The National Cyber Security Centre (NCSC) has revealed that UK businesses face a growing threat from ransomware and data breaches, whilst also highlighting increasing concerns surrounding cloud storage and the Internet of Things.
The NCSC report entitled ‘The cyber threat to UK business’ confirms that criminals are launching more online attacks on UK businesses than ever before.
Chief amongst the threats are ransomware and distributed denial of service attacks. The report quotes a survey by Corero Network Security10 which indicates that the number of monthly DDoS attack attempts between July and September 2017 showed a 91% increase when compared to figures in the first quarter of 2017.
Data breaches are also on the increase. The techniques used in most cases were not particularly advanced (including exploiting unpatched vulnerabilities and spear-phishing), but were often spectacularly successful. For example, at Equifax, where the personally identifiable information of 145 million US users and almost 700,000 UK users was compromised, or Verizon where data on 14 million customers stored in the cloud, and controlled by a third party company was hacked.
Looking forward, the report highlights growing concerns over the Internet of Things (IoT), with many of the internet-connected devices currently sold to consumers lacking basic cyber security provisions. With so many devices unsecured, it’s inevitable that vulnerabilities will be exploited. The report advocates a fundamental shift in approach, moving the burden away from end-users having to secure their devices, and instead ensuring strong cyber security is built into IoT products by design.
Cloud security also raises some red flags. As more organisations move data into the cloud (including confidential or sensitive information), it will become an increasingly tempting target for a range of cyber criminals. They will take advantage of the fact that many businesses put too much faith in the cloud providers and don’t stipulate how and where their data is stored.
So, what can be done? Many of the above cyber threats can be prevented, or at least their impact reduced, by adopting a range of basic cyber security measures as set out in the NCSC guide, ‘10 Steps to Cyber Security’.
For example, mitigations against ransomware include deploying critical security patches as soon as possible, using an always-on antivirus solution that scans new files, conducting regular vulnerability scans and establishing configuration control and management.
When it comes to protecting against data breaches, the recommended actions include protecting endpoints through the use of up-to-date and supported operating systems and software; protecting the network through the use of firewalls and network segregation to protect services; and protecting information by implementing a policy of ‘least privilege’ for all devices and services, using multi-factor authentication to protect sensitive information and ensuring that all services are protected by strict authentication and authorisation controls.
On a cautionary note, however, the report warns that no matter how good a company’s cyber security, it is at risk if it isn’t matched by the management and security capabilities of its service providers and software. Even if an organisation has excellent cyber security, there can be no guarantee that the same standards are applied by contractors and third-party suppliers in the supply chain”, says the report” and the reality is that attackers will target the most vulnerable part of a supply chain to achieve their criminal objectives…
Solutions Architect, UK Operations