The Top 4 Cyber Threats - Is Your Business Protected?

Ransomware stories remain rife in 2022. From Nvidia, to the Costa Rica government, to schools in the UK, it seems that no public or private body is immune from attack. It seems that even those with the budget for sophisticated cyber protection are still being breached. Is it possible for businesses to ever really be protected? Absolutely – if organisations give cyber security the attention it deserves.

While many cyber security companies have advanced methods for extracting ransomware and restoring systems to normal, this can often be enormously expensive – even after the reputational hit companies take when it’s reported.

For smaller organisations, ransomware is all too often a fatal blow. Prevention is the only way to truly defeat ransomware. In light of this, what are the main weaknesses hackers are exploiting, and how can businesses strengthen their defences? 

Why phishing hasn’t gone out of fashion:    Phishing is old school, yet it remains one of the largest threats to businesses today. Sometimes referred to as the ‘spray-and-pray’ approach, these campaigns can reap benefits for cybercriminals even if only a tiny percentage of the many messages sent manage to hit their target. On the other side, a more specific form of this approach is called spear phishing, which refers to targeting and personalising an attack to a specific individual, group, or organisation. 

Phishing criminals are always seeking ways to maximise their profits, and with phishing, they know they can do that by better tailoring the email lure to resonate with the intended recipient. At the end of 2021, research carried out by BlackBerry revealed that Chinese cyber espionage group APT41 had been targeting victims in India with a supposedly state-sponsored campaign that played on people's hopes for a swift end to the pandemic. If these hackers were then able to access the user’s business emails, servers or more, they have every opportunity to cause destruction. 

It’s become increasingly difficult for everyday users to spot targeted phishing messages and spear phishing attempts.

This means that phishing defence must involve a strong partnership and action between the employee and employer. Employees play a vital role by following security guidelines, guaranteeing all their devices are protected by security software and promptly running auto-updates to ensure that phishing attackers can't exploit known, fixable vulnerabilities. Employers can bolster phishing awareness not only through regular employee training, but also by arming users with endpoint security controls for both corporate and employee-owned devices that work both online and off.

Watch out: are you being socially engineered?:   In a similar vein to phishing, social engineering baits its victims into its trap. This can be done through various methods, email, phone, texting, in person, social media and more. Hackers are now targeting their prey in numerous ways. This is particularly true of users who work at organisations which have a high value to an attacker, such as banking and financial institutions. For example, a threat actor could create a fake LinkedIn profile - or honeypot - that looks convincing enough for staff to accept their friend request. They soon amass many connections as each colleague sees they’re connected to the next and believes they must be legitimate. Through messages, often contrived to seek help or support, an employee may share a small nugget of information which is just enough to give attackers that ‘in’ they were looking for.

This is the case when considering one organisation at a time. The emergence of Artificial Intelligence (AI) as a tool in cyber means social engineering campaigns can run at scale, seeking victims with a more widespread approach. 
Again, the weak link in the security chain is the human element – the employees – which is why changing and shaping employee behaviour can make one of the longest-lasting contributions to the security of an organisation.

Once employees learn basic security protocols, they can understand just how many attacks may be prevented simply by practicing a consistent security regimen. 

Spot the vulnerabilities - before an attacker does:   Integral to computer security and network security, Vulnerability Management is the practice of identifying, classifying, prioritising, remediating, and mitigating software vulnerabilities. 

These days, hackers aren’t waiting for an exploit to be published – they are busy installing backdoors that lay dormant until they find an exploit to use. Yet some organisations still operate on the assumption that they are safe until an exploit has been publicly released. 

Unfortunately, this means that companies can be too slow to upgrade or patch systems that require it, lagging behind attackers who are sprinting ahead of those updates being run.

Organisations should therefore be proactive rather than reactive in their detection. Have a member responsible for tracking exploits, scanning the company’s systems for vulnerabilities, and patching them quickly. Systems that include AI or machine learning will provide even faster detection of threats or weaknesses. If this isn’t a possibility, outsourcing the job will provide round the clock coverage and ease of mind.

Wake up from alert fatigue:   For businesses using internal resources, alert fatigue is a major concern due to the sheer volume of security alerts requiring triage each day. Organisations tend to run multiple security solutions, which can generate hundreds or even thousands of security alerts daily, depending on the size of the business. Of these, 99% can be dismissed as false positives, or ‘noise’. Only 1% typically require investigation and 0.1% command attention. But, with a constant stream of alerts coming through, fatigue makes it difficult to focus on what really matters and can lead to true positives being missed. 

Organisations may therefore find it more cost-effective to leverage subscription-based managed detection and response (MDR) solutions.

These services provide continuous threat hunting and monitoring, including through AI, to filter data and remove the noise and irrelevant alerts, meaning they can assess real threats to the business and when to escalate, so that an organisation’s internal team can prioritise and focus their efforts.

Understanding attack techniques is the first step to mitigating them:   Cyber attackers are having a field day in 2022. There are more connected devices than ever which could provide entry points to networks, but techniques aren’t necessarily getting more sophisticated. The 2022 BlackBerry Threat Report found that the proliferation of digital channels has brought old tactics back into the mainstream, primarily because of their ability to scale. 

Fundamentally the beginning of each attack is the same – the criminal has to enter through an unsecured door. Lock all the doors and windows, and your perimeter defences become strong. Thus, businesses should exercise proactivity by building defences to prevent attacks from happening. If the resource isn’t available internally, don’t be afraid to outsource.

Education and support are vital as we all work together to ensure that hackers’ attempts to breach our defences fail time and time again.
 
 Keiron Holyome is VP UK&I and Middle East at BlackBerry

You Might Also Read: 

Why A Managed Security Service Provider Should Be On Your Cyber Roadmap:

 

« Cyber Crime Against Individuals
Japan’s Government Websites Come Under Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

APMG International (APM Group)

APMG International (APM Group)

APM Group is a global accreditation, certification and examination body specializing in certification schemes for individuals, organizations and software.

MixMode

MixMode

MixMode's PacketSled platform delivers network monitoring, deep forensic analysis and incident response.

Cybersecurity Collaborative

Cybersecurity Collaborative

CyberSecurity Collaborative is a forum for CISOs to share information that will collectively make us stronger, and better equipped to protect our enterprises from those seeking to damage them.

Dark Cubed

Dark Cubed

Dark Cubed is an easy-to-use cyber security software as a service (SaaS) platform that deploys instantly and delivers enterprise-grade threat identification and protection at a fraction of the cost.

ValidSoft

ValidSoft

ValidSoft is a security software company, providing telecommunications-based multi-factor authentication, identity and transaction verification technology.

SynerLeap

SynerLeap

SynerLeap is ABB's innovation growth hub. Our aim is to help startups accelerate and expand across industries, ranging from industrial automation and robotics to grid technologies and smart cities.

SecSign Technologies

SecSign Technologies

SecSign Technologies delivers user authentication, messaging, file sharing, and file storage with next generation security for company networks, websites, platforms, and devices.

Panther Labs

Panther Labs

Panther’s mission is to make security monitoring fast, flexible and scalable for all security teams.

Toka Group

Toka Group

Toka empowers government agencies with critical and previously out-of-reach digital forensics, force protection and Intelligence capabilities, tackling the fields' most pressing challenges.

Nuts Technologies

Nuts Technologies

Nuts Technologies are simplifying data privacy and encryption with our innovative and novel data containers we call nuts based on our Zero Trust Data framework.

CertNexus

CertNexus

CertNexus is a vendor-neutral certification body, providing emerging technology certifications and micro-credentials for business, data, developer, IT, and security professionals.

Chugach Government Solutions (CGS)

Chugach Government Solutions (CGS)

CGS performs work for the Federal Government across 4 unique core lines of business, including: Facilities Management and Maintenance, Construction, Technical IT and Cyber Services, and Educational Se

Varutra Consulting

Varutra Consulting

Varutra Consulting is an Cyber Security Consulting, Solutions and Training services firm, providing specialized security services for software, mobile and network.

Solcon Capital

Solcon Capital

Solcon Capital is a forward-looking, technology-focused investment firm that is committed to identifying and investing in the most promising areas of innovation and development in the tech industry.

Readynez

Readynez

Readynez is the digital skills concierge service that helps you ensure your workforce has the tech skills and resources needed to stay ahead of the digital curve.

Beacon Technology

Beacon Technology

Beacon Technology offers a comprehensive platform consisting of XDR, VMDR, and Breach and Attack simulation tools.