, it is important to get the basics right. Unfortunately, the most determined and motivated attacker will keep probing until they do discover a weakness. We have seen that commercial hackers can be as sophisticated and skilled as state-sponsored adversaries. There is one crucial difference, however. A state adversary is often resource and time-constrained while a commercial adversary is only constrained by economics. Economics which currently makes hacking very attractive and lucrative.

It is also important not just to rely on technology but also to rely on business processes. We believe that the traditionally separate worlds of cybersecurity and fraud need to work together much closer as we realise that cybersecurity is not just a technical issue but an organisational issue.”