The last 18-months has seen several cyber-attacks and cyber-crimes taking down critical networks and affecting organisations across the globe. As organisations develop cyber-security strategies and attempt to mitigate risk, it is vital to ensure that processes are in place to recover, should an attack strike.
“Cyber-crime is simply any criminal activity that occurs by means of computers or the internet.”
The evolving threat of cyber-crime
The threats of cyber-crime are not only growing in volume but the way in which attacks are focused are changing. Cyber-criminals have realised that by combining strains of code they can boost the effectiveness of attacks, often resulting in being paid large sums. The WannaCry cyber-attacks, which took place in May 2017, for example, utilised a ‘worm’ code to speed up the rate of infection; the ransomware strain was responsible for infecting over 300,000 organisations in over 150 countries in just 3-days.
As many attacks still rely on some element of human interaction, or error, to initiate, cyber-criminals must regularly update strains of code and the way in which they focus attacks, to be successful; Traditional anti-virus solutions are regularly updated to include protection against new malware strains. By using new methods to spread an attack, cyber-criminals are likely to improve their chances of success and with regards to ransomware, improve the chances of a ransom being paid.
Types of attack
Ransomware is one of the most well-known types of cyber-crime today, due in part to its rapid growth in volume through-out 2016. Although ransomware attacks, which encrypt a user’s data or systems and demand a ransom payment for its return, have been around for several years, it is only recently that cybercriminals have really cashed in and begun mass targeting people on a global scale to extort payments. Among those who have made the news having been hit, are hospitals, charities and schools; it is reported that some ransom payments have demanded up to $1million.
Botnet’s are lesser known kinds of attack, in name and nature. Botnet strains of malware infect and control endpoints, such as servers, PC’s or even Wifi routers, so that they can be used for alternative purposes. Often Botnets will take advantage of poor security levels, such as administration passwords and details. The Botnet can then be used to send spam, flood networks or implement other types of cyber-attacks.
A phishing attack is usually stage one of a multi-stage attack as it is used to gather information such as account details, email addresses or passwords. A phishing attack is usually indiscriminately distributed by email, is designed to appear as if sent from a legitimate sender and will often link through to an illegitimate site requesting the entry of personal data. In recent years, we have seen the addition of ‘spear-phishing’ and ‘whaling’. These terms refer to increasingly targeted methods of gathering more valuable information from specific information or high-profile targets with access to valuable information.
Protecting against cyber-threats
Cyber-threats can clearly cause huge issues for organisations who are not protected or who fall victim to attacks, causing downtime, loss of revenues and even reputational damage. In addition, regulations and data protection legislation also require organisations to reduce the risk of suffering a breach. It is vital to protect against cyber-attacks and although it is difficult to be 100% covered, there are several methods that can be used to reduce risk.
Internal procedures and governance can have a large say in the protection of data and systems. By limiting who can access networks and important applications an organisation can limit where an infection can come from. Governance will also set benchmarks internally for organisations to adhere to and assuming they are regularly tested, IT staff can regularly understand where risk may come from and take actions to reduce it.
Human error or intervention is often still the first step of an attack or infection, either by opening malicious attachments, emails or websites or using infected media. By training and educating staff on the threats of cyber-crime and how to be more aware, an organisation can quickly start to reduce risk associated. Simple things like showing staff how to spot a malicious email or unsecured website can pay dividends in the long-run.
To read the full whitepaper on the evolving threats of cyber-crime and to learn how to protect against threats, download the whitepaper now.