Search
  • dc

Batten down the hatches!

If historically you have viewed cyber threats as something you don't need to worry about, or think' I'm too small for a cyber attack to happen to me' you may want to rethink things!


5G & IOT

When two technologies combine there can be many benefits, and in the case of 5G and IOT (Internet of Things) we could see huge technological leaps. From smart cities controlling traffic flow with linked vehicles, autonomously, through to medical devices that can be monitored in real time remotely improving patient care!

The way these technologies are deployed is going to be extremely important. With the increased bandwidth & low latency of 5G, a DDOS botnet that managed to capture enough insecure devices could wreak havoc. We have already seen the damage that can be caused with the Mirai botnet that in October 2016 launched a massive DDOS attack!


Too small to be noticed.

You may not be directly targeted but you still might be caught in the crosshairs. Phishing attacks remain a favourite tool for hackers, because it is low cost and highly effective. The latest spear phishing attacks can be extremely convincing and often difficult for people to spot. We have seen an increasing number of these attacks targeting Office 365. As the attacks utilise the template designs that Microsoft use to send notifications at first glance they can be difficult to spot.

Hackers look for the easiest targets and that has led to increased focus on small businesses.

Accenture estimate that 43% of all cyber attacks are against small businesses costing on average £200K, which has led to businesses closing their doors.


AI & Machine Learning.

AI and ML is not new however it's use is becoming more widespread. Due to lack of human resources cyber security has embraced these tools to try to get ahead of the cyber threats that not only increase in volume but also in sophistication.

However there is nothing stopping cyber criminals from using this same technology to their advantage. Using machine learning to find what phishing attacks are more successful and AI to build even more sophisticated attacks. In fact we have already seen the usage of 'Deep Fake' based attacks.


Critical Infrastructure

In previous blogs I've already discussed the weaponization of hacking tools to inflict damage, and as cyber tensions increase the potential damage to critical infrastructure is unimaginable.

Research estimates the economic and insurance impact of a severe, yet plausible cyber-attack against the US power-grid to total in excess of $240bn, possibly even rising to more than a $1trn.

A large percentage of Critical Infrastructure predates the Internet and therefore the security around devices such as programmable logic controllers (PLC's) is often extremely poor. PLCs are used for automating and controlling machinery for manufacturing, assembly and conveyance, as well as power grids, railways and airports.


Conclusion

Building a risk based approach to cyber security is a good place to start, and of course we are more than happy to help you with this journey. For us a key part of any cyber defence is not necessarily to place yet another point solution into the mix. Most organisations already have fatigue from trying to deal with the mass of log data being generated.

But you must have full visibility of your network in order to detect threats and anomalous traffic before it's too late!


0 views

© 2020 by WSD (West Sealand Digital Limited)