24 Jan 2019

Cybersecurity in the spotlight: what to look out for in 2019

Investec Focus

Digital content team

Ransomware attacks have eclipsed most other global cybercrime threats in the past year – and the practice is set to grow exponentially, warns EU law enforcement agency Europol.

The number one thing that brokers should understand is that cybercrime has now reached a high level of maturity. It's structured like a business: it has monetisation models, supply chains and different people in charge of different departments of crime.

 

It's this level of sophistication that has allowed cyber criminals to target the financial services sector, with nearly half of all businesses in the UK experiencing a cyber attack in the past year, according to the government’s 2018 Cyber Security Breaches Survey.

 

Just in the past year, cyber criminals stole £130bn from UK businesses, according to cybersecurity firm Norton. With rewards like this, businesses should be on high alert.

 

The established cybercrime business model is now so effective that many hackers see no need to change a successful operation, applying an "if it ain't broke, don't fix it" mentality.

 

Europol's fifth annual report seems to confirm this, warning that "ransomware attacks have eclipsed most other global cybercrime threats" and "the practice is set to grow exponentially" over the coming years. The same goes for phishing attacks. So, what are the big risks set to affect businesses?

 

"The more we trust the criminals, the more people are going to pay. They're trying to find new ways to make us feel that we can trust them."
Held to ransom

Ransomware is the number one risk. It is a computer virus that encrypts your files and demands money to give you back access. Many victims who get infected do pay the criminals – usually via Bitcoin – because the cost to the business of being locked out of systems is so high.

 

The WannaCry ransomware attack that affected the NHS was only stopped because a British researcher accidentally discovered the kill switch domain hardcoded in the malware. 

Which is odd, on the face of it: why would hackers spend time and effort to make sure you get the key to your own files when they already have your money? The answer is even stranger: it's because they care about their own reputation.

 

"Cybercriminals want us to know that we can trust them," says Menny Barzilay, co-founder and CEO of cybersecurity firm FortyTwo Global. "The more we trust the criminals, the more people are going to pay. They're trying to find new ways to make us feel that we can trust them. Some of the viruses come with customer support – so you can actually call them or fill out a form, and they will help you buy the cryptocurrency for a ransom while making sure your systems still function. 

 

“Some viruses even come with secure purchase options – which means that if you are unable to open your files, they will give you your money back. The most interesting thing is that the cybersecurity industry doesn't currently have a robust solution to deal with ransomware.”

 

A good example of this is the WannaCry ransomware attack that affected the UK's National Health Service (NHS), which was only stopped because British researcher Marcus Hutchins accidentally discovered the kill switch domain hardcoded in the malware.

menny
Menny Barzilay, co-founder and CEO of cybersecurity firm FortyTwo Global

The most interesting thing is that the cybersecurity industry doesn’t currently have a robust solution to deal with ransomware.

Hacked hardware

The second-biggest predicted risk is untrusted hardware. There are more and more cases where hardware devices come with pre-installed viruses – whether it's a mobile phone, a laptop, an autonomous car or any other network device. These viruses cannot be detected by traditional anti-virus software because they are at the firmware or hardware level.

 

Bloomberg's explosive story, The Big Hack: How China Used a Tiny Chip to Infiltrate 30 US Companies, demonstrates the scale of the problem.

 

"You've probably already suffered an attack yourself," says Barzilay. "Imagine a hacker wants to target the financial services sector. They go to an industry exhibition with 200 USB thumb drives – a common freebie, but with a pre-installed virus.

 

"If even a small percentage of the delegates are curious and plug one into their laptop – they're infected. Bad actors have even been known to leave drives on the ground near offices with labels saying 'confidential' or 'holiday snaps' – enough to tempt an unwary user to check it out on their machine … and compromise their whole network," says Barzilay.

 

Software flaws in autonomous or semi-autonomous vehicles could be equally problematic. If we do not trust them, we will not use them. Software vulnerabilities could allow hackers to take charge of the vehicle; for example, by mimicking a trusted network. It's feasible that they could also use the car to collect personally identifiable information, which could, in turn, be used in spear phishing attacks. 

cyber crime
Software flaws in autonomous or semi-autonomous vehicles could be problematic. If we don't trust them, we won't use them.
When an email becomes a threat

The third risk is 'spear phishing'. Almost everyone knows about phishing – where an email looks like it's from your bank or phone provider and asks for your details, which the cybercriminals then use to access your accounts.

 

Spear phishing is targeted – the criminals use personal or business information obtained about a particular individual to make their email much more credible. A broker, for example, might get a message including details of a recent trade, or something specific about a fellow team member which convinces them a link is safe to click, or the broker downloads an executable file (.exe file), malware or malicious codes.

 

Malware, or malicious software, includes computer viruses, worms, Trojan horses and spyware. These programmes can be used for a variety of functions – including, but not limited to, hijacking core computing functions or encrypting data.

 

Phishing attacks are on the rise, too. According to a Verizon Data Breach Investigations report, 30% of phishing messages get opened by targeted users and 12% of those users click on the malicious attachment or link.

 

One small mistake can cause serious damage to your company. Older-style crimes are getting more and more sophisticated. You may know to avoid suspect emails, but that style of attack has evolved considerably. It’s often the simplest scams that are the most effective.

Receive Focus insights straight to your inbox

Sending...

Please complete all required fields before sending.

Thank you

We look forward to sharing out of the ordinary insights with you

Sorry there seems to be a technical issue