This year has seen the cyber security threat landscape grow larger and more complicated, with sources suggesting that attack volumes doubled in the first half of 2017. As we approach the end of the year, it is a good time to look back at the biggest dangers of the last twelve months and consider what organisations should do to defend themselves against similar threats in the future. The importance of this process shouldn’t be underestimated: our cyber security efforts in the coming three to five years could have cost implications that run into the trillions.
Two of the biggest ransomware attacks in recent memory happened in 2017. WannaCry and NotPetya hit targets all over the world, including the NHS and large companies such as Merck and Maersk. During the same period, damages caused by ransomware were predicted to hit the US$5 billion mark, an increase of fifteen-fold in two years.
Cybercriminals will only become more innovative and audacious in 2018, digging deep into the systems businesses use to exploit weaknesses. Organisations must conduct thorough audits of their systems – and those of their third-party suppliers – to identify gaps and close them.
2. Reaction times
The Equifax leak was the result of a security flaw that the company was made aware of two months prior to their unfortunate stint in the headlines. While steps had been taken to patch vulnerable systems, they were not quick enough to prevent a breach. To avoid this happening in future, organisations must act rapidly to correct security weaknesses as soon as they are identified, whether that’s through rehearsed reaction plans or consistent investment in modern security technologies.
3. The spread of misinformation
Automated bots have been at the heart of misinformation campaigns, primarily targeting political events such as last year’s US election and the Brexit referendum, as well as the German and French elections this year. Businesses will increasingly become targets for this kind of activity, with bot networks used to spread fake stories in an effort to manipulate share values. To defend against this threat, businesses should create a scenario plan for how the spread of misinformation could affect operations and extend the use of social media monitoring tools to identify potentially hostile bot networks.
4. The Internet of Things (IoT)
As the number of internet-connected smart devices in our lives increases, so too does the level of risk (one survey suggests that half of all US companies have been affected by an IoT breach). This year it was reported that the CIA had been hacking into Samsung Smart TVs to use the microphone for surveillance. Additionally, a recently-discovered vulnerability could leave Amazon Echo and Google Home devices susceptible to hacking. More needs to be done to secure these networks, including introducing improved security standards for manufacturers of IoT devices. Businesses also need to ensure they are investing in upgrades to security systems as IoT evolves.
Ultimately, an organisation’s workforce presents one of its largest and most dispersed attack surfaces. Whether through the hacking of users with privileged account access or through social engineering, hackers are using employees to get into systems through the back door. Companies must invest in thorough training so staff are practicing good security hygiene. They must also invest in privileged access management solutions to ensure that attackers with stolen security credentials can be identified immediately and their access restricted.
2017 was, unfortunately, a big year for cybercrime, with IoT breaches, ransomware attacks and internal threats demonstrating that, as technology expands our possibilities, it also expands those of hackers. These trends show no sign of abating in 2018, and will likely be joined by evolutions in ransomware, and emerging threats like malicious machine learning. In an era of rising risk, it is essential that businesses see in the New Year in good security health.