With digital transformation pervading most aspects of our everyday lives, the security of IT assets becomes an increasingly important topic – and one every business needs to look into.
The UK is home to some of the most advanced IT infrastructure in the world. And yet, it's also one of the most vulnerable countries when it comes to cyber security. So why is that?
Why? Because the country’s IT infrastructure is robust yet vulnerable.
- More than 80% of UK organizations experienced a successful attack in 2021/2022.
- Over a 12-month period, ransomware attacks affected 73% of UK organizations.
- 11.3% of UK IT budgets are spent on security.
- Councils in the UK are dealing with thousands of attempted cyber-attacks every day, with 2.3 million attacks being detected so far this year.
- Data theft and extortion are on the rise, making them existential threats for ever more organisations.
- Establishing an Information Security Management System (ISMS) in accordance with the international ISO 27001 standard has become a common step within the IT security strategy of many organisations.
To avoid any confusion: IT security refers to the IT infrastructure: computers, servers, clouds, lines, etc. must be secured and protected from access by unauthorized third parties. The purpose IT is basically to transfer and processes information.
Cybersecurity is to be understood as a subarea of IT security. It is about protecting information in cyberspace, i.e. information security in connection with the Internet. Read more about it here.
The vulnerability further increases due to a rise in connectivity with the advent of the Internet of Things (IoT). In 2022, the number of all connected devices worldwide reached an astounding amount of 42.62 billion. By 2025, this number is expected to grow to more than 75.44 billion devices.
A major problem is the diversification of methods used by cybercriminals. As methods become more sophisticated, it is becoming increasingly difficult for businesses and individuals to protect themselves from extortionists. The past year, for example, saw a sharp increase in attempts at blackmail. Also, the number of malware variants has increased rapidly: Up to 553,000 new variants are created every day. In 2021 as a whole, 144 million variants could be identified, corresponding to a 22 % increase compared to 2020.
As cyber-attacks grow ever more sophisticated, it becomes increasingly difficult to detect and prevent them without professional support.
In March 2021, Microsoft released a security update which patched four critical vulnerabilities – all of which had already been exploited by cybercriminals for targeted attacks. Immediately after the release, criminals started to search Exchange Servers online to find other weaknesses to exploit. A review found that 98 % of all systems found during these scans were at risk due to weaknesses in MS Exchange.
The UK government confirmed the Network and Information Systems (NIS) Regulations will be strengthened to protect essential and digital services against increasingly sophisticated and frequent cyber-attacks both now and in the future. The UK cyber minister Julia Lopez said: “We are strengthening the UK’s cyber laws against digital threats. This will better protect our essential and digital services and the outsourced IT providers which keep them running”.
It is high time cyber security is no longer considered as hindering progress but as an investment in the future. After all, cyber security is one of the cornerstones of successful digital transformation.
Attack vectors primarily arise from weaknesses in IT products. This is especially serious for products with a broad distribution and high market penetration. Products exhibiting vulnerabilities are a sign of poor product quality. Thus, it is in the manufacturer’s best interest to continuously work at eliminating these defects as quickly and consistently as possible.
Yet users also need to be aware that they must actively protect their networks and systems every day by applying patches or other measures to prevent cyber-attacks. Those who fail to do so are taking a huge risk and exposing themselves to potential attacks.
What are the biggest threats to cyber security?
Malicious programs, malicious software or malware are broad terms. They refer to software code which can perform harmful operations or enables other programs to do so. In many cases, malware enters computers using infected attachments or email links. Malicious code is executed if the user clicks on the attachment or link to an infected website.
Big Game Hunting with ransomware: In the majority of cases, ransomware blocks access to local or network data and systems. The most common method is to encrypt user data (e.g., images, videos, and documents) or data infrastructure such as databases. The victim then receives a message telling them they will not get access until a certain amount of ransom money is paid. Victims are given a deadline by which they must pay the ransom. Only then will they regain access to their stolen data.
Spam and malware spam: Unsolicited emails are generally referred to as spam. The term is also used for cyber-attacks such as malware spam or phishing emails. Spam is sent through compromised or rented servers, via stolen mail accounts, or through infected systems. Additionally, all these may form botnets to be used for sending out spam.
Botnets: A bot is a malware that enables attackers to remotely access infected systems. By infecting other people's computers and smartphones, cybercriminals gain access to a large number of targets which they exploit for their own purposes. Multiple bots controlled from one location are usually referred to as a botnet. Yet not only the infected system itself might cause damage. Hijacked systems can also be used to attack third parties (e.g. through DDoS attacks).
A common way for attackers to obtain sensitive information is by using so-called phishing attacks. With the help of sophisticated social engineering, criminals try to gain the victims’ trust and have them hand over sensitive data.
Malware emails: Infections with malware most commonly occur when users click on items in phishing emails. This includes opening email attachments and following links to compromised websites. The emails and links mostly lead to the download and execution of dangerous malware such as Trojans, bots or ransomware. One click is enough, and the malware is installed on the device.
Phishing emails & phishing SMS (smishing): Phishing attacks can be carried out via email and SMS messages. The term “smishing” was created to refer to the concept of phishing via SMS. In the UK, 2022 saw a dramatic rise in smishing attacks: employees at 74% of all organisations were sent fraudulent text messages.
The term “cyber-attack” refers to any illegal activity aimed at compromising computers or entire networks. Be it for financial profit, as a form of political protest, or for industrial espionage: the term “hack” is used whenever there has been illegal activity carried out by cybercriminals or “hackers”. If malware or spyware (Trojans, viruses or worms) are involved, we mostly speak of cyber-attacks.
4) Advanced persistent threats (APTs)
Advanced persistent threats (APTs) differ from other threats in the attackers’ motivation and their modus operandi. APTs are often long-term attacks planned with great effort and aimed at specific targets. In general, APT attacks are not meant to achieve immediate financial profits but rather to gather information and enable acts of sabotage.
5) Distributed denial of services (DDoS) attacks
A Denial of service attack (DoS) attack involves flooding computer systems with internet traffic. It is a particularly dangerous attack aimed at disrupting the availability of data and services for legitimate users. DoS attacks have been around for a long time and can affect anybody – there are, however, ways to protect against them. In a distributed DoS (DDoS) attack, several systems carry out parallel attacks on the availability of services, websites or networks.
6) Raccoon attack
Raccoon is a timing vulnerability in the TLS specification that affects HTTPS and other services that rely on SSL and TLS. These protocols allow everyone on the internet to browse the web without third parties being able to read the communication. Raccoon allows attackers – under certain conditions – to break encryptions and read sensitive messages. This vulnerability is rather hard to exploit. Its exploitation relying on very precise timing measurements and a very specific server configuration.
How to manage your cyber security
Cyber security is an integral part of information security management. DataGuard supports its customers in the implementation and monitoring of their ISMS and the processes surrounding it. We help you develop, implement and manage your plans to meet the requirements of ISO 27001.
To test the security of your infrastructure, we use penetration tests simulating attacks on your systems to identify weaknesses. Thus, you are prepared even for worst case scenarios.
On our Information Security Platform customers get fundamental employee trainings, handy questionnaires on the topic of cyber security and recommendations for measures perfectly tailored to their needs.
In today’s world, businesses cannot do without implementing measures to improve their cyber security. What is crucial is the application of a good overall information security strategy.
DataGuard helps you define framework conditions to ensure your IT’s long-term security. More than 3,000 happy customers rely on us to implement strategies tailored to their individual needs.
Get in touch with our experts today to find out how we can help you with our web-based information security platform that works in tandem with our in-house experts to support your business through the implementation of your ISMS and beyond.