Menu
Close

Cyber Security Research Round Up

frame-KN
Paul Briggs
March 17, 2023

Research Round Up

THIS MONTH'S LATEST CYBER SECURITY RESEARCH From security vendors, bloggers, and analysts

Checkpoint Security: Cyber Security Report 2023

Author: Maya Horowitz, VP Research at Check Point Software Technologies

  • “In 2022, the proportion of email-delivered-attacks has increased, reaching a staggering record of 86% of all file-based attacks in-the-wild.”
  • “The Russia-Ukraine war demonstrated how traditional, kinetic war can be augmented by a cybernetic war. It has also influenced the broader threat landscape in the rapid changes of hacktivism and how independent threat actors choose to work for state-affiliated missions.
  • The war has also seen enhanced usage of wiper malware, malware that intends to erase or wipe data of the drive it infects, and this trend has been adopted by several actors, reaching a point where 2022 has seen more wiper attacks globally, than in the previous decade altogether.”

IBM Security Report: Cost of a Data Breach Hits Record High During Pandemic

  • In 2021 systems and software giant, IBM Security found that over half of SMBs had experienced a cyber-attack largely as the result of the pandemic where new hybrid working models were introduced or with the increased migrations to cloud infrastructure.
  • IBM notes that 40% of SMBs do not have comprehensive and updated cyber-security incident plan. Other findings of the IBM research found that or companies with less that 500 employees the cost of an average Cyber breach was around $3m per incident.

Venture Beat/ Forrester 2023 Cyber Security Predictions

  • More than 50% of chief risk officers (CROs) will report directly to the CEO.
  • A C-level executive will be fired for their firm’s use of employee monitoring.
  • A Global 500 firm will be exposed for burning out its cybersecurity employees 
Cyber security research

SecureList by Kaspersky: What your SOC will be facing in 2023

Authors: Sergey Solatov, Roman Nazarov

  • Ransomware will increasingly destroy data instead of encrypting it
  • Public-facing applications will continue to be exploited for initial access
  • More supply chain attacks via telecom
  • More reoccurring targeted attacks by state-sponsored actors
  • Rise in attacks on Media outlets

EMP Research

  • Future-proof: bunkered data centres and the selling of ultra-secure cloud storage
  • Challenges in Protecting Cyber Critical Infrastructure-GOA
  • North Korea’s Satellites Could Unleash Electromagnetic Pulse Attack
  • Critical Infrastructure Cyber Recommendations Go Largely Unaddressed-Nextgov
  • EMP/Solar flare-Grid Down Consulting
  • Infrastructure Security-CISA

Cyber Security Podcasts-Compiled by Fabian Weber

KN-Frame-Titles-Down
Latest Trends
related Articles
Latest Trends
Types of Cybersecurity Threats
Sinead Conboy
No Comments

Summary

In part one of our cybersecurity and digital transformation blog series, we set out the importance of keeping security needs at the forefront of any digital strategy. This installment will present the most common cybersecurity threats that businesses are faced with.

Cybersecurity threats come in various forms from different sources, and can be defined as either passive or active, attacking both operating systems and hardware.  

Passive Threat & Active Attacks

Passive cybersecurity threats are attacks which does not harm a company’s system directly, but information is obtained which may be sensitive data. A hacker will attempt to remain unnoticed while gathering information about the victim’s machine, network, or other systems.  

An active attack encompasses a wide range of different techniques that jeopardises a system’s integrity and availability. This type of attack poses a threat to both the organisation and individuals where a hacker attempts to directly modify resources. Unlike a passive attack, these breaches are more easily identified.  

Cybersecurity threats

Common passive attacks:  

  • Phishing – A common, but effective type of attack typically carried out via email. It is designed to steal users’ credentials and trick them into installing malicious software on their device. Over time, phishing attacks have evolved into more sophisticated and efficient tactics, with attackers frequently utilizing authentic-looking credentials to increase their success rate. 
     
  • Cyber espionage – Where a hacker accesses, steals, or exposes classified data or intellectual property with malicious intent which can lead to damaging consequences. Common methods include advanced persistent threats (APT), social engineering and spear phishing.  
     
  • Data packet sniffing – Similar to wiretapping, packet sniffing allows anyone to eavesdrop on computer conversations. An attacker will install hardware or software to monitor, collect and analyse data sent over a network.  

Common active attacks:  

  • Malware – any malicious software which aims to cause disruption or damage a computer, server, or network. Devices can be infected through simple means such as clicking on a suspicious link, but it can allow the hacker access to personal and sensitive information.  
     
  • Denial of Service (DoS) – An attack carried out by bots designed to flood an organisations system with fake requests, therefore blocking legitimate requests. This type of attack both seriously effects company resources and damages infrastructure.  
     
  • Domain spoofing – This is another form of phishing where an attacker impersonates a known business or person by using a fake web or email domain hoping to fool people into trusting them as at first glance they often look legitimate. However, users can be tricked into revealing sensitive information, sending money or clicking malicious links.  

Cyberattacks can affect both operating systems and hardware, creating challenges for businesses who wish to fortify their infrastructure against cybersecurity threats. This can create even greater challenge for smaller businesses who are trying to manage this with limited resources. The third installment of this blog series will discuss the challenges caused by these security breaches.  

☉☉☉

Read More
Cybersecurity challenges faced by businesses
Sinead Conboy
No Comments

In part two of our cybersecurity and digital transformation series we detailed the most common forms of cyberattacks. In this blog, we will discuss the biggest cybersecurity challenges facing businesses.

As digital transformation introduces new, and ever evolving technology to small business IT infrastructure, it is inevitable that an organization’s potential attack surface grows, introducing more cybersecurity challenges.  

As they try to navigate a wide range of potential threats, small businesses can struggle to distribute the right resources to ensure they stay safe, meaning they are vulnerable to various cybersecurity challenges such as:   

  • Secure back-up and recovery of data
  • Detection and response to threats and vulnerabilities
  • Supply chain integrity
  • Manage security activities 24/7
Cybersecurity challenges

Secure back-up and recovery of data

One major cybersecurity challenge that small businesses face is the secure back-up and recovery of data. Companies must have adequate systems in place to ensure that their data is securely backed up and recoverable in the event of damage or corruption.  

Data-driven companies, in particular, must protect their information from sophisticated ransomware attacks. As small businesses increasingly include multi-cloud and on-premise storage of data in their IT infrastructures, cyber resilience is essential to ensure business continuity in the event of a data loss. 

Detection and response to threats and vulnerabilities

The vulnerability of cybersecurity breach above and below a company’s operating system will inevitably increase as the business grows. Threats can present themselves in various forms with the intention of accessing, changing, destroying, or deleting information without authorized access.  

The challenge arises for businesses to install the right systems that can promptly identify these threats and adequately defend their IT infrastructure. According to IBM, in 2022 it took an average of 277 days or 9 months to identify and contain a breach. The longer a breach lasts, the greater the strain on a business’ resources.  

Supply chain integrity

Supply chains are a multi-party ecosystem. Businesses rely on advanced technology to support connectivity and sophisticated logistics networks. However, this technology is also vulnerable to attacks, threatening the integrity of supply chain systems. It is vital to maintain the security of the supply chain eco-systems to avoid operational disruptions, lost revenue, jeopardized data, reduced productivity and potential brand and reputation damage. 

Technology supply chains can also be infiltrated with counterfeit devices that have been tampered with. IT teams work hard to secure their infrastructure, but this is a futile activity if a third party does not maintain their defence along the supply chain. Businesses must ensure devices and their components are safe to deploy using secure verification.   

Manage security activities 24/7

With cyber-attacks posing a threat at any time of day, businesses must remain vigilant around the clock. However, companies often face the challenge of not having the necessary resources in house to physically monitor their networks continuously.  

As threats continue to increase in frequency and complexity, efficient threat detection systems are essential in identifying and preventing attacks before any damage can occur. This can mean having to invest in outsourced services to ensure networks are monitored 24/7. 

Small businesses face numerous cybersecurity challenges in the ever-changing landscape of digital transformation. To ensure their safety, companies must prioritize cyber resilience and invest in efficient threat detection systems. By doing so, they can protect their data, maintain supply chain integrity, and prevent cyber-attacks from disrupting their operations. In the fourth and final blog in this series we will lay out the steps you can take to improve your security measures to keep your infrastructure safe.

Part four will conclude this blog series by detailing the steps needed to implement practices that best address your cybersecurity challenges.  

☉☉☉

Read More
Cyber Security Research Round Up
Paul Briggs
No Comments

Research Round Up

THIS MONTH'S LATEST CYBER SECURITY RESEARCH From security vendors, bloggers, and analysts

Checkpoint Security: Cyber Security Report 2023

Author: Maya Horowitz, VP Research at Check Point Software Technologies

  • “In 2022, the proportion of email-delivered-attacks has increased, reaching a staggering record of 86% of all file-based attacks in-the-wild.”
  • “The Russia-Ukraine war demonstrated how traditional, kinetic war can be augmented by a cybernetic war. It has also influenced the broader threat landscape in the rapid changes of hacktivism and how independent threat actors choose to work for state-affiliated missions.
  • The war has also seen enhanced usage of wiper malware, malware that intends to erase or wipe data of the drive it infects, and this trend has been adopted by several actors, reaching a point where 2022 has seen more wiper attacks globally, than in the previous decade altogether.”

IBM Security Report: Cost of a Data Breach Hits Record High During Pandemic

  • In 2021 systems and software giant, IBM Security found that over half of SMBs had experienced a cyber-attack largely as the result of the pandemic where new hybrid working models were introduced or with the increased migrations to cloud infrastructure.
  • IBM notes that 40% of SMBs do not have comprehensive and updated cyber-security incident plan. Other findings of the IBM research found that or companies with less that 500 employees the cost of an average Cyber breach was around $3m per incident.

Venture Beat/ Forrester 2023 Cyber Security Predictions

  • More than 50% of chief risk officers (CROs) will report directly to the CEO.
  • A C-level executive will be fired for their firm’s use of employee monitoring.
  • A Global 500 firm will be exposed for burning out its cybersecurity employees 
Cyber security research

SecureList by Kaspersky: What your SOC will be facing in 2023

Authors: Sergey Solatov, Roman Nazarov

  • Ransomware will increasingly destroy data instead of encrypting it
  • Public-facing applications will continue to be exploited for initial access
  • More supply chain attacks via telecom
  • More reoccurring targeted attacks by state-sponsored actors
  • Rise in attacks on Media outlets

EMP Research

  • Future-proof: bunkered data centres and the selling of ultra-secure cloud storage
  • Challenges in Protecting Cyber Critical Infrastructure-GOA
  • North Korea’s Satellites Could Unleash Electromagnetic Pulse Attack
  • Critical Infrastructure Cyber Recommendations Go Largely Unaddressed-Nextgov
  • EMP/Solar flare-Grid Down Consulting
  • Infrastructure Security-CISA

Cyber Security Podcasts-Compiled by Fabian Weber

Read More
Related News
Will EMP Attacks Be The Next Emerging Cyber Threat?
Paul Briggs

This month’s Knowledge Exchange white paper on emerging and existing Cyber Security threats will examine why ITDMs and Business Leaders are extremely worried about a ‘catastrophic cyber event’ that could have more of a societal impact than Covid-19 in next few years, and what ITDMs can do today and longer term to mitigate those risks. 

It may be pure co-incidence, but it was certainly chilling to see that in a matter of weeks after the World Economic Forum’s (WEF) 2023 annual summit in Davos, Switzerland that warned of a total “grid down” scenario caused by a ‘catastrophic cyber event;’ a mysterious high-altitude balloon was seen floating across America. 

And while many in the mainstream media have quickly judged this and subsequent other balloons to be a surveillance or spy balloons, other commentators claim that most state sponsored espionage is done via satellites1 and that this vehicle has potentially a more sinister capability: The ability to activate an electromagnetic pulse or EMP at high altitude (HEMP) using a smaller lighter nuclear payload. 

Therefore, if the balloon was carrying an EMP device or was just a drill to test the detection and response time of such devices, at the sort of altitude the vehicle was flying it would have a greater geographical reach than a ground detonated device and could have knocked out a big chunk of the infrastructure it was flying over.  

A grid down scenario would make Covid’s impact seem like, ‘a small disturbance’

Klaus Schwab, founder of the WEF. 

he result would be an instant shut down of power, communication, finance, and business systems that would have a devastating effect to emergency services and supply chains that could tip society into chaos in a matter of days. 

A grid down scenario would make Covid’s impact seem like, ‘a small disturbance,’ according to Klaus Schwab, founder of the WEF.  

President of the Centre for American Defence Studies, Paul Crespo also confirmed the high-altitude vehicles could be a trial run for a cyber-attack using a balloon-mounted weapon.  

Speaking in the Epoch Times Crespo said: 

“While China has tested hypersonic missiles launched from balloons in the past, that isn’t a likely use for these airships."

“The biggest threat is sending one or more of these high-altitude balloons over the US with a small nuclear EMP device.” 

While we hope the vehicle may be nothing more than a ‘weather balloon,’ with rising geopolitical tension between the US with China2, over Taiwan, tensions with Russia, over Ukraine; an increasingly unstable regime in Iran and a reescalation of tension with North Korea, the usage of EMP enabled weapons for a global pre-emptive strike seems alarmingly possible.  

Military strategists at these countries may be in favour of a high-altitude pre-emptive HEMP strike over a conventional full blown nuclear attack as it limits immediate death, radiation fall out and keeps the infrastructure intact, albeit broken, that can be repaired in time.

Read More
Steps to improve cybersecurity practices
Sinead Conboy

Summary

The first three blogs of our cybersecurity and digital transformation series focused on the threats and security challenges faced by businesses when implementing a digital transformation strategy. In this concluding installment we will lay out the steps you can take to protect your company from potential attacks.

How can businesses reduce the risks of cyber-attacks?

SMBs face a significant risk of cyber-attacks and security breaches. Businesses can take this steps to improve cybersecurity practices. A single attack can cause irreparable damage to the business. Therefore, it's essential for businesses to establish robust security practices to mitigate security threats to their infrastructure and organization. In this fourth and final installment of our cybersecurity series, we will lay out the best ways to tackle these challenges and threats.

Preparing your business for potential security breaches may seem daunting, but there are many steps you can take to improve your security measures. Here are some ways to improve your business's cybersecurity practices:

• Back up your data on the cloud:

Backing up your data on the cloud is an easy and secure way to ensure that your data is safe and accessible even in the event of hardware failure or corruption. Cloud storage is less susceptible to theft or damage than physical on-premise devices as cloud service providers offer firewall protection, making it a safer choice for data storage. Public and private cloud options are available to businesses of all sizes, and data can be accessed from anywhere with an internet connection.

• Implement access controls:

Access control policies limit access to your business's critical assets. Avoid sharing user IDs for accessing systems and data. Instead, use unique IDs and login credentials to make it easier to track who is accessing your resources. Implementing automated Identity Access Management (IAM) systems helps streamline this task and eliminates a large amount of risk.

• Thoroughly train employees in best practices:

Humans are often the weakest link in the cybersecurity chain. It is essential that your employees and adequately trained in your more updated security procedures. They need to be equipped with the knowledge and skills to be able to identify and avoid potential threats. Without this, they may be more likely to fall victim to sophisticated phishing attacks, and unintentionally expose the company’s data or put it at risk of an attack.

• User Authentication:

User authentication is the process of verifying the identity of a user before they are granted access to a system or application. Multi-factor authentication creates a layered security system that requires employees to use a randomly generated one-time code sent via SMS or email in addition to their password to verify their identity. This type of security system protects your data by preventing unauthorized third-party users from gaining entry to business systems and websites.

• Implement a Managed Detection and Response (MDR) service:

Small businesses and their IT security teams can struggle to keep pace with their growing volume of technology and threats. A Managed Detection and Response (MDR) service is a cybersecurity service that combines high-end technology with human expertise to rapidly identify and limit the impact of cyber threats without the need to hire additional staff. This service monitors your systems and applications 24/7 to detect and respond to any security incidents.

Final Thoughts

In conclusion, improving your business's cybersecurity practices is essential to safeguarding your data and ensuring the continuity of your business. By implementing these security measures, you can help protect your business from cyber threats and avoid the devastating consequences of a security breach.

☉☉☉

Read More
Types of Cybersecurity Threats
Sinead Conboy

Summary

In part one of our cybersecurity and digital transformation blog series, we set out the importance of keeping security needs at the forefront of any digital strategy. This installment will present the most common cybersecurity threats that businesses are faced with.

Cybersecurity threats come in various forms from different sources, and can be defined as either passive or active, attacking both operating systems and hardware.  

Passive Threat & Active Attacks

Passive cybersecurity threats are attacks which does not harm a company’s system directly, but information is obtained which may be sensitive data. A hacker will attempt to remain unnoticed while gathering information about the victim’s machine, network, or other systems.  

An active attack encompasses a wide range of different techniques that jeopardises a system’s integrity and availability. This type of attack poses a threat to both the organisation and individuals where a hacker attempts to directly modify resources. Unlike a passive attack, these breaches are more easily identified.  

Cybersecurity threats

Common passive attacks:  

  • Phishing – A common, but effective type of attack typically carried out via email. It is designed to steal users’ credentials and trick them into installing malicious software on their device. Over time, phishing attacks have evolved into more sophisticated and efficient tactics, with attackers frequently utilizing authentic-looking credentials to increase their success rate. 
     
  • Cyber espionage – Where a hacker accesses, steals, or exposes classified data or intellectual property with malicious intent which can lead to damaging consequences. Common methods include advanced persistent threats (APT), social engineering and spear phishing.  
     
  • Data packet sniffing – Similar to wiretapping, packet sniffing allows anyone to eavesdrop on computer conversations. An attacker will install hardware or software to monitor, collect and analyse data sent over a network.  

Common active attacks:  

  • Malware – any malicious software which aims to cause disruption or damage a computer, server, or network. Devices can be infected through simple means such as clicking on a suspicious link, but it can allow the hacker access to personal and sensitive information.  
     
  • Denial of Service (DoS) – An attack carried out by bots designed to flood an organisations system with fake requests, therefore blocking legitimate requests. This type of attack both seriously effects company resources and damages infrastructure.  
     
  • Domain spoofing – This is another form of phishing where an attacker impersonates a known business or person by using a fake web or email domain hoping to fool people into trusting them as at first glance they often look legitimate. However, users can be tricked into revealing sensitive information, sending money or clicking malicious links.  

Cyberattacks can affect both operating systems and hardware, creating challenges for businesses who wish to fortify their infrastructure against cybersecurity threats. This can create even greater challenge for smaller businesses who are trying to manage this with limited resources. The third installment of this blog series will discuss the challenges caused by these security breaches.  

☉☉☉

Read More
Cybersecurity challenges faced by businesses
Sinead Conboy

In part two of our cybersecurity and digital transformation series we detailed the most common forms of cyberattacks. In this blog, we will discuss the biggest cybersecurity challenges facing businesses.

As digital transformation introduces new, and ever evolving technology to small business IT infrastructure, it is inevitable that an organization’s potential attack surface grows, introducing more cybersecurity challenges.  

As they try to navigate a wide range of potential threats, small businesses can struggle to distribute the right resources to ensure they stay safe, meaning they are vulnerable to various cybersecurity challenges such as:   

  • Secure back-up and recovery of data
  • Detection and response to threats and vulnerabilities
  • Supply chain integrity
  • Manage security activities 24/7
Cybersecurity challenges

Secure back-up and recovery of data

One major cybersecurity challenge that small businesses face is the secure back-up and recovery of data. Companies must have adequate systems in place to ensure that their data is securely backed up and recoverable in the event of damage or corruption.  

Data-driven companies, in particular, must protect their information from sophisticated ransomware attacks. As small businesses increasingly include multi-cloud and on-premise storage of data in their IT infrastructures, cyber resilience is essential to ensure business continuity in the event of a data loss. 

Detection and response to threats and vulnerabilities

The vulnerability of cybersecurity breach above and below a company’s operating system will inevitably increase as the business grows. Threats can present themselves in various forms with the intention of accessing, changing, destroying, or deleting information without authorized access.  

The challenge arises for businesses to install the right systems that can promptly identify these threats and adequately defend their IT infrastructure. According to IBM, in 2022 it took an average of 277 days or 9 months to identify and contain a breach. The longer a breach lasts, the greater the strain on a business’ resources.  

Supply chain integrity

Supply chains are a multi-party ecosystem. Businesses rely on advanced technology to support connectivity and sophisticated logistics networks. However, this technology is also vulnerable to attacks, threatening the integrity of supply chain systems. It is vital to maintain the security of the supply chain eco-systems to avoid operational disruptions, lost revenue, jeopardized data, reduced productivity and potential brand and reputation damage. 

Technology supply chains can also be infiltrated with counterfeit devices that have been tampered with. IT teams work hard to secure their infrastructure, but this is a futile activity if a third party does not maintain their defence along the supply chain. Businesses must ensure devices and their components are safe to deploy using secure verification.   

Manage security activities 24/7

With cyber-attacks posing a threat at any time of day, businesses must remain vigilant around the clock. However, companies often face the challenge of not having the necessary resources in house to physically monitor their networks continuously.  

As threats continue to increase in frequency and complexity, efficient threat detection systems are essential in identifying and preventing attacks before any damage can occur. This can mean having to invest in outsourced services to ensure networks are monitored 24/7. 

Small businesses face numerous cybersecurity challenges in the ever-changing landscape of digital transformation. To ensure their safety, companies must prioritize cyber resilience and invest in efficient threat detection systems. By doing so, they can protect their data, maintain supply chain integrity, and prevent cyber-attacks from disrupting their operations. In the fourth and final blog in this series we will lay out the steps you can take to improve your security measures to keep your infrastructure safe.

Part four will conclude this blog series by detailing the steps needed to implement practices that best address your cybersecurity challenges.  

☉☉☉

Read More
Cyber Security & Digital Transformation
Sinead Conboy

Summary

In this four-part blog series, we will discuss the importance of cyber security in digital transformation, types of cyber security threats, security challenges, and how you can improve your cyber security practices to overcome them.   

Digital transformation and security challenges

Digital transformation has undoubtedly been accelerated in recent years due to the pandemic. The rise of hybrid, digital-forward working environments has forced companies to re-evaluate their digital strategies and invest in new technology. However, as companies transition to more digital systems, cyber security must remain a top priority. 

Businesses are at risk as they expand their IT infrastructure. A security breach can have serious consequences, including the loss of valuable data, supply chain integrity, and ransomware attacks. To avoid such risks, security needs to be at the forefront of digital transformation strategies. 

The rise of hybrid, digital-forward working environments has forced companies to re-evaluate their digital strategies and invest in new technology.

Cyber security

One of the most significant aspects of digital transformation is becoming a more data-driven organization. As companies centralize their data, they become more vulnerable to attacks from hackers, who are always on the lookout for valuable data. 

Furthermore, the pandemic has highlighted the need for hybrid working environments. While this is great for flexibility and convenience, it poses a significant challenge for IT security teams. The challenge is to manage a vast infrastructure that includes PCs connecting from multiple and potentially global locations, which amplifies the need for each employee to uphold their personal responsibility to follow cybersecurity best practices. 

The growing risk of cyberattacks

Cyberattacks are on the rise, and small companies cannot afford to take risks when it comes to securing their IT network. On average, a cyberattack happens every 11 seconds, and the cost of an attack can be as high as $13 million. With the evolution of Artificial Intelligence and Machine Learning, attacks are becoming increasingly sophisticated, and many companies do not have stringent measures in place to handle these risks. 

To tackle this problem, cybersecurity must no longer be viewed as solely an IT issue, but rather a business risk. A company is only as strong as its IT infrastructure, meaning that its business strategy must revolve around IT security. As a result, employees play a crucial role in upholding the security of their systems and fully understanding the risks that the business can face. 

Final Thoughts

In conclusion, as digital transformation continues to shape the business landscape, cyber security is becoming more critical than ever. Small businesses need to prioritize security to mitigate the risk of cyberattacks and ensure business continuity. Executive-level employees will also need to be accountable for treating cyber security risks as part of their employment contracts and any at-risk payments.

By taking these steps, companies can protect themselves from the increasing threat of cybercrime and maintain their reputation and ability to operate effectively. 

In part two, we will examine the most common types of cyber security threats.

Read More

Unlock the power

Speak with the Knowledge Exchange team

call me
expert-IT-trend-advisor-from-Knowledge-Exchange
envelopephone-handsetcrossmenu