Cyber-security and cyber-crime have been major talking points in recent years, with breaches and hacks affecting some of the largest companies and putting millions of individuals at risk. The growing use of technology adds fuel to the fire and gives cyber-criminals greater opportunity to extort, hack or otherwise utilise poorly defended systems for their own gain. However, not all cyber-security threats are caused by external sources; some of the most common causes of downtime to businesses are internal factors or a case of technology not acting according to plan.
2018 has seen many organisations and headlines focus on cyber-security and data protection, not least due to the implementation of the General Data Protection Regulation (GDPR) across Europe. This renewed focus comes with the first major update to data protection laws in over two decades, a period in which technology has come a long way.
Drawing on the experiences of advising and helping organisations to protect against the effects of cyber-crimes for 20-years, Redstor published a guiding document, ‘How to protect your IT environment against the evolving threat of cyber-crime’ in February 2018. Download the document here.
Cyber-security crimes and incidents in 2018
Cyber-crimes and incidents have become headline worthy news and with the names of companies effected including the likes of Facebook and Uber it’s no little wonder why. Despite an updated mandate to ensure that all incidents are reported quickly, some organisations are failing to do so, and incidents make news years afterwards.
Spectre and Meltdown
The year kicked off in fine form as it was announced that widely used microchips manufactured by Intel and other firms included an exploitable vulnerability that could lead to large scale data breaches. The Spectre and Meltdown vulnerabilities gave hackers the ability to access cached data stored in an operating system kernel. While most implementations limit access to this cache, a malicious code of ransomware strain could be designed to assist in data theft.
This vulnerability was discovered by the Google Project Zero team and manufacturers at Intel and others worked to patch systems against the vulnerability very quickly following it making headlines.
Malware and ransomware dominated news-headlines throughout 2016 and 2017 as thousands of organisations were hit. The growth in use of crypto-currencies at the same time lead to the widescale use of crypt-currency as a payment method for exploitation or ransom by cyber-criminals. In February, crypto-jacking made headlines as a strain of malware designed to infect websites and mine crypto-currency from them was found on a number of sites including some UK government sites and the Information Commissioner’s Office (ICO) website.
Not for the first time the telecommunications and electronics retail brand came under fire when a large-scale breach of systems led to details of millions of customers being stolen. The breach which was not detailed, allowed hackers to steal card details of close to 6 million customers in addition to personal information of over 1 million customers. While pin numbers were not held this represents a significant risk to users, be it through fraudulent activity or further attacks such as ransomware.
This is not the first time Dixons Carphone have faced a breach, with a similar incident occurring in 2015.
Is cyber-security becoming a bigger worry for organisations?
As the use of technology grows in both our personal and business lives, it can be all too easy to become reliant on it. As this happens the cost of downtime increases, and organisations must prepare for this. Disaster Recovery and Business Continuity grows in importance and systems must also be tested so that failover processes will work when needed most. Different threats may result in different types of downtime or lead to inaccessibility of certain systems and different stakeholders may require certain systems back first, this will also need to be accounted for.
Organisations are starting to pay more attention to the threats of cyber-crime and cyber-security is a growing industry because of this. The use of new technologies like cloud and AI will also help develop how cyber-security is utilised by organisations as innovative solutions are created.
Find out more about cyber-crime and how to protect against the threats of it by downloading the whitepaper here.