In-depth

How organisations deal with complex cyber attacks

Increasingly sophisticated cyber-attacks mean businesses need innovative ways of handling advanced threats

Attacks on businesses' networks and servers are getting more complicated. Long gone are the days of it just being spotty teenagers hacking from a bedroom; a whole ecosystem has sprung up over the last two decades that mirrors the development of the software industry itself. Scores of developers working together on new code, others distribute malware, and criminal organisations looking after revenue payments.

Advertisement - Article continues below

As with the cloud, cybercrime service providers cater for those who want to launch DDoS attacks or ransomware-as-a-service.

The whole cyber threat landscape is expanding. In a recent ISACA survey (the State of Cyber Security, 2017), 53% of respondents reported an increase in cyber-attacks upon their organisations and 80% thought it's likely they'll be targeted this year.

Meanwhile, this year's Verizon Data Breach Investigations Report found that, when it comes to different types of attack, Web Application Attacks remain the most prevalent, helped by a multitude of botnet data. However, the report also noted that if botnets were taken out of the equation cyber-espionage would assume the top spot.

"Cyber threats are now industrialised, agile and well-equipped with entire chains and structures for the creation and supply of exploits, malware, research and development, botnet creation and the movement of stolen data and funds," says Piers Wilson, head of product management at Huntsman Security.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"For example, if you look at some of the recent politically motivated attacks, information has been stolen, then modified and added to within the data set to make it more compromising and then released in a way, and at a time, to do the most damage (or maximise the political capital)."

Robin Oldham, head of the cyber security consulting practice at BAE Systems Applied Intelligence, says that the complexity of cyber attacks run in parallel with an increasingly complex world. The majority of initial compromises still rely on phishing emails and social engineering to get users to carry out an action on behalf of the attacker for example running a programme or opening a document.

"While the fact the attacker may have penetrated the system is a serious issue, the situation is made worse if it's left undetected," he says.

The attack on the Bangladesh Central Bank most likely used these simple techniques to get in, but the criminals followed this up with sophisticated malware to cover their tracks by rewriting database entries and changing hard copy printouts to subvert. More recently as seen with Operation CloudHopper, highly capable adversaries are targeting outsourced IT providers as a way to compromise company networks by using their administrative privileges.

Advertisement - Article continues below

"By compromising one outsourced provider they can access a myriad of end client networks," says Oldham.

Combatting threats

Technology isn't the answer, according to Richard Walters, CTO of CensorNet. He says that state and criminal actors have proven they can out-pace, out-tech and out-dev the security industry time and time again.

"The answer lies in the security strategy and operational ecosystem that organizations adopt and develop, alongside a set of tools that eliminate noise, automate the obvious, and allow limited security resources to focus on what is most malicious or suspicious," says Walters.

Sam Curry, chief product officer for Cybereason, says such attacks need to be dealt with in three parts; technological, organisational and personal.

"On the technology front, new techniques based on better sources of data (eg behavioural data) and using modern technology stacks (cloud, big data, machine learning, etc) are essential," he says.

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement
Advertisement

Most Popular

Visit/business/business-operations/356395/nvidia-overtakes-intel-as-most-valuable-us-chipmaker
Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020
Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/hardware/components/356405/is-it-time-to-put-intel-outside
components

Is it time to put Intel Outside?

10 Jul 2020