This article is part of Panther’s new Future of Cyber Attacks Series which features interviews with cyber security experts, thought leaders, and practitioners with a goal of better understanding what organizations can do to prepare themselves for the future of cyber attacks.
The following is an interview we recently had with Roger Smith, Director, Care Managed IT
Cyber attacks have evolved considerably in the last 12 – 18 months because of the change in business requirements. Working from home (WFH) put staff outside the protective envelope of the normal business which was one issue.
The second issue was the utilisation of old, obsolescent and obsolete systems and operating systems (home computers) with minimal cyber hygiene connecting back to the business environment.
The third issue was using vulnerable systems (RDP) without a risk analysis or doing due diligence on the cyber components. Another problem was that with everyone working from home so were the cyber criminals. This increased the number of attacks in the attack pool and increased the number of vulnerabilities being targeted.
In most cases , the initial infection could be traced back to a basic failure:
Once inside the systems there seemed to have been a lack of monitoring and management on the rest of the infrastructure, a lack of alerts and system requirements. A cyber attack can take minutes or months.
Cyber attacks will become more persistent with a bigger focus on automated systems targeting uneducated and ill informed users.
Cyber attacks will become more focused but under the smoke screen of random attacks.
IOT, SCADA and critical infrastructure vulnerabilities will be exploited creating bigger infrastructure issues.
All of these attacks will be harder to see because of the adoption of new technologies including newer programming languages and AI