Digital Defence and Cybersecurity
Cybersecurity. If you’re a board member, you may be getting tired of hearing your CIO mention this topic at every single meeting. There is, however, a very good reason for that. 2022 saw one of the largest increases in varied cybercrime to date, with 39% of UK businesses reporting a cyber-attack of some kind during the year Data breaches alone cost global businesses an average of $4.35 million over the same period. It has quickly become more expensive not to invest in cybersecurity than it is to purchase a top-level solution. What’s more, with the proliferation of various kinds of cybercrime in the modern age, it can be difficult to figure out what you’re supposed to be defending against. That’s why this edition of tech trends looks to give you a general overview of the current threat landscape, as well as top trends in the cybersecurity industry which may help you sleep at night. It’s a scary world out there, but we’re confident that after reading this article and seeing the stellar work professionals in the space are putting in to protect your digital assets, you’ll have a better idea of what to look out for.
How Did It Get Like This?
When looking at modern trends, it can sometimes pay to employ a bit of hindsight to visualise just how the current state of play has come about. This is especially relevant in tech, where systems and programs tend to follow a linear progression. With that in mind, lets take a look at the early history of cybercrime in order to illuminate why the current trends in cybersecurity are so popular.
From 2013 to near enough the present day, Ransomware has been arguably the most talked about threat in cybercrime. When viewed through the lens of impact to organisations, firms like Sophos agree that estimates for the amount of damages caused by ransomware easily reach into the trillions of dollars range. The negative effects of Ransomware are extensive, with the most effective attacks easily being capable of toppling entire enterprise organisations. Arguably one of the most influential attacks in the development of Ransomware as a form of cybercrime came in the form of the 2013 Crypto Locker attack. By harnessing elements of encryption programmes alongside the rising popularity of Cryptocurrency, the Crypto locker attack set the Ransomware standard in terms of encrypting company data, and holding said data for a Bitcoin ransom pending payment for a decryption key.
Following on from Crypto locker came Maze Ransomware, a strain of Ransomware that only began winding down in popularity amongst cybercriminals recently. Cybercriminals utilising Maze Ransomware set another standard in the field of cybercrime – double extortion. This would involve criminals not only holding encrypted data for ransom, but threatening to publish said data if the ransom was not paid. This wedged affected firms between a rock and a hard place. Simply refusing to pay a ransom was no longer a financially viable option, as the regulatory fines incurred from a breach of public data could actually be a harder hit than the cost of the original random.
Combining these two techniques, the WannaCry Ransomware Crypto worm, possibly the most well-known cyber attack to date, affected computer systems worldwide in 2017. Arguably both a blessing and a curse, the estimates for total damages caused by WannaCry alone easily reach into the billions. Its success was enabled by the relatively lukewarm opinion on cybersecurity many firms had at this point. Utilising dated systems elevated a firm’s vulnerability to this worm (such as with the example of the NHS) – causing global businesses to really sit up and take notice of the growing threat cybercrime actors posed to their profits.
The era of Ransomware turned the cybersecurity world on its head, leading to the current obsession within IT around the topic. Ransomware unapologetically shone a light on the failures of a business to modernise its cybersecurity and develop strong internal cultures around cyber resilience. On top of this, Ransomware proved beyond all reasonable doubt that getting cybersecurity right is an ongoing process, requiring continuous optimisation and board-level focus. Owing to this, the 2020’s is characterised by, amongst other things, a reinvigoration within the field of cybersecurity.
The Current State of Play
So far, the 2020s has seen a notable ramping up of effort from both cybercriminals, and cybersecurity specialist, towards achieving their goals. The pandemic inadvertently acted as a vector for a spike in cybercrime, as criminals began to take advantage of the sudden shift to a digital focus many firms were forced into taking. In 2020, malware attacks increased by 358% when compared to 2019, with 2021 seeing global attacks also increasing by 125%. Beyond the highly damaging effects of ransomware, Phishing has become arguably the most popular cyber threat – with criminals taking advantage of remote working environments to increase their own success rate with phishing scams. Phishing falls under the ‘social engineering’ category of cybercrime – in which criminals will rely on manipulation and misdirection to perform a certain crime. While the cost of falling prey to a phishing scam can be fairly low, the use of these scams by state sponsored actors has continued a worrying trend in modern cybercrime – geo-politically motivated attacks.
?Russia’s invasion of Ukraine has been an incredibly influential element in the current cyber threat landscape. Since the beginning of the war, Russian-based attacks against EU and US based firms has increased by nearly 8x the pre-war amount. That’s a staggering increase in such a short space of time. In response, the UK government has launched its ‘Ukrainian Cyber Programme’, a multi-million-dollar initiative aimed at providing rapid incident response to protect Ukrainian government entities from Russian cyber-attacks, while also providing DDoS (denial of service) protection to Ukrainian citizens. While state sponsored cybercrime is nothing new, the Russo-Ukraine conflict does mark a worrying chapter in the willingness and capability of nations to use cybercrime against civilian targets, therefore involving them in a military conflict.
?Finally, the cost and rate of data breaches in general has been steadily climbing from 2020 to 2023. This can be mainly put down to general changes in the workplace following Covid, as well as more advanced cyber penetration methods being constantly developed by criminals. Data breaches cost global enterprises, on average, around $4.35 million per breach, up from $4.24 million in 2021. With the predicted cost of cybercrime to the global economy expected to reach $10.5 trillion in 2025 according to AAG, it is becoming painfully obvious that high-level cybercrime is here to stay and will only continue to become more and more sophisticated as time goes on.
Keep an Eye on This
Understandably, this all sounds very daunting. What’s worse is that there is no ‘gold standard’ for modern cybersecurity. With the rapid development of new threats, there is always a chance that your business just gets unlucky and is the first target for a new piece of malware, or an incredibly sophisticated attack. The best thing that leaders can do right now, is ensure they are making their businesses cyber resilient, and be personally aware of the most common threats out there right now.
领英推荐
In the modern day, cybercrime tends to fall into two main categories: computer as a target, and computer as a tool. Computer as a target attacks are usually favoured by state sponsored actors more than other elements owing to the high level of technical expertise required. These attacks are mainly being carried out by groups, rather than individuals. While the less common of the two forms, these attacks are usually the most damaging, and lean heavily on malware and DDoS aspects as vehicles for penetration into networks.
Computer as a tool attacks are much more widespread, and require less technical expertise to pull of successfully. These attacks exploit the human element of any computer network as a vector for insertion into a system, and commonly take the form of phishing and more so in the 2020’s – identity theft.
We covered Phishing earlier in this article, however it always pays to be aware of what to look out for:
Identity theft has become a big issue in the 2020s. As a concept, its been around for longer than the internet – however the anonymity afforded by internet usage has given identity crime a new platform to thrive on. Here’s what to look out for:
Does the Industry Have a Future?
This general rise in cybercrime is of course not helped by the fact that the cybersecurity industry in general is plagued with a long-running talent gap. A recent survey by the Information Systems Audit and Control Association found that from a pool of 2000+ cybersecurity professionals, 62% had understaffed infosec teams and 57% had positions that were going unfilled. There is clearly a gap in the market here, however that doesn’t have to be a bad thing. Large enterprise businesses are in a unique position to lead the industry into the future, and CIOs should be looking to bolster their cyber teams and strategies by undergoing a hiring campaign in 2023 and potentially beyond.
In fact, the rise of cybercrime has fuelled a dramatic rise in global spending on cybersecurity. GlobalData recently predicted that cybersecurity spend would top £20.6 billion by 2025 – up from around $9 billion in 2021. Additionally, the regulatory landscape for data privacy is another element within global business which is spurring a growth in cybersecurity. In the EU alone, the 2022 Data Privacy Framework is emblematic of a global push towards giving authorities further powers to handle data breaches and privacy concerns on a state level. Finally, the cyber insurance landscape has seen dramatic growth as premiums rise alongside the growing threat of cybercrime. All these individual factors contribute to our point at the start of the article – it is now more expensive not to invest in cybersecurity than to make sure you organisation is protected.
This huge growth within the industry has resulted in more and more high-level techniques for combating cybercrime to be developed. Most enterprise organisations now have ‘bug bounty’ programmes, where an open bounty is offered to anyone who can breach a new system update or recently deployed network. Global business is also beginning to benefit from top level AI-based cybersecurity solutions. While still very much in development phase, these solutions have the power to potentially do something never before seen in the world of cybersecurity – provide full 360 coverage of a network. A generative AI programme, tasked to learn from all examples of current malware, could in theory adapt to new attacks on the fly – actively hunting down event he most difficult to catch malware and eliminating it, while using the knowledge it learns from said attack to improve itself further.
We wanted to end this edition of tech trends with a short aside on cyber resilience. As a CIO, it’s great if you have the budget and business proposition set to successfully pitch the latest CyberSec solution to your board. However, it will be worth peanuts if you are not creating an internal culture around cyber resilience in your business. Leaders must lead from the front in this field, demonstrating what good cyber resilience looks like to their employees, and ensuring the business as a whole is well protected. It only takes one gap in your cyber armour for a criminal to gain access to your network. Make sure that’s not down to your company’s culture.