Bytes - Smarter together
Bytes - Smarter together

Bytes Cyber Journal: Entry 1 - The Enemy in the Shadows

Friday 24th May 2024

 
Henry Glynn
Cyber Security Solutions Specialist
Author
 
Georgia Moore
Marketing Executive
Editor

The Enemy in the Shadows

The evolution of cyber crime.

 

YESTERDAY

Yesterday, all my troubles seemed so far away’ John Lennon quipped in his famous imagine track, which is rather apt when you apply it to the life of an IT Manager of yesteryear. The Internet felt new, safe, and exciting. However, as the popularity and reliance on digital communications boomed, so did the opportunity it presented to the would-be cyber criminals of the future. As the internet became more accessible in the 1990s, the scope of cyber-crime expanded dramatically. The number of individuals using the internet skyrocketed from a mere 0.049% of the global population in 1990 to 45.8% by 2016. This increased connectivity provided fertile ground for cyber criminals to exploit.

In the 1950’s computers had evolved to the point whereby they were usable, and some Universities had them in situ. In the summer of 1961, a chap called Fernando Corbato created the first password system. Working at the Massachusetts Institute of Technology, he created a simple way that students working on shared computers could keep their work safe. Not long after, along came Allan Scherr, another MIT Researcher who became known as the first recorded password thief. Passwords soon took off and our reliance on them snowballed, however, little was known or understood about the potential flaws in weak password security and how easy it could be to expose. An example of this is that the US defence system for missile launches was protected by an 8-digit code of 00000000, which was accidentally leaked when President Kennedy left a piece of paper containing the launch code in the blazer pocket which was sent to the dry cleaners!

As the internet and all things connected evolved at an electric pace, so did the sophistication of cyber criminals. Early day Phishing attacks were basic but had lots of results. This created organisations to become more cyber aware and the early days of security awareness training were born, all be it in a very rudimentary form. As different point product solutions were invented to address the emerging threats, cyber-criminals got smarter. The sophistication, creativity, and ruthlessness they applied increased dramatically and well-oiled, well-funded and well-motivated cyber-criminal groups emerged.

 

TODAY

The average person’s perception of a cyber-criminal is usually very wrong. They assume the majority are gaming supremos hidden in a basement holding a big bag of Doritos in one hand whilst tapping away furiously on the dark web with the other. Yes, this caricature exists, but the reality is that a far more menacing and formidable foe is poised at the city gates. Think state funded organised crime groups with a substantial talent depth; think an affiliation of extraordinarily clever hackers - bank rolled by a sophisticated criminal entity or nation state. That’s the reality and extent of the threat.

A well-resourced and sophisticated eco-system for cybercrime-as-a-service exists out there in the wild. It’s remarkably easy to purchase a ‘hacking package’ if you know where to look. These ‘packages’ contain the tools required for a cybercriminal to be successful and with very little prior knowledge or skill. It’s become a highly lucrative industry which has hugely increased in accessibility. Combined with the explosion of Generative AI, which has removed the barriers to crafting compelling and highly sophisticated social engineering phishing attacks, organisations that are relying on legacy security tooling to keep them safe, have become wildly exposed.

We’re seeing attack strategies evolving from crypto-ransomware (where attackers encrypt data and hold the decryption key) to breach-for-ransom campaigns. This is where attackers steal sensitive data and threaten to release the sensitive information unless paid. Ransomware and information-stealing groups have started using more sophisticated techniques, such as stealing tokens and account identifiers from Google Chrome. As they continuously evolve, in order to keep your organisation safe, you must as well.

Cyber criminals have increasingly exploited human nature and pioneered the use of psychology and social engineering in the criminal world. They’ve developed an advanced understanding of human behaviour and specifically target a human’s emotional triggers and buttons. The ‘spray and pray’ attacks of yesteryear still exist but we’ve seen a shift to far more targeted attacks, and not one industry is safe. The most cyber-attacked industries, based on data from 2023, are as follows:

  • Manufacturing: This industry encountered just over a quarter (25.7%) of the total cyberattacks in 2023, making it the most targeted sector.
  • Finance and Insurance: These organisations followed closely, with around 18% of the cyberattacks.
  • Government & Public Sector: Joint second with 18% of attacks, this sector is also among the top targets for cybercriminals.
  • Professional, Business, and Consumer Services: Ranking third, this sector experienced 15.4% of reported cyberattacks.
  • Energy: with 11% of attacks, the Energy sector continues to feature as a very attacked sector.
  • Retail: is another industry (10.7%) that is highly vulnerable to cyber-attacks. Retailers face numerous threats, from credit card fraud and identity theft to data breaches and point-of-sale (POS) attacks.

An additional point to note is that the Healthcare industry has also become one of the most vulnerable to cyber-attacks in recent years. Cyber-criminals are increasingly targeting healthcare organisations with a plethora of targeted attacks. May I remind you of the infamous “WannaCry” outbreak in 2017 which impacted 20,000 plus computers and caused colossal disruptions to patient care.

Keeping your organisation safe from cyber-crime is a constant because the rate at which cyber-crime evolves is quite simply, rapid. As Tzu Sun quoted in his book ‘the art of war’ – “The supreme art of war is to subdue the enemy without fighting” and no such a quote could be better suited to that of constructing your cyber defences.

There’s no such thing as a silver bullet in cyber security, but you can make yourself less of a target. It’s not about being the fastest gazelle on the plain…just don’t be the slowest.  According to a recent report by Sophos, the dwell time of cyber-attacks is an average of eight days. Dwell time represents the of time between when an attack begins and when it is detected. The same report also noted that in 81% of ransomware attacks, the final payload was launched outside of traditional working hours, and for those that were deployed during business hours, only five happened on a weekday. In addition to this, 43% of ransomware attacks were detected on either a Friday or Saturday. When hardworking and often overstretched security teams are at home sleeping like a log after a hard days graft, the cyber-criminal strikes.

The average cyber-criminal knows their way around the basic and primitive cyber defences that many organisations still rely upon. These folk are easy targets and get picked off at will. No organisation can say they’re 100% bullet proof and if you haven't endured an attack yet, at some point you will. The strategic question to ask yourself is ‘are we best prepared?’. According to the Government’s department for science, innovation, and technology, in 2023, 32% of businesses and 24% of charities overall reported experiencing cybersecurity breaches or attacks within the last 12 months. A point to note is that these figures are only based on organisations that actually reported incidents. Many organisations who have fallen victim to a cyber breach, often don’t make this public due to the reputational damage that ensues. Let’s break these reported stats down:

  • Medium sized businesses: 59% identified breaches or attacks.
  • Large sized businesses: An even higher 69% faced cybersecurity incidents.
  • High-income charities (with £500,000 or more in annual income): 56% encountered breaches or attacks.

An example of today’s increase in cyber-attacks can be found in a recent report by Checkpoint. In the first quarter of 2024, organisations experienced an average of 28% more cyber-attacks compared to the previous quarter. The weekly number of cyber-attacks per single organisation stood at 1,308, which was the highest ever!

 

TOMORROW

It’s impossible to truly know what ‘tomorrow’ looks like in the realm of cyber security due to the pace of evolution. However, you can see what trends are emerging and now more than ever, organisations need to invest in best of breed solutions that utilise cutting edge ‘good AI’ to beat ‘bad AI’. There is a growing threat of cybercriminals harnessing AI-driven tools to elevate their tactics and maximise their impact. Despite platform crackdowns, cyber-criminals persist in adapting, showcasing their agility in exploiting emerging trends for nefarious ends. The escalation of AI-driven cybercrime underscores the pressing need for heightened cybersecurity measures and awareness efforts.

You need to invest in solutions that automatically provide rapid response and remediation to threats, reducing the burden on the security team whilst nullifying threats efficiently and clinically. The average organisation commits just 10% of its IT to spend to Cyber Security, so investing in solutions that help you evidence a strong ROI through detailed reporting and analysis are also crucial factors to consider when making a purchase. This not only helps to educate the boardroom but also evidence the need for sufficient budget.

However, with all the tools, solutions, and technologies in the world, one of the best investments you can ever make is building a security awareness culture in your organisation by developing a ‘cyber savvy’ workforce. In a world of computers, machine learning and AI, it’s rather ironic that its ‘humans’ that will still always be the first and last line of defence. Developing your ‘human firewall’ has become crucial when looking to build a workforce that are skilled and equipped to combat the threats of tomorrow.

 

HOW BYTES CAN HELP

Are your current defences robust enough for the evolving threat landscape? This is one of the most important strategic questions an organisation should ask itself when it comes to evaluating its cyber security posture. When it comes to cyber security, you can’t just ‘let it be’. As the threat landscape evolves, you must evolve with it.

However, this is no mean feat and a task that often requires additional outside help and guidance from a trusted advisor. This is where Bytes comes in. With over 20 years’ experience of helping organisations fortify their defences and with our in-depth team of specialists, we are well placed to advise and support your organisation in safeguarding yourselves not just against the threats of today, but also the threats of tomorrow. Book in one of our endpoint and user security workshops now, where we dive into market trends, latest developments and help enhance your organisations defences.

I started off this blog with a quote from ‘Imagine’ by John Lennon…did you spot the other Beatles song lyrics hidden in this blog? Probably not, however, they’re here and, just like a cyber-criminal, they’re lurking in the shadows and sometimes hidden in plain sight.

 

Thank you for reading.

If you have any questions, or would like to learn about any of the content covered in this blog, please email our friendly team via [email protected]

 

References and credits:
  • ‘Hacked’: Jessica Barker
  • Sophos Active Adversary report
  • Checkpoint Global Security Trends report
  • Europol, the United Nations Interregional Crime and Justice Research Institute (UNICRI) and Trend Micro: Malicious Uses and Abuses of Artificial Intelligence report
  • Mimecast Global Threat Intelligence Report
  • UK Government Department for Science, Innovation, and Technology: Cyber Security Breaches survey 2003
  • Statista
  • InvGate Industry Trends  

Want to keep informed? Sign up to our Newsletter

Connect