Cyber security strategy is now a key issue for any enterprise. Ransomware attacks continue to evolve more sophisticated ways to get onto corporate networks. Crypto currencies have enabled cyber crime to become a profitable way to make money directly from malware.
Attackers no longer need any technical knowledge – ransomware attacks are available via portals as a ‘software-as-a-service’.
WannaCry and NotPetya have pushed ransomware to the centre of public understanding and corporate concern. Although both used NSA discovered exploits both of them also had fatal flaws which meant they could be relatively easily defeated.
But there is little doubt that the next twelve months will see similar attacks which will prove far tougher to defeat.
Criminals are turning to ransomware because it is more profitable and easier than other types of crime like cyber espionage.
The next generations of ransomware will, like other forms of software, be tweaked and personalised for the organisation under attack.
Already the social engineering aspect of successful attacks is far more sophisticated and tailored than it was in the past.
Wider adoption of mobile technologies and Internet of Things devices is also making it harder for businesses to defend themselves.
Too many staff take risks with mobile devices they would never consider if using their desktop PC.
Systems are increasingly linked to other organisations in the supply chain all of which can leave a door open to attacks.
A leading City of London bank recently defeated a series of frontal attacks on its networks. But the crooks did not give up and eventually found a way in to the bank’s systems via a link between its HR department and a local gym.
Increasing attack vectors require enterprise to rethink defensive strategies. Where once it was enough to defend the perimeter that will no longer keep your business safe.
The final change to attackers is the role of state actors. Whether involved in cyber espionage or responsible for keeping secret exploits which are then accidentally released governments around the world are playing an increasing role in cyber security.
This requires a different strategy than defeating poorly-funded black hat hobbyists.
But just as attacks are evolving so are available techniques and technologies to defeat them.
Automation is playing an increasing role in most organisations’ security arsenal. Although this is often seen as an aspect of larger organisations it can be just as important for companies with fewer dedicated security staff.
Systems which constantly monitor networks for suspicious activity can help defeat new attacks.
Such platforms are not ‘plug and play’ – they take time to learn what systems look like in order to spot events which are out of the ordinary.
As security tools improve there is also a need to change the way security teams are hired. With attacks changing all the time so the need for staff with a wider variety of skills gets even stronger.
Security teams of the future will be spending more time looking forward and trying to predict the next type of attack, not just dealing with current problems.
The other key for a secure organisation is an understanding from all staff from the board of directors downwards that security is everyone’s responsibility.
Finding innovative ways to train staff and make them aware of the ever-changing roster of malware types will be a crucial job for security teams.
This means taking a more collaborative role with other parts of the business like human resources.
It also means building security into the very start of new projects and not just adding it on afterwards. Predicting the exact shape of future threats might not be possible, but getting staff to put security first will help keep the enterprise as safe as possible.