THE GLOBAL THREAT INTELLIGENCE REPORT
Cybersecurity is an ever-changing threat which forces companies and governments alike to continuously be developing new forms of cyber resilience. The challenge in the Information and Communication Technology (ICT) sector is to adapt to the new ways that we are all working from remote locations, but still remain accessible to staff and clients, whilst securing systems to ensure that there is no breach in data and all at a cost effective manner.
From a 2021 global report, it was found that 83% of organisations have restructured their security due to the way in which COVID-19 has impacted their businesses. About 54% of those organisations had indicated that they will never return to their previous operating model of working from the office with some adopting a permanent work from home policy whilst others have implemented a hybrid model of working from home and office. This means that the ICT systems of these organisations need to be able to manage the new risks, address security aspects relating to greater online presence, optimise systems and prepare for attacks on the supply chain front.
Organisations need to be able to increase their defences but also be able to mitigate an attack and recover as fast as possible, to avoid reputational damage. The top 6 trends in cybersecurity have been noted in the following industries; finance, manufacturing and healthcare. They have been the primary target with 62% of attacks aiming for these industries. The previous spyware attack has converted to now favour miners and trojans as the new form of access onto systems. About 41% of malware attacks have been targeting cryptocurrency miners, whilst cybercriminals have now utilised COVID-19 messaging to get into people’s systems. An astonishing 67% of attacks had now targeted people working remotely. All these security issues have now pushed up privacy and protection laws which increases obligations, restrictions, and limitations for ICT users.
The financial sector has some of the highest security maturity scores, however, they are the most attacked industry. Business and professional services are then second in the ranking for cybersecurity maturity, followed by the technology, manufacturing, education and healthcare sectors.
The types of attacks utilised nowadays consist of the following:
- – Botnets – which are multiple infected devices which are connected to the internet. They co-ordinate actions such as sending spam or conducting distributed denial-of-service attacks where you cannot connect or click on certain websites
- – Application attacks (aka application layer DDoS attacks) – target vulnerable applications, lack of encrypted data, escalation privileges and broken authentication
- – Web attacks – are attacks on services and applications running from a particular website
- – Reconnaissance – is when an attacker seeks out vulnerable systems and services
- – Brute-force attacks – is an attack which is a systematic use of username and password combinations which continually guess your possible login credentials to access a system.
So how should companies protect themselves against these attacks? Here are the key recommendations:
- – Companies should place ICT security as a key pillar in everything they do. Security must be at the forefront of everything companies do, and it must feature on every agenda as a stand-alone item
- – People and processes must be prioritised. People are the best resources and also a key vulnerability. Educational awareness is critical here for processes to be developed so that staff carry out their work in a security aware systematic manner
- – Security should be entrenched in every company’s philosophy of design. All new systems must be modified to include security and so too must the company’s policies and procedures. This includes physical infrastructure as well as software, where security tactics must become the foundation of all projects
- – A cybersecurity framework and standard must be put in place and then enhanced on a continuous basis
- – The prioritisation of continuous monitoring must be inculcated into the mindset of every staff member. Detection of attacks and reaction needs to be fast and ways in which to manage these need to be developed into a system which employees are trained on, on a regular basis.
The East London IDZ has to understand the nature of these security threats and then offer its ICT services and products to its clients in a manner that safeguards against such intrusions. This is possible with the safety features that have been built into the products themselves which also need to be regularly updated to keep current with the latest patches that are produced in responses to breaches. There is also regular testing and auditing of security systems to ensure that the East London IDZ is protected as far as possible. Then, as alluded to above, the most common way in which to get into a system is via people and this is why regular and appropriate training of staff must always take place so that they are informed of all the ways in which persons may be trying to access your IT system.
The only way in which a company can set up the best cybersecurity resilience is to set up a proper programme, plan and execute it accurately, monitor and train on a frequent basis. All staff need to constantly remain vigilant and keep up to speed with the ever-changing threat.
By Dr Chris Ettmayr – East London IDZ, Sector Manager: ICT & Renewable Energy