Preparing for the next elaborate cyberattack could put your organization at risk

Back in 2016 a report was released by the National Cyber Security Centre, detailing some of the most common cyberattacks and what to do in order to avoid them. Four years on and the world is far different to anything we could have ever imagined back then, but one thing that has remained a constant is the threats posed by threat actors.

For many businesses, as we head well into 2021, they will likely face a future of uncertainty and will be trying to get ahead as much as they can. A lot of anticipating and predictions into new means of attacks could leave many businesses neglecting the basics and instead heading into a rabbit hole of predictions that could do more harm than good.

At the same time the National Cyber Security Centre (NCSC) released its report titled Common Cyber Attacks: Reducing the Impact, the UK Government’s Department for Digital, Culture, Media & Sport (DCMS) also released a paper titled The Cyber Security Breaches Survey 2016. Each report detailed what a common cyberattack looks like, gave recommendations on what to implement and how to prevent it, and they listed the most common forms of attacks. At the time, these were the top three:

Viruses, spyware and malware.
Others impersonating an organization in emails or online.
Denial of service attacks.

The Cyber Security Breaches Survey is released annually and the latest threats as of 2020 are listed as:

Fraudulent emails or being directed to fraudulent websites.
Others impersonating organizations in emails or online.
Viruses, spyware and malware.

Two mediums of attack remain the same, likely due to the success rate and with fraudulent emails now listed, we have three very sophisticated and fruitful means of attack. So it’s no surprise then that between the two surveys, the number of businesses reporting a cyber breach had almost doubled to 46% in 2020.

A phishing attack is a type of social engineered attack where threat actors masquerade as a trusted entity. This means that the recipient of an email, telephone or text message is misled into providing sensitive information, to what they believe is a trusted person.

This method of attack is usually accomplished by luring the victim into clicking a malicious link, which consequently can trigger the installation of malware, a ransomware attack or the revealing of sensitive data such as sensitive personal information, like passwords to banking and credit card details.

Some of the most recent and sophisticated phishing campaigns have come from those acting as the U.S. Centers for Disease Control and the World Health Organization (WHO) targeting victims with malicious links. The focus of cybersecurity protection shouldn’t always be about trying to anticipate the latest means or technology that could impact a business, but instead, focusing on the same tactics and how these can specifically adapt. Phishing schemes are incredibly versatile and sophisticated which is why they’re so successful and they will adapt to what is going on in the world and take advantage of it wherever possible.

It’s key then that businesses refocus, cut out the noise and focus on the basics to ensure the most common attacks are covered. The following should be implemented at every organization and follow the Cyber Essentials recommendations:

Firewalls – ensure you have adequate protection at your network perimeter. Make sure your firewall policies are effective and only allow network traffic required for your business.
Malware protection – ensure all your devices have malware protection installed and that this is kept up to date on a regular basis.
Patch management – patching your software to the latest version will prevent cyber attackers attempting to exploit known vulnerabilities and gain access to your information assets
Secure configuration – ensure your devices have any unused functionality removed; this includes the removal of unused accounts and software
Access control – ensure that all the user accounts on your network operate on the principle of “least privilege.” This means that your users only have enough permissions to carry out the duties they are assigned.

As remote working looks set to stay, it is worth remembering that home workers extend the company network, so the scope of focus must also cover equipment that staff are using at home.

Biggest threats this year

In 2021, we’re likely to see similar threats to previous years - specifically relating to phishing attacks with threat actors impersonating organizations in emails or online. Ransomware threat actors are continually evolving their attacks, meaning defenders need to be keeping up with the changes and the defenses.

As we know, an attacker only has to be successful once and defenders need to be at 100% all of the time to keep their infrastructures safe. This means that all businesses, regardless of size are at risk of an attack.

We might not be able to protect against all the threats and vulnerabilities, but by keeping up with the basic fundamentals, businesses are making it harder for the attackers to gain access to their networks.

In other words, people will never be able to stop their house from being burglarized, but we can all deter casual thieves by locking doors and windows and deploying a burglar alarm. The case is the same when it comes to cybersecurity. By ensuring that the basics are followed and implemented into your enterprise from top to bottom, businesses can at least ensure deterrents and defenses remain strong when potentially compromised.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.