The Top 4 Cyber Threats - Is Your Business Protected?

Uploaded on 2022-09-12 in TECHNOLOGY--Resilience, FREE TO VIEW

Ransomware stories remain rife in 2022. From Nvidia, to the Costa Rica government, to schools in the UK, it seems that no public or private body is immune from attack. It seems that even those with the budget for sophisticated cyber protection are still being breached. Is it possible for businesses to ever really be protected? Absolutely – if organisations give cyber security the attention it deserves.

While many cyber security companies have advanced methods for extracting ransomware and restoring systems to normal, this can often be enormously expensive – even after the reputational hit companies take when it’s reported.

For smaller organisations, ransomware is all too often a fatal blow. Prevention is the only way to truly defeat ransomware. In light of this, what are the main weaknesses hackers are exploiting, and how can businesses strengthen their defences? 

Why phishing hasn’t gone out of fashion:    Phishing is old school, yet it remains one of the largest threats to businesses today. Sometimes referred to as the ‘spray-and-pray’ approach, these campaigns can reap benefits for cybercriminals even if only a tiny percentage of the many messages sent manage to hit their target. On the other side, a more specific form of this approach is called spear phishing, which refers to targeting and personalising an attack to a specific individual, group, or organisation. 

Phishing criminals are always seeking ways to maximise their profits, and with phishing, they know they can do that by better tailoring the email lure to resonate with the intended recipient. At the end of 2021, research carried out by BlackBerry revealed that Chinese cyber espionage group APT41 had been targeting victims in India with a supposedly state-sponsored campaign that played on people's hopes for a swift end to the pandemic. If these hackers were then able to access the user’s business emails, servers or more, they have every opportunity to cause destruction. 

It’s become increasingly difficult for everyday users to spot targeted phishing messages and spear phishing attempts.

This means that phishing defence must involve a strong partnership and action between the employee and employer. Employees play a vital role by following security guidelines, guaranteeing all their devices are protected by security software and promptly running auto-updates to ensure that phishing attackers can't exploit known, fixable vulnerabilities. Employers can bolster phishing awareness not only through regular employee training, but also by arming users with endpoint security controls for both corporate and employee-owned devices that work both online and off.

Watch out: are you being socially engineered?:   In a similar vein to phishing, social engineering baits its victims into its trap. This can be done through various methods, email, phone, texting, in person, social media and more. Hackers are now targeting their prey in numerous ways. This is particularly true of users who work at organisations which have a high value to an attacker, such as banking and financial institutions. For example, a threat actor could create a fake LinkedIn profile - or honeypot - that looks convincing enough for staff to accept their friend request. They soon amass many connections as each colleague sees they’re connected to the next and believes they must be legitimate. Through messages, often contrived to seek help or support, an employee may share a small nugget of information which is just enough to give attackers that ‘in’ they were looking for.

This is the case when considering one organisation at a time. The emergence of Artificial Intelligence (AI) as a tool in cyber means social engineering campaigns can run at scale, seeking victims with a more widespread approach. 
Again, the weak link in the security chain is the human element – the employees – which is why changing and shaping employee behaviour can make one of the longest-lasting contributions to the security of an organisation.

Once employees learn basic security protocols, they can understand just how many attacks may be prevented simply by practicing a consistent security regimen. 

Spot the vulnerabilities - before an attacker does:   Integral to computer security and network security, Vulnerability Management is the practice of identifying, classifying, prioritising, remediating, and mitigating software vulnerabilities. 

These days, hackers aren’t waiting for an exploit to be published – they are busy installing backdoors that lay dormant until they find an exploit to use. Yet some organisations still operate on the assumption that they are safe until an exploit has been publicly released. 

Unfortunately, this means that companies can be too slow to upgrade or patch systems that require it, lagging behind attackers who are sprinting ahead of those updates being run.

Organisations should therefore be proactive rather than reactive in their detection. Have a member responsible for tracking exploits, scanning the company’s systems for vulnerabilities, and patching them quickly. Systems that include AI or machine learning will provide even faster detection of threats or weaknesses. If this isn’t a possibility, outsourcing the job will provide round the clock coverage and ease of mind.

Wake up from alert fatigue:   For businesses using internal resources, alert fatigue is a major concern due to the sheer volume of security alerts requiring triage each day. Organisations tend to run multiple security solutions, which can generate hundreds or even thousands of security alerts daily, depending on the size of the business. Of these, 99% can be dismissed as false positives, or ‘noise’. Only 1% typically require investigation and 0.1% command attention. But, with a constant stream of alerts coming through, fatigue makes it difficult to focus on what really matters and can lead to true positives being missed. 

Organisations may therefore find it more cost-effective to leverage subscription-based managed detection and response (MDR) solutions.

These services provide continuous threat hunting and monitoring, including through AI, to filter data and remove the noise and irrelevant alerts, meaning they can assess real threats to the business and when to escalate, so that an organisation’s internal team can prioritise and focus their efforts.

Understanding attack techniques is the first step to mitigating them:   Cyber attackers are having a field day in 2022. There are more connected devices than ever which could provide entry points to networks, but techniques aren’t necessarily getting more sophisticated. The 2022 BlackBerry Threat Report found that the proliferation of digital channels has brought old tactics back into the mainstream, primarily because of their ability to scale. 

Fundamentally the beginning of each attack is the same – the criminal has to enter through an unsecured door. Lock all the doors and windows, and your perimeter defences become strong. Thus, businesses should exercise proactivity by building defences to prevent attacks from happening. If the resource isn’t available internally, don’t be afraid to outsource.

Education and support are vital as we all work together to ensure that hackers’ attempts to breach our defences fail time and time again.
 
 Keiron Holyome is VP UK&I and Middle East at BlackBerry

You Might Also Read: 

Why A Managed Security Service Provider Should Be On Your Cyber Roadmap:

 

« Cyber Crime Against Individuals
Japan’s Government Websites Come Under Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

National Crime Agency (NCA) - United Kingdom

National Crime Agency (NCA) - United Kingdom

The NCA's Cyber Crime Unit focuses on critical cyber incidents in the UK as well as longer-term activity against the criminals and the services on which they depend.

Kenna Security

Kenna Security

Kenna Security is a risk intelligence & vulnerability management platform that helps prioritize and remediate vulnerabilities.

Flexera

Flexera

Flexera is reimagining the way software is bought, sold, managed and secured.

Nexus Group

Nexus Group

Nexus Group develops identity solutions for physical and digital access.

The Open Group

The Open Group

The Open Group: Leading the development of open, vendor-neutral IT standards and certifications.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Golden Frog

Golden Frog

Golden Frog is a Virtual Private Network services provider offering secure encrypted access to the internet.

TitanHQ

TitanHQ

TitanHQ offers ultimate protection from internet based threats and powerful Web filtering functionalities to SMBs, Service Providers and Education sectors around the World.

Pixalate

Pixalate

Pixalate is an omni-channel fraud intelligence company that works with brands and platforms to prevent invalid traffic and improve ad inventory quality.

Innova

Innova

Innova is Turkey's leading IT solutions company, providing platform independent solutions to organizations in telecommunication, finance, production, public and service sectors.

Cybersecurity Collaboration Forum

Cybersecurity Collaboration Forum

The mission of the Cybersecurity Collaboration Forum is to foster information security communication and idea sharing across the C-Suite, enabling leaders to better protect their enterprises.

Wontok

Wontok

Wontok deliver innovative value-added data security services that fill the gaps left in traditional security solutions.

Theta432

Theta432

THETA432 is a cybersecurity firm that provides 24/7/365 managed prevention, detection, response, Hybrid SOC, cyber defense monitoring services with dynamically defined defense (3D™).

Def-Logix

Def-Logix

Def-Logix was founded in 2008 to help solve cyber threats being experienced by government agencies of the United States.

Eficens Systems

Eficens Systems

Eficens Systems is a global IT services and consulting company. We specialize in empowering businesses to harness the potential of Information Technology as a strategic asset.

Aim Security

Aim Security

Aim empowers enterprises to unlock the full potential of GenAI technology without compromising security. GenAI makes business better - Aim makes GenAI secure.