The world of cybersecurity is constantly evolving, and businesses and individuals alike must stay vigilant against the latest threats.
In recent years the cybersecurity landscape has undergone significant changes, with new threats emerging and existing threats becoming more sophisticated and dangerous.
One of the most significant changes has been the rise of cybercrime as a highly organised and profitable enterprise.
‘Increasingly sophisticated’
Cybercriminals are increasingly sophisticated in their methods, using advanced techniques such as social engineering and spear phishing to gain access to sensitive information. They are also targeting new industries and areas of vulnerability, such as healthcare, energy and the Internet of Things (IoT).
In years gone by cybercriminals would likely have infected your system with malware, encrypted the data and demanded a ransom to provide decryption keys. We are now seeing many more cases of criminals exfiltrating data before demanding a ransom.
If you don’t pay, they make the data public. Kudos to all the companies that refuse to pay, but many do and we often never know who they are.
Examples of common cybercrimes include ransomware and phishing.
Ransomware
This has become a major threat in recent years. Ransomware is a type of malware that encrypts files on a computer or network, making them inaccessible to the user. The attacker then demands payment in exchange for the decryption key, often using cryptocurrency to evade detection.
Ransomware attacks can be devastating for businesses, causing significant downtime and financial losses. In 2017 NHS IT systems were crippled due to a massive ransomware attack.
Meanwhile, a ransomware outbreak against shipping giant Maersk cost it $300 million (£245 million).
Phishing
These are another increasingly common threat. Phishing is a technique used by cybercriminals to trick individuals into revealing sensitive information, such as passwords or credit card numbers.
Phishing attacks can take many forms, including emails, social media messages and fake websites.
With the increasing prevalence of remote work, phishing attacks have become even more dangerous, as the employees of a business may be more vulnerable when working outside a secure office environment.
State-sponsored cyberattacks
Another major change in the cyber security landscape in recent years is the growing prevalence of state-sponsored cyber attacks. Often highly sophisticated and well-funded, these are used to gain access to sensitive government and corporate information.
They can be difficult to detect and defend against, because attackers are so highly skilled and have access to significant resources.
The Scottish Environment Protection Agency (Sepa) was the victim of an internationally organised cybercrime group. It was hit by a cyber attack on Christmas Eve 2020, with 4,000 files stolen.
According to The Ferret, the incident was the result of a human error and cost Sepa £5.5 million.
The attack was carried out by ransomware gang Conti, which broke into Sepa’s network via sophisticated phishing emails.
Royal Mail and Arnold Clark have also become victims of cybercrime.
According to The Guardian, Royal Mail refused to pay a £67 million ransom sought by hackers linked to Russia.
The attack was carried out by ransomware gang LockBit. It resulted in 11,500 Post Office branches across the UK being unable to handle international mail or parcels.
At Scottish motor dealer Arnold Clark, files containing customers’ names, addresses, vehicle registration numbers, bank accounts and sort code details were stolen. We do not yet know the full cost of this incident.
‘Ever-evolving’ threats
This all goes to show how important it is to educate people about the ever-evolving cyber threats, with technological advances and trends creating potential new dangers.
For example, the proliferation of mobile devices and the IoT has created new vulnerabilities that cybercriminals can exploit.
The increasing use of cloud computing and third-party services has made it more challenging for businesses to control and secure their data. If you think about it, that device in our pocket is constantly talking to the internet and sending data. Where is that data ending up? In whose hands?
They are also targeting new industries and areas of vulnerability, such as healthcare, energy and the Internet of Things.”
To stay ahead of these evolving threats, businesses and individuals must take proactive steps to improve their cybersecurity. This may include implementing strong password policies, using two-factor authentication, updating software applications, deleting obsolete user accounts, having clearly defined policies and regularly backing up important data, as well as a commitment to ongoing training and education.
Regular cybersecurity training can help employees stay up to date on the latest threats and make sure they can detect and respond to potential attacks.
As you can see from the Sepa incident, the cost of a cyberattack can be significant, making it well worth the effort to stay ahead of evolving threats in the cybersecurity landscape.
Businesses may need to take additional steps, such as implementing advanced threat detection and response systems, conducting regular penetration testing and developing incident response plans that can be activated quickly in the event of an attack.
Firms may also want to consider working with a cybersecurity consultant or outsourcing their IT system protection requirements to a third-party provider.
Jai Aenugu is the founder and chief executive of Aberdeen-based cybersecurity firm TechForce.
Conversation