This article is part of Panther’s new Future of Cyber Attacks Series which features interviews with cyber security experts, thought leaders, and practitioners with a goal of better understanding what organizations can do to prepare themselves for the future of cyber attacks.
The following is an interview we recently had with Zach Fuller, Founding Partner at Silent Sector.
How have cyber attacks evolved over the past 12months?
We are seeing the volume of cyber attacks increase dramatically and attackers are putting more resources toward attacks on small businesses than ever before. Cyber crime has become an industry supported by nation-states and crime rings, fueled by companies making ransom payments. Ransomware as a Service is prevalent, allowing much less sophisticated attackers to cause tremendous amounts of damage. It has become easier for criminals without deep technical backgrounds to get into cybercrime. With fewer barriers to entry, the volume of cyber criminals is increasing. Companies continue to pay ransoms to retrieve their data but only about half get access to all of their critical data after paying. It is critical that businesses of all sizes put appropriate cybersecurity measures in place. Proactive cybersecurity has become the cost of using technology.
What lessons can be learned from the biggest cyber attacks in recent history?
Every major breach has its own lessons but the underlying cause is almost always a lack of fundamental cybersecurity controls. For example, the Colonial Pipeline attack occurred because an old user account was not deprovisioned. Account management is one simple and basic requirement for a resilient cybersecurity program. Companies must cover the fundamentals and often technology is not the problem, but lack of policies, procedures, and standards is the root cause.
What will cyber attacks look like in the future?
The common cyber attacks we see today will continue. We will start to see more emphasis on cloud environment attacks that cause damage to many different companies at once. Sophistication of attacks will increase as the techniques of traditional espionage start to be combined with cybercrime techniques on a more regular basis. Nation-state threat actors will continue to recruit individuals sympathetic to their causes and will entice them monetary rewards. They will continue to plant these individuals in our Nation’s largest technology companies and other organizations with broad reach, causing the sophistication and damage from attacks to increase.
What are three pieces of advice for organizations looking to get ahead of the cyber attacks of the future?
Organizations of all sizes must implement a formalized cyber risk management program following an industry-recognized cybersecurity framework such as NIST CSF, CIS Controls, ISO 27001 or similar. Large organizations must get better at screening people as they hire and implement internal counterintelligence measures to identify malicious actors. Small organizations must place emphasis on staff training and policies, ensuring technology assets are used in a secure manner.