This article is part of Panther’s new Future of Cyber Attacks Series which features interviews with cyber security experts, thought leaders, and practitioners with a goal of better understanding what organizations can do to prepare themselves for the future of cyber attacks.
The following is an interview we recently had with Roger Smith, Director, Care Managed IT
How have cyber attacks evolved over the past 12 months?
Cyber attacks have evolved considerably in the last 12 – 18 months because of the change in business requirements. Working from home (WFH) put staff outside the protective envelope of the normal business which was one issue.
The second issue was the utilisation of old, obsolescent and obsolete systems and operating systems (home computers) with minimal cyber hygiene connecting back to the business environment.
The third issue was using vulnerable systems (RDP) without a risk analysis or doing due diligence on the cyber components. Another problem was that with everyone working from home so were the cyber criminals. This increased the number of attacks in the attack pool and increased the number of vulnerabilities being targeted.
What lessons can be learned from the biggest security breaches over the past 12 months?
In most cases , the initial infection could be traced back to a basic failure:
- A failure in policy and procedure.
- A failure in basic cybersecurity requirements (patching, passwords and Domain management).
- A failure in basic awareness training.
Once inside the systems there seemed to have been a lack of monitoring and management on the rest of the infrastructure, a lack of alerts and system requirements. A cyber attack can take minutes or months.
What will cyber attacks look like in the future?
Cyber attacks will become more persistent with a bigger focus on automated systems targeting uneducated and ill informed users.
Cyber attacks will become more focused but under the smoke screen of random attacks.
IOT, SCADA and critical infrastructure vulnerabilities will be exploited creating bigger infrastructure issues.
All of these attacks will be harder to see because of the adoption of new technologies including newer programming languages and AI
What are three pieces of advice for organizations looking to get ahead of the cyber attacks of the future?
- Increase awareness and education – Get your teams up to speed on what a cyber event can do and what to look for. One of the biggest investments with the biggest return if done correctly.
- Understand the basics – We call it the essential 8 sometimes called MSP+, patching, 2 FA, whitelisting, hardening, reduced administrators, backups and manage scripting.
- Stop saying that you do not have anything worth stealing, it will never happen to me and we are too small to be a target. – Compliance is not ‘tick the box and move on’, it is a change in cyber understanding and being proactive.