The evolution of cybersecurity threats and risks12 August 2021
The increase in the number and diversity of cybersecurity threats and risks is never-ending. History suggests the situation won’t get any better.
Whether you work remotely, are connected to your team by the cloud, or you’re a grandparent who uses a smartphone to stay connected to the family, cybersecurity will be on your radar. It has gone mainstream.
From fake Royal Mail phishing texts to spyware that can reach WIFI smart speakers, cybersecurity threats circle us 24/7. Whether we’re in our homes, at work or on holiday, they’re ever-present. And, the risk of attack is as real for global pharmaceutical organisations as it is for small businesses. Just ask the paper-making business, Cambridge Imprint, which faced ruin when ransomware locked it out of Instagram in 2021. They’ll agree that cybercrime is the great leveller of the 21st century. We really are all in it together.
Who didn’t hear about the Colonial Pipeline ransomware attack on the oil supply of American citizens? It made the mainstream news across the gamut of communication channels. Cybercrime in 2021 is unabating and developing rapidly along increasingly hard to count pathways of attack. It is a commonplace subject on the evening news, and it all began in 1971 with a quirky computer program called Creeper.
‘Catch me if you can’
The world’s first worm was Creeper, which was designed to move across mainframe computers, leaving the message: “I’m the Creeper, catch me if you can.” A trivial act in comparison to the Wannacry attacks that disrupted the UK’s NHS in 2017 and, more recently, the cynical phishing of personal data using hoax Covid-19 vaccine appointment emails.
Lone-wolf hackers have been replaced by the greater threat of state-sponsored criminal gangs, who steal the valuable intellectual property of their political and commercial rivals. This evolution in cybercrime brought about the UK’s National Cyber Security Centre and the US Cyber Threat Alliance, among other such global entities. Consequently, these organisations joined the private sector in its fight against cybersecurity threats — one that it had been fighting valiantly for years.
Forewarned is forearmed
Few, if any, cybersecurity threats and risks have disappeared. Rather they re-emerge stronger when circumstances are favourable. For example, the pandemic created a surge in home working, which facilitated new waves of phishing emails targeting distracted employees. Social engineering is as prevalent — and costly — as ever. This threat has moved its crosshairs from global organisation CxOs, to accounts and HR teams in smaller enterprises.
Rapid technological and social change will create endless vulnerabilities for cybercriminals to exploit. As such, we must continue to support our people with security training based on the most common forms of attack. And complement this with security awareness training that keeps pace with the steep curve of change.
Cybersecurity threats and risks are evolving continually and are never going away.
Please feel free to contact us for more information on how we can help you maintain and develop your CISO effectiveness.