The Top 4 Cyber Threats - Is Your Business Protected?

Ransomware stories remain rife in 2022. From Nvidia, to the Costa Rica government, to schools in the UK, it seems that no public or private body is immune from attack. It seems that even those with the budget for sophisticated cyber protection are still being breached. Is it possible for businesses to ever really be protected? Absolutely – if organisations give cyber security the attention it deserves.

While many cyber security companies have advanced methods for extracting ransomware and restoring systems to normal, this can often be enormously expensive – even after the reputational hit companies take when it’s reported.

For smaller organisations, ransomware is all too often a fatal blow. Prevention is the only way to truly defeat ransomware. In light of this, what are the main weaknesses hackers are exploiting, and how can businesses strengthen their defences? 

Why phishing hasn’t gone out of fashion:    Phishing is old school, yet it remains one of the largest threats to businesses today. Sometimes referred to as the ‘spray-and-pray’ approach, these campaigns can reap benefits for cybercriminals even if only a tiny percentage of the many messages sent manage to hit their target. On the other side, a more specific form of this approach is called spear phishing, which refers to targeting and personalising an attack to a specific individual, group, or organisation. 

Phishing criminals are always seeking ways to maximise their profits, and with phishing, they know they can do that by better tailoring the email lure to resonate with the intended recipient. At the end of 2021, research carried out by BlackBerry revealed that Chinese cyber espionage group APT41 had been targeting victims in India with a supposedly state-sponsored campaign that played on people's hopes for a swift end to the pandemic. If these hackers were then able to access the user’s business emails, servers or more, they have every opportunity to cause destruction. 

It’s become increasingly difficult for everyday users to spot targeted phishing messages and spear phishing attempts.

This means that phishing defence must involve a strong partnership and action between the employee and employer. Employees play a vital role by following security guidelines, guaranteeing all their devices are protected by security software and promptly running auto-updates to ensure that phishing attackers can't exploit known, fixable vulnerabilities. Employers can bolster phishing awareness not only through regular employee training, but also by arming users with endpoint security controls for both corporate and employee-owned devices that work both online and off.

Watch out: are you being socially engineered?:   In a similar vein to phishing, social engineering baits its victims into its trap. This can be done through various methods, email, phone, texting, in person, social media and more. Hackers are now targeting their prey in numerous ways. This is particularly true of users who work at organisations which have a high value to an attacker, such as banking and financial institutions. For example, a threat actor could create a fake LinkedIn profile - or honeypot - that looks convincing enough for staff to accept their friend request. They soon amass many connections as each colleague sees they’re connected to the next and believes they must be legitimate. Through messages, often contrived to seek help or support, an employee may share a small nugget of information which is just enough to give attackers that ‘in’ they were looking for.

This is the case when considering one organisation at a time. The emergence of Artificial Intelligence (AI) as a tool in cyber means social engineering campaigns can run at scale, seeking victims with a more widespread approach. 
Again, the weak link in the security chain is the human element – the employees – which is why changing and shaping employee behaviour can make one of the longest-lasting contributions to the security of an organisation.

Once employees learn basic security protocols, they can understand just how many attacks may be prevented simply by practicing a consistent security regimen. 

Spot the vulnerabilities - before an attacker does:   Integral to computer security and network security, Vulnerability Management is the practice of identifying, classifying, prioritising, remediating, and mitigating software vulnerabilities. 

These days, hackers aren’t waiting for an exploit to be published – they are busy installing backdoors that lay dormant until they find an exploit to use. Yet some organisations still operate on the assumption that they are safe until an exploit has been publicly released. 

Unfortunately, this means that companies can be too slow to upgrade or patch systems that require it, lagging behind attackers who are sprinting ahead of those updates being run.

Organisations should therefore be proactive rather than reactive in their detection. Have a member responsible for tracking exploits, scanning the company’s systems for vulnerabilities, and patching them quickly. Systems that include AI or machine learning will provide even faster detection of threats or weaknesses. If this isn’t a possibility, outsourcing the job will provide round the clock coverage and ease of mind.

Wake up from alert fatigue:   For businesses using internal resources, alert fatigue is a major concern due to the sheer volume of security alerts requiring triage each day. Organisations tend to run multiple security solutions, which can generate hundreds or even thousands of security alerts daily, depending on the size of the business. Of these, 99% can be dismissed as false positives, or ‘noise’. Only 1% typically require investigation and 0.1% command attention. But, with a constant stream of alerts coming through, fatigue makes it difficult to focus on what really matters and can lead to true positives being missed. 

Organisations may therefore find it more cost-effective to leverage subscription-based managed detection and response (MDR) solutions.

These services provide continuous threat hunting and monitoring, including through AI, to filter data and remove the noise and irrelevant alerts, meaning they can assess real threats to the business and when to escalate, so that an organisation’s internal team can prioritise and focus their efforts.

Understanding attack techniques is the first step to mitigating them:   Cyber attackers are having a field day in 2022. There are more connected devices than ever which could provide entry points to networks, but techniques aren’t necessarily getting more sophisticated. The 2022 BlackBerry Threat Report found that the proliferation of digital channels has brought old tactics back into the mainstream, primarily because of their ability to scale. 

Fundamentally the beginning of each attack is the same – the criminal has to enter through an unsecured door. Lock all the doors and windows, and your perimeter defences become strong. Thus, businesses should exercise proactivity by building defences to prevent attacks from happening. If the resource isn’t available internally, don’t be afraid to outsource.

Education and support are vital as we all work together to ensure that hackers’ attempts to breach our defences fail time and time again.
 
 Keiron Holyome is VP UK&I and Middle East at BlackBerry

You Might Also Read: 

Why A Managed Security Service Provider Should Be On Your Cyber Roadmap:

 

« Cyber Crime Against Individuals
Japan’s Government Websites Come Under Attack »

Quartz Conference
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Identity Theft Resource Center (ITRC)

Identity Theft Resource Center (ITRC)

ITRC is a non-profit organization established to empower and guide consumers, victims, business and government to minimize risk and mitigate the impact of identity compromise and crime.

Native Tele-Data Solutions (NTDS)

Native Tele-Data Solutions (NTDS)

NTDS is a leader in IT technology design and installation, specializing in standardized structured cable systems for voice, data, security and video.

DataCore Software

DataCore Software

DataCore Software is a leader in Software-Defined Storage. Solutions offered include back up and disaster recovery.

Civica

Civica

Civica provides cloud-based managed IT services, hosting and outsourcing.

Experian

Experian

Experian provide software solutions to help organizations prevent identity fraud and crime.

CYBER 1

CYBER 1

CYBER 1 provides cyber security solutions to customers wanting to be resilient against new and existing threats.

Digital Innovation Hub Slovenia (DIH)

Digital Innovation Hub Slovenia (DIH)

DIH Slovenia is a central hub providing services to grow digital competencies in areas including robotics, IoT, cyberphysical systems and cybersecurity.

Veracity Industrial Networks

Veracity Industrial Networks

Veracity provides an innovative industrial network platform that improves the reliability, efficiency, and security of industrial networks and devices.

FirstPoint Mobile Guard

FirstPoint Mobile Guard

FirstPoint Mobile Guard has developed the market’s most advanced solution for securing cellular devices, including mobile phones and IoT products, by blocking malicious data leakage.

Veritas Technologies

Veritas Technologies

Veritas provide industry-leading solutions that cover all platforms with backup and recovery, business continuity, software-defined storage and information governance.

Finite State

Finite State

Finite State offers a security solution for enterprise networks that are rapidly being overwhelmed by IoT devices.

CSC Digital Brand Services

CSC Digital Brand Services

Our brand protection and security expertise give our customers peace of mind that no matter how fast the digital world changes, their intellectual property and digital assets will be secure.

Cyberspace Solarium Commission (CSC)

Cyberspace Solarium Commission (CSC)

The Cyberspace Solarium Commission was established to develop a consensus on a strategic approach to defending the United States in cyberspace against cyber attacks of significant consequences.

Nokia

Nokia

Nokia is a proven leader in fixed, mobile and IoT security offering capabilities that range from systems design to integration and support.

Secure Digital Solutions (SDS)

Secure Digital Solutions (SDS)

Secure Digital Solutions is a leading consulting firm in the business of information security providing cyber security program strategy, enterprise risk and compliance, and data privacy.

Voodoo Security

Voodoo Security

Voodoo Security is a specialized information security consulting firm focused on security assessments, risk and compliance analysis, and cloud security.