View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 21, 2017

Are global cyberattacks the new normal? 4 steps to protect yourself

The global scale and scope of these recent attacks have people understandably concerned. But before the panic sets in, here are four tips to protect your organisation.

By James Nunns

Since the beginning of 2017, cyber criminals have ramped up their efforts considerably, the high profile, global attacks of Mirai, Wannacry and Petya have occurred one after the other, with crippling effects to some of the world’s largest economies and industries.  Fortinet ransomware

Despite the media attention, large-scale attacks of this nature aren’t new. Attacks like the ILOVEYOU worm and Code Red were massive attacks, some of which affected exponentially more devices and organisations than 2017’s attacks. In addition, the spread of WannaCry and Petya were quickly curbed unlike these worms of the past. But this isn’t just about scale. Unlike in years past, today’s organisations rely on data as both a critical resource and an essential source of revenue. And these new attacks are more sophisticated than ever…

Mirai was able to hijack tens of thousands of IoT devices, such as DVRs and digital CCTV cameras using the known device passwords installed by their manufacturers. These devices were then amassed and used as a weapon to take out a massive chunk of the Internet across the world. Denying service to a number of websites including Twitter, Reddit, Netflix, and Airbnb to name but a few.

Read more: FTSE 350 boards not ready for GDPR, unprepared for cyber attacks

Wannacry pioneered a new sort of ransomware/worm hybrid, something we call a ransomworm, in order to use a Microsoft exploit. Rather than the usual ransomware method of selecting a specific target, Wannacry’s functionality allowed it to spread rapidly across the globe, attacking thousands of devices and organisations

About a month later, we saw the emergence of a new ransomworm, Petya. This new malware used the same worm-based approach of Wannacry, even targeting the exact same vulnerability, but this time with a much more potent payload that could wipe data off a system and even modify a device’s Master Boot Record, rendering the device unusable. Since very little money was made during this attack, we can say that this attack was certainly more focused on taking machines offline than monetization through ransom. A machine availability ransom like Petya may become a much larger problem in the future when spreading as a rapid ransomworm.

There is a common belief across the security industry that attacks like Wannacry and Petya were just used as a test for vulnerabilities. These attacks are unfortunately, just the tip of the iceberg that could see the start of a new wave of global cyberattacks in the future

So, what can you do?

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

The global scale and scope of these recent attacks have people understandably concerned. But before the panic sets in, here are four tips to protect your organisation.


Practice network hygiene

Network and device hygiene are perhaps two of the most neglected elements of cybersecurity today. The Wannacry ransomworm targeted vulnerabilities that Microsoft had patched two months previously. And in spite of Wannacry’s global impact and media coverage, Petya was able to successfully target the exact same vulnerability less than a month later – further compromising thousands more organisations. In fact, most successful cyberattacks target vulnerabilities that are an average of five years old.

You should look to regularly patch your organisations’ devices, and devices too old to be patched, need to replaced.


Know your network inside and out

It’s impossible to patch devices on your network that you are unaware of. As such, you should look to invest in the time or technology to identify every device on your network. Establish its purpose, age, what traffic passes through it, and what OS and patch level is it running. It’s also important to know who or what devices have access to it.


Implement an integrated security system

More sophisticated attacks will target IoT which simply cannot be patched or updated. An integrated security system can detect and stop threats at multiple places within your network. But given that most organisations’ networks now span a wide range of devices, users, and applications deployed across multiple ecosystems, isolated tools monitoring traffic that passes a single point in the network are no longer adequate enough when it comes to security.


Segment your network

Dividing your network into functional segments to protect data and resources isn’t a revolutionary idea, but most organisations still fail to recognise its effectiveness. Most organisations have flat, open networks, and once the perimeter has been breached, stopping the malware becomes significantly harder.

With remote working trends only expanding, organisations are seeing their perimeters disappear, this makes securing their networks especially challenging.  As we discussed earlier, some of the most vulnerable sections of networks are IoT devices, as such, these should be assigned to a separate, secure network away from the main ecosystem. This is going to give your organisation the best chance in the event of a breach. Organisations need to deploy a segmentation strategy designed to meet the security demands of today’s most complex networked environments.

Read more: Top 5 critical infrastructure cyber attacks

We’re not reinventing the wheel here, for any security professionals, this should not be new. Business decision makers need to understand that without the appropriate resources, training and tools in place, their organisation is at risk. We’re living in a corporate society where these tips are no longer optional, nice to have security strategies – these are necessities to face today’s new normal of cyberattacks.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.