In the ever-changing world of cyber security where so many things change while others remain the same, the most important thing any organisation can do in such a daunting environment is stay up to date with what is happening while ensuring they have the most basic security principles in place at the same time.
With more than 20 years of IT and cyber security experience, A&O IT Group has seen and experienced the highs and lows in the tech industry over the years, with the past year being no exception. As we look to the future, we look to provide on-the-ground insights into what the market leaders are seeing happening in these challenging times in a two-part blog series. In this first blog we’ll be looking at the biggest losses in cyber security, as well as the most common attack methods and vectors.
“The relentless pace of digital business and ongoing transition to cloud are challenging traditional security approaches. Acting on these developments, security and risk management leaders can improve resilience, better support business objectives, and elevate their organizational standing.” Gartner
Biggest Losses in cyber security
Email and Payment Scams
Though phishing and similar social engineering attacks are nothing new, the way in which these attacks are delivered, and the techniques used to deliver them are ever changing, attackers will often theme these attacks around what is trending in the news and with that there is an increased target on COVID-19 related scams.
According to the FBI IC3 2019 Internet Crime Report e-mail related scams will top 26 Billion in the next 3 years while payment fraud has already caused losses of over 3.5 Billion for 2020.
Recommendation: Awareness training and education are the key to thwarting social engineering attacks, along with simulation attacks that test the effectiveness of the training being provided.
COVID-19 Attack Trends
Since remote working has now become the new normal the security landscape has completely changed. Organisations now need to refocus their efforts to facilitating work from home (WFH) situations which is causing an inevitable disruption in regular day to day security operations. Source: Gartner
Recommendation: Constantly testing new technologies being implemented is a vital part of managing the associated risks. Work from home solutions should be thoroughly tested as they often provide much less security than normal.
Deep Fakes & Disinformation
Perhaps not directly related to cybersecurity, we are seeing an increase in deep fake content being distributed to cause increased anxiety and untrust in the media and then used to further social engineering campaigns.
The term “Fake News” has become a major media highlight and again not directly related to cyber security, hacking organisations are spreading misinformation to advance social engineering attacks based off news trends and social anxiety.
Recommendation: Again, education is key here, since the weakest link in any system are the people that use it, these people are also often your last line of defence when it comes to these techniques being successful.
Identity spoofing (faking) is becoming way more sophisticated to the point that these false personas have detailed banking records, birth certificates and social profiles making it extremely challenging for automated and even human AML/KYC systems to spot the difference between a real and a fake identity.
Recommendation: Relying on purely automated solutions for AML/KYC systems may not be sufficient to adequately spot these false identities. It is important that additional validation is performed after the fact.
AI Powered Cyber Attacks
Attackers have long used AI and ML in furthering their attacks and this trend will continue to show advancement as the technology reaches maturity and access to greater computing power becomes cheaper and more available.
Recommendation: The use of artificial intelligence being used by cyber attackers has made it nearly impossible for traditional cyber teams to be resilient against these attacks, cyber teams need to be augmented to protect against these techniques.
Attacks on AI Systems
AI poisoning attacks used to tamper with ML while still training is increasingly being used to add biases to training sets and allow for malicious activities to look benign, causing AI monitoring systems to miss the activities they are meant to detect. Source: Gartner
Recommendation: Securing training sets properly can be the difference between your AI data sets either doing what they need to or the complete opposite.
Cyber Physical Systems
The fact that cyber incidents can now impact physical systems means that attackers can now cause harm not only to computer systems and data but even to human life and disrupt physical systems that most cities rely on. Operational and Information security have for long been siloed but can now affect each other more and more. Source: Gartner
Recommendation: Treating these different domains as completely siloed entities is the worst thing that major OT vendors and providers can do. Operational Technologies need to be tested as vigorously as any other IT system as the risks go far beyond just cyber.
Are you a business which has fallen victim to any of the attack trends mentioned above, or simply concerned that you may not be able to protect against them? Drop us a line to discover how A&O IT Group can help enhance your cyber security and help you to navigate the ever-growing cyber threat landscape.
Kyle Turner – Cyber Security Regional Manager – Middle East – A&O IT Group