Authored by: Peter Löfling, General Manager APAC, Varnish Software.
Everything about how 2020 unfolded, both in the world as a whole and in the world of cyber security, was unforeseen. While work, study, shopping and communication patterns shifted, the nature and frequency of cyberattacks shifted right along with them. The 2021 CrowdStrike Global Threat Report concluded that 2020 delivered the most active year in memory for global cyber security threats, ramping up quickly to exploit new and abundant security vulnerabilities. Covid-19 may have slowed down every aspect of normal life, but it also exposed fault lines in many companies’ defensive armour.
Hunting for bigger targets
The scope and scale of cyber security threats has shifted over the course of the year. The standard range of threats, such as DDoS continued to grow, capitalising on the large-scale shift to home working and schooling as well as the massive e-commerce boom. Shutting things down, or finding clever ways to steal personal data, has accelerated. Phishing scams are one predatory nightmare visited upon people and businesses alike, attempting to induce both to sign up for government assistance and stimulus programmes that don’t even exist.
Other more malicious attacks began to steal headlines. There’s big potential in going after high-value targets, meaning that many bad actors weave extortion and blackmail into their threat offensive. That is, the attackers will access large amounts of sensitive data and threaten to release it if they don’t get their payday. Along similar lines, organisations (particularly critical operations like healthcare, pharmaceutical and supply-chain companies as well as hospitals) are major targets of ransomware, facing constant threats of being held hostage to complete shutdowns in the event of non-compliance. Some threats are perpetrated by criminal organisations while others appear to originate from malicious nation-state operators like North Korea and China, who are actively seeking to sabotage supply chains and intercept intelligence, such as vaccine research.
How to go to battle against cyber security threats
Uncertainty makes for challenging strategic cyber security planning, but there are mitigation techniques to consider. And they start, first and foremost, with a few basics: awareness, monitoring, visibility and speed.
At the enterprise level, stay aware of evolving threats. This means being attuned to the landscape and monitoring your own systems and endpoints in real time. “Real time” is important because you need to be able to get ahead of the threats, and in the event of an attack, you need to have visibility into what is happening to act immediately.
What does this look like in practice?
Follow up-to-date cyber security best practices, including vulnerability management and monitoring, keeping systems up-to-date, guarding authentication/authorisation permissions carefully.
Move quickly. Attacks need to be identified within one minute, and prevented or mitigated within ten. If you can’t prevent it, you want to limit the damage.
Awareness and education: Keep people aware. Even with monitoring and machine learning for real-time threat detection, people are often the weakest security link, either by clicking on phishing links, or not knowing how to report or respond to threats.