17 Jan 2019
Cybersecurity under the spotlight: what to look out for in 2019
Cyber criminals stole £130bn from UK businesses last year, according to cyber security firm Norton. With rewards like this, what should businesses watch out for in the year ahead?
The number one thing that brokers should understand is that cyber crime has now reached a high level of maturity. It’s structured like a business: it has monetisation models, supply chains, different people in charge of different departments of crime.
It’s this level of sophistication that has allowed cyber criminals to target the financial services sector, with nearly half all businesses in the UK experiencing a cyber attack in the last year, according to the government’s 2018 Cyber Security Breaches Survey.
The established cybercrime business model is now so effective that many hackers see no need to change a successful operation, taking an “if it ain’t broke, don’t fix it” mentality.
Europol's fifth annual report seems to confirm this, warning: "ransomware attacks have eclipsed most other global cybercrime threats” and “the practice is set to grow exponentially” over the coming years — and the same goes for phishing attacks. So what are the big trends due to affect businesses?
‘The more we trust the criminals, the more people are going to pay. They’re trying to find new ways to make us feel that we can trust them.’
Held to ransom
Ransomware, if you don’t already know, is the number one risk. It is a computer virus that encrypts your files and demands money to give you back access. Many victims that get infected do pay the criminals – usually via bitcoin – because the cost to the business of being locked out of systems is so high.
Which is odd, on the face of it: why would hackers spend time and effort to make sure you get the key to your own files when they already have your money? The answer is even stranger: it’s because they care about their own reputation.
“Cyber criminals want us to know that we can trust them,” says Menny Barzilay, co-founder and CEO of Cyber security firm FortyTwo Global. “The more we trust the criminals, the more people are going to pay. They’re trying to find new ways to make us feel that we can trust them. Some of the viruses come with customer support – so you can actually call them, or fill out a form, and they will help you buy the cryptocurrency for a ransom while making sure your systems still function.
“Some viruses even come with secure purchase options – which means that if you are unable to open your files, they will give you your money back. The most interesting thing is that the cyber security industry doesn’t currently have a robust solution to deal with ransomware.”
A good example of this is the WannaCry ransomware attack that affected the NHS, which was only stopped because British researcher Marcus Hutchins accidentally discovered the kill switch domain hardcoded in the malware.
The most interesting thing is that the cyber security industry doesn’t currently have a robust solution to deal with ransomware.
The number two is untrusted hardware. There are more and more cases where hardware devices come with pre-installed viruses – whether it’s a mobile phone, a laptop, an autonomous car or any other network device. These viruses cannot be detected by traditional anti-virus software because they are at the firmware or hardware level.
Bloomberg’s explosive story The Big Hack: How China Used a Tiny Chip to Infiltrate 30 US Companies demonstrates the scale of the problem.
“You’ve probably already suffered an attack yourself,” says Barzilay. “Imagine a hacker wants to target the financial services sector. They go to an industry exhibition with 200 USB thumb drives, a common freebie, but with a pre-installed virus.
“If even a small percentage of the delegates are curious and plug one into their laptop – they’re infected. Bad actors have even been known to leave drives on the ground near offices with labels saying “confidential” or “holiday snaps” – enough to tempt an unwary user to check it out on their machine… and compromise their whole network.”
Software flaws in autonomous or semi-autonomous vehicles could be equally problematic. If we do not trust them, we will not use them. Software vulnerabilities could allow hackers to take charge of the vehicle, for example, by mimicking a trusted network. It’s feasible that they could also use the car to collect personably identifiable information, which could in turn be used in spear phishing attacks.
Software flaws in autonomous or semi-autonomous vehicles could be problematic. If we don't trust them, we won't use them
When an email becomes a threat
The third, but not least, is “spear phishing”. Almost everyone knows about phishing – where an email looks like it’s from your bank or phone provider and asks for your details, which the cyber criminals then use to access your accounts.
Spear phishing is targeted – the criminals use personal or business information obtained about a particular individual to make their email much more credible. A broker, for example, might get a message including details of a recent trade or something specific about a fellow team member that convinces them a link is safe to click, or download an executable (.exe file), malware or malicious codes.
Malware, or malicious software, includes computer viruses, worms, Trojan horses and spyware. These programmes can be used for a variety of functions, including but not limited to hijacking core computing functions or encrypting data.
Phishing attacks are on the rise, too. According to Verizon Data Breach Investigations report, 30% of phishing messages get opened by targeted users and 12% of those users click on the malicious attachment or link.
One small mistake can cause serious damage to your company. Older-style crimes are getting more and more sophisticated. You may know to avoid suspect emails, but that style of attack has evolved considerably. It’s often the simplest scams that are the most effective.