The Top 4 Cyber Threats - Is Your Business Protected?

Ransomware stories remain rife in 2022. From Nvidia, to the Costa Rica government, to schools in the UK, it seems that no public or private body is immune from attack. It seems that even those with the budget for sophisticated cyber protection are still being breached. Is it possible for businesses to ever really be protected? Absolutely – if organisations give cyber security the attention it deserves.

While many cyber security companies have advanced methods for extracting ransomware and restoring systems to normal, this can often be enormously expensive – even after the reputational hit companies take when it’s reported.

For smaller organisations, ransomware is all too often a fatal blow. Prevention is the only way to truly defeat ransomware. In light of this, what are the main weaknesses hackers are exploiting, and how can businesses strengthen their defences? 

Why phishing hasn’t gone out of fashion:    Phishing is old school, yet it remains one of the largest threats to businesses today. Sometimes referred to as the ‘spray-and-pray’ approach, these campaigns can reap benefits for cybercriminals even if only a tiny percentage of the many messages sent manage to hit their target. On the other side, a more specific form of this approach is called spear phishing, which refers to targeting and personalising an attack to a specific individual, group, or organisation. 

Phishing criminals are always seeking ways to maximise their profits, and with phishing, they know they can do that by better tailoring the email lure to resonate with the intended recipient. At the end of 2021, research carried out by BlackBerry revealed that Chinese cyber espionage group APT41 had been targeting victims in India with a supposedly state-sponsored campaign that played on people's hopes for a swift end to the pandemic. If these hackers were then able to access the user’s business emails, servers or more, they have every opportunity to cause destruction. 

It’s become increasingly difficult for everyday users to spot targeted phishing messages and spear phishing attempts.

This means that phishing defence must involve a strong partnership and action between the employee and employer. Employees play a vital role by following security guidelines, guaranteeing all their devices are protected by security software and promptly running auto-updates to ensure that phishing attackers can't exploit known, fixable vulnerabilities. Employers can bolster phishing awareness not only through regular employee training, but also by arming users with endpoint security controls for both corporate and employee-owned devices that work both online and off.

Watch out: are you being socially engineered?:   In a similar vein to phishing, social engineering baits its victims into its trap. This can be done through various methods, email, phone, texting, in person, social media and more. Hackers are now targeting their prey in numerous ways. This is particularly true of users who work at organisations which have a high value to an attacker, such as banking and financial institutions. For example, a threat actor could create a fake LinkedIn profile - or honeypot - that looks convincing enough for staff to accept their friend request. They soon amass many connections as each colleague sees they’re connected to the next and believes they must be legitimate. Through messages, often contrived to seek help or support, an employee may share a small nugget of information which is just enough to give attackers that ‘in’ they were looking for.

This is the case when considering one organisation at a time. The emergence of Artificial Intelligence (AI) as a tool in cyber means social engineering campaigns can run at scale, seeking victims with a more widespread approach. 
Again, the weak link in the security chain is the human element – the employees – which is why changing and shaping employee behaviour can make one of the longest-lasting contributions to the security of an organisation.

Once employees learn basic security protocols, they can understand just how many attacks may be prevented simply by practicing a consistent security regimen. 

Spot the vulnerabilities - before an attacker does:   Integral to computer security and network security, Vulnerability Management is the practice of identifying, classifying, prioritising, remediating, and mitigating software vulnerabilities. 

These days, hackers aren’t waiting for an exploit to be published – they are busy installing backdoors that lay dormant until they find an exploit to use. Yet some organisations still operate on the assumption that they are safe until an exploit has been publicly released. 

Unfortunately, this means that companies can be too slow to upgrade or patch systems that require it, lagging behind attackers who are sprinting ahead of those updates being run.

Organisations should therefore be proactive rather than reactive in their detection. Have a member responsible for tracking exploits, scanning the company’s systems for vulnerabilities, and patching them quickly. Systems that include AI or machine learning will provide even faster detection of threats or weaknesses. If this isn’t a possibility, outsourcing the job will provide round the clock coverage and ease of mind.

Wake up from alert fatigue:   For businesses using internal resources, alert fatigue is a major concern due to the sheer volume of security alerts requiring triage each day. Organisations tend to run multiple security solutions, which can generate hundreds or even thousands of security alerts daily, depending on the size of the business. Of these, 99% can be dismissed as false positives, or ‘noise’. Only 1% typically require investigation and 0.1% command attention. But, with a constant stream of alerts coming through, fatigue makes it difficult to focus on what really matters and can lead to true positives being missed. 

Organisations may therefore find it more cost-effective to leverage subscription-based managed detection and response (MDR) solutions.

These services provide continuous threat hunting and monitoring, including through AI, to filter data and remove the noise and irrelevant alerts, meaning they can assess real threats to the business and when to escalate, so that an organisation’s internal team can prioritise and focus their efforts.

Understanding attack techniques is the first step to mitigating them:   Cyber attackers are having a field day in 2022. There are more connected devices than ever which could provide entry points to networks, but techniques aren’t necessarily getting more sophisticated. The 2022 BlackBerry Threat Report found that the proliferation of digital channels has brought old tactics back into the mainstream, primarily because of their ability to scale. 

Fundamentally the beginning of each attack is the same – the criminal has to enter through an unsecured door. Lock all the doors and windows, and your perimeter defences become strong. Thus, businesses should exercise proactivity by building defences to prevent attacks from happening. If the resource isn’t available internally, don’t be afraid to outsource.

Education and support are vital as we all work together to ensure that hackers’ attempts to breach our defences fail time and time again.
 
 Keiron Holyome is VP UK&I and Middle East at BlackBerry

You Might Also Read: 

Why A Managed Security Service Provider Should Be On Your Cyber Roadmap:

 

« Cyber Crime Against Individuals
Japan’s Government Websites Come Under Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IX Associates

IX Associates

IX Associates is a UK based IT Integration business specialising in risk, compliance, eDefence, and network security solutions.

Foregenix

Foregenix

Foregenix are global specialists in Digital Forensics and information security including Penetration testing and Website Security.

Hillstone Networks

Hillstone Networks

Hillstone Networks offers a broad range of security solutions for enterprises and data center networks – whether physical, virtual, or in the cloud.

CRYPTTECH

CRYPTTECH

CRYPTTECH specializes in Information Security and Intelligence, Risk Evaluation and Vulnerability Recognition against Cyber-Attacks and APTs.

CERT-PH

CERT-PH

CERT-PH is the National Computer Emergency Response Team and the highest body for cybersecurity related activities in the Philippines.

Scanmeter

Scanmeter

Scanmeter helps identifying vulnerabilities in software and systems before they can be exploited by an attacker.

National CyberWatch Center

National CyberWatch Center

National CyberWatch Center is a cybersecurity consortium working to advance cybersecurity education and strengthen the national workforce.

Gluu

Gluu

Modern Authentication for Digital Enterprise. Organizations around the world trust Gluu for large-scale, high-security identity & access management.

SkyePoint Decisions

SkyePoint Decisions

SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider.

Atomic Data

Atomic Data

Atomic Data is an on-demand, always-on, pay-as-you-go expert extension of your enterprise IT team and infrastructure.

Codean

Codean

The Codean Review Environment automates mundane software analysis tasks, so security experts can focus on finding vulnerabilities.

Data Protection Commission (DPC)

Data Protection Commission (DPC)

The Data Protection Commission (DPC) is the national independent authority responsible for upholding the fundamental right of individuals in the EU to have their personal data protected.

IPKeys Cyber Partners

IPKeys Cyber Partners

IPKeys Cyber Partners, together with the IPKeys Power Partners unit, provide Cyber Security and CIP Compliance for utilities, grid operators and public safety organization across the USA.

J.S. Held

J.S. Held

J.S. Held is a global consulting firm providing technical, scientific, and financial expertise across all assets and value at risk.

Roberts & Obradovic Law

Roberts & Obradovic Law

Roberts & Obradovic Law Group is a corporate, privacy, employment and litigation law firm.

Ivolv Cybersecurity

Ivolv Cybersecurity

Ivolv is here to assist your organization in building effective protection and resilience against cyber attacks.