How Businesses can Guard Against Cyber Attacks
With cyber threats multiplying, businesses need to become more agile and responsive to protect their systems from attack.
The pandemic has been challenging for everyone – unless you are a cybercriminal. For them, Christmas came early as businesses rushed to adopt digital technology and adapt to remote learning. All of a sudden, it became a target-rich environment. Endpoints multiplied with staff logging in from all sorts of locations. Data became increasingly mobile, being transferred between various locations and IT managers found themselves confronted with increasingly fractured and hard-to-control networks.
Moreover, digital adoption was pushed into overdrive. While this brought benefits, it also pushed many businesses to embrace digital technology without adequately considering the risks. Keeping these networks safe, when the way we work is changing rapidly, has become increasingly difficult.
The result of this is that threats increased exponentially. 2020 would be the busiest year on record for cyber threats against UK firms. Hacking attempts surged by 20% compared to 2019, and all the signs suggest 2021 will be even busier.
There are plenty of things any business should be doing as a matter of course, including:
- Encryption: All sensitive data should be encrypted, and no passwords or login details should ever be sent in unencrypted formats. Wi-Fi should be fully encrypted, such as with WPA2, and the password should be regularly changed.
- Security: Teams should be encouraged to choose strong passwords, change them regularly, and ensure they have different passwords for various accounts. Zero trust multi-factor authentication is also helpful to ensure all access requests are fully verified. Networks should always have a firewall, and you should check that the router has the latest firmware installed.
- Software updates: Cyber threats are constantly evolving, and so must defences. Software providers are constantly developing patches to counter each threat as it becomes known. These are installed via updates, ensuring the system benefits from the most up-to-date security. Software defences identify threats by comparing them against known lists. If it has not been updated, it will be missing the latest additions and left vulnerable to attack.
- VPNs: If accessing networks from public Wi-Fi, all users should use virtual private networks. This keeps any data safe from prying eyes.
- Backing up: All critical systems should be regularly backed up and stored in different locations. This means that if a breach does occur, a business will be much better placed to respond and mitigate the impact of a breach.
These all cover the basics of what any business should be doing. However, in the current landscape, the threats are multiplying, evolving and becoming increasingly complex. For example, earlier in the year, hackers affiliated with the Russian ‘Darkside’ hacking group took the Colonial pipeline offline, threatening oil supplies to the East Coast. The company eventually paid the hackers 75 bitcoin (about $4.4 million) to get systems back online. The Digital Extortion Taskforce later recovered 64 of those by tracing the hackers’ digital wallets.
The impact of the Colonial Pipeline was dramatic, but the way it compromised defences couldn’t have been more straightforward. Just a single leaked password gave hackers everything they needed to get in. Indeed, one thing many of the most high-profile attacks of the past few years have in common is that the business involved could and should have done much more to prevent the breach.
Businesses often take a passive, reactive approach to cyber security, only taking action when an attack has happened. According to a survey from FireEye, more than half of businesses admit they are not adequately prepared for cyber-attacks. Instead, they should take a more proactive approach, working to understand the evolving landscape, how their network is exposed and where threats are more likely to come from.
This becomes increasingly challenging in a world where the number of endpoints connecting into systems is growing. The rise of remote work, the internet of things (IoT) and initiatives such as ‘bring your device to work’ (BYOD) have seen an exponential rise in the number of devices logging into systems. Unsecured personal devices are routinely accessing systems and managing highly sensitive data.
This represents an enormous security vulnerability as hackers often target the most minor and seemingly insignificant devices, which can often provide the most straightforward route. Remember, all they need to breach even the tightest firewall can often be a single password.
How to safeguard systems
Therefore, the challenge for those tasked with cyber defence has become much more complicated in the past year. To use a sporting analogy, it’s a bit like defenders in a football game suddenly finding that the opposition has been given six additional attackers, and the pitch has been doubled in width. Defending every avenue will feel impossible.
What they can do is understand the ecosystem. Not all attack vectors are equal. Some devices and assets will present a greater risk than others. To account for these threats, organisations must tailor cyber security approaches to protect their most vulnerable ecosystems and ensure their most critical threats have been mitigated. That way, you can tailor your cybersecurity strategy to suit your business environment.
Modelling and wargames can also help you understand how your business will perform in a real-life scenario. Often, businesses only identify vulnerabilities after they have already been breached. This provides a safer dry run where businesses can stress test their defences and redundancy measures to see how they perform and where they might be vulnerable.
The human factor
Last but by no means least, businesses will need to consider the human factor. All the sophisticated firewalls, antiviruses and encryption in the world can be rendered useless by someone in the organisation clicking on an infected link. In a world typified by technology, it is often surprising to find that, as data from IBM suggests, 95% of breaches occur due to human error.
Plugging this gap could be the most significant thing any business can do to improve the safety of its systems. They can implement full training for all staff, ensuring everyone understands the threats, policies and responsibilities. They can foster communication between departments and design imaginative and creative training which engages people and helps them take ownership of security at all levels.
The aim behind all the measures discussed here is to embed cyber resilience into the fabric of an organisation. By doing so, organisations can create a positive cyberculture in which systems and employees are as well prepared as possible for the threats they may face.