• Home
  • News
  • Big Data & Analytics
  • DevOps
  • Security
  • GDPR
  • AI & ML
  • Women in Tech
  • Cloud & Infrastructure
  • CIO
  • Deskflix
  • Events
  • Whitepapers
  • Spotlights
  • IT Leaders 250
  • Research
  • Delta
  • Tech Marketing Hub
  • About Us
  • Newsletters
  • Sign in
  •  
      • Newsletters
      • Account details
      • Contact support
      • Sign out
     
     
    • You are currently accessing Computing via your Enterprise account.

      If you already have an account please use the link below to sign in.

      If you have any problems with your access or would like to request an individual access account please contact our customer service team.

      Phone: +44 (0) 1858 438800

      Email: customerservices@incisivemedia.com

      • Sign in
     
  • Follow us
    • Twitter
    • LinkedIn
    • Newsletters
    • Facebook
    • YouTube
  • Register
  • Events
    • Upcoming events
      event logo
      Deskflix Financial Services

      oin us for this episode of Deskflix to hear from industry experts and peers on their 2020 best practices, what they’ve learnt for 2021 and how they plan to overcome the next wave of disruption.

      • Date: 03 Mar 2021
      event logo
      Good listeners: Why conversational interfaces are now a must-have

      This webinar, featuring dedicated research, will explore how conversational interfaces can add value to your digital initiatives today. We discuss the benefits of putting the AI to work and the value of the conversational channel itself.

      • Date: 17 Mar 2021
      • Virtual Event,
      event logo
      Deskflix IT Leader's Summit

      Six months on from our inaugural IT Leaders’ Festival, Deskflix IT Leaders’ Summit is a chance to take stock and reflect on the first quarter of 2021. How did you overcome the obstacles of 2020? Was progression as expected? What were your biggest threats and biggest growth opportunities?

      • Date: 24 Mar 2021
      event logo
      Architect for the unknown: Is your database built for a crisis?

      This webinar, in which we’ll reveal Computing’s latest research in this area, reflects on how prepared our respondents’ data architecture was going into the pandemic and the role databases have to play in the ability to react and pivot in a crisis.

      • Date: 25 Mar 2021
      View all events
  • Whitepapers
    • LATEST WHITEPAPERS
      Darktrace 120x194
      Cyber AI Response: Threat Report 2019

      This white paper details 7 case studies of attacks that were intercepted and neutralised by Darktrace cyber defense AI, including a zero-day trojan in a manufacturing company's network. Learn how Darktrace Antigena AI Response modules fight back autonomously, no matter where a threat may emerge, extending to the Cloud, Email and SaaS.

      Download
      Darktrace 120x194
      Cyber AI & Darktrace Cloud

      This white paper explores how cloud is a security blind spot for many organisations who struggle with the limited visibility and control in this new environment, where their existing security tools are often not applicable.

      Download
      Find whitepapers
      Search by title or subject area
      View all whitepapers
  • Spotlights
    • Spotlights

      Welcome to Computing's Spotlight section, where we focus in on particularly important themes and topics of enterprise IT.

      Intel logo

       

      Endpoint Management and Security Hub

  • IT Leaders 250
  • Research
  • Delta
  • Tech Marketing Hub
  • About Us
Computing
Computing
  • Home
  • News
  • Big Data & Analytics
  • DevOps
  • Security
  • GDPR
  • AI & ML
  • Women in Tech
  • Cloud & Infrastructure
  • CIO
  • Deskflix
 
    • Newsletters
    • Account details
    • Contact support
    • Sign out
 
 
  • You are currently accessing Computing via your Enterprise account.

    If you already have an account please use the link below to sign in.

    If you have any problems with your access or would like to request an individual access account please contact our customer service team.

    Phone: +44 (0) 1858 438800

    Email: customerservices@incisivemedia.com

    • Sign in
 
 

Sponsor content:

What's this?

This content has been provided by our sponsors and is a paid advertisement.
  • Cloud Computing

How the security landscape has darkened under the Covid cloud

  • Carbon Black
  • Tweet  
  • Facebook  
  • LinkedIn  
  • Send to  
0 Comments

Since the pandemic struck, the porous and dispersed nature of most organisations has created countless opportunities for cybercriminals to exploit.

Some are the opportunistic hackers and trouble-makers of popular lore. But others are organised criminals whose primary aims are financial gain - from theft, phishing, or ransomware - and disruption to specific businesses or markets.

In the economic crisis caused by this healthcare catastrophe, some organisations might feel more inclined to pay ransoms than to have their critical systems or data frozen. Criminals know this. And they know that stress, panic, and fatigue can make people careless and more susceptible to well-designed phishing techniques.

Organised criminals are also using the fact that the crisis has widened the perimeter of corporate networks to exploit new security blindspots - in some cases due to insecure home wifi systems or smart-home devices that have known or guessable passwords.

But others are using the fear and confusion caused by the pandemic to create new types of fraud, ransomware, or social engineering attack.

Some of these play on people's worries, finances, and healthcare concerns: fake vaccine notices from healthcare providers, for example, or demands for users to re-enter login or account data as extra authentication in the crisis.

Small problems can spread

All employees should beware of falling for these tricks. For the enterprise, any compromised home networks could rapidly become compromised corporate systems, if the breach is in the form of malicious code or login details have been published on hacker forums.

Other risks are more subtle and perhaps harder for IT leaders to tackle. These might include troublemakers in the employee's home - family members gaining access to sensitive data by accident, for amusement, or out of curiosity because devices have been left unattended. Beware of errant teenagers!

The remedial challenge is made more difficult by IT teams themselves being more dispersed and remote. For this reason (to quote an old government campaign) we really should stay alert.

On that point, one thing is certain: while home working, cloud adoption, flexible workflows, and mobility have all experienced a dramatic acceleration during the crisis, this was no overnight transformation into an unprecedented world.

The security challenges associated with remote working should have been on the radar of every IT team, even if the precise circumstances of this crisis may not have been planned for.

What was new in 2020 was that the risk of doing nothing to enable remote collaboration suddenly became much greater than the risk of deploying unfamiliar technologies. As a result, even firms with extensive on-premise tech legacies have had to shift essential workflows into the cloud.

Be a gang buster

But for some organisations, the organised external threats are most dangerous. According to Computing research, criminals are increasingly ramping up the payback they demand from breaches. Indeed, many of the most successful cyber-attacks are now launched by organised collectives, whose services are available to the highest bidder.

A recent Computing research paper reveals that criminal gangs have been identified that are not only holding data to ransom, but also using it to blackmail their victims. More than one in 10 of the 150 IT leaders questioned in the research have been affected by such a group, or know someone who has.

A further 11 percent preferred not to say if they have been hit by this type of crime - a likely indication that they are aware of breaches, possibly at first hand. If true, then as many as one-fifth of organisations may have fallen victim to such attacks.

All it takes is one careless employee or one insecure device.

One of the first criminal groups to be observed operating this way was the Maze Cartel. Maze posts proof of stolen data on its website, and threatens to release the full dataset if the victim fails to comply with their demands.

Its infamy appears to have spread. Computing's survey found that 75 percent of IT leaders have heard of the group, 11 percent have been hit by a Maze attack, and 14 percent know other organisations that have. That is significantly more than the numbers reporting attacks when asked the more general question, above.

The cartel's website is a sophisticated platform, where victims can negotiate and pay ransoms via a fully featured support system. This alone is evidence that criminals are becoming more confident and professional; they are no longer secreted on the Dark Web, but hiding in plain sight and demanding cash via enterprise-grade tools.

Though some groups appear to honour their commitments to return stolen data, it is important for victims to analyse their networks after any breach to ensure, first, that there is no possibility of a repeat performance; and, second, that no malicious code has been planted in the system. It is unwise to trust that there is honour among professional cyber thieves.

Ragnar Locker is another criminal group. It too hosts a ‘wall of shame', where it names companies that have been successfully breached. In this way an attack becomes a double whammy for its victims. First comes the financial, technical, and operational hit; then second, the lasting damage to reputation.

The latter may dissuade some customers from doing business with a company that has failed to secure its systems and/or data. Again, criminals know this; it is what gives them leverage in the court of pubic opinion.

Computing research found that 72 percent of IT leaders are aware of this group, 12 percent have been hit by them, and 16 percent know of people or organisations that have. Similar figures apply to half a dozen different groups (see the white paper for more on this).

Other international groups offer ransomware-as-a-service, renting out their platforms to threat actors. Always remember: cybercrime is international, highly networked, and profitable.

Conclusions

In the physical world, theft is often opportunistic rather than planned or targeted. But in the digital realm, cybercriminals take more time to map organisations, understand businesses, exfiltrate sensitive data, and execute attacks as professionally as possible. In this way, they maximise their chances of profit.

This growing professionalism - and confidence - should trouble every CIO and CISO, as it shows a clear direction of travel. In other words, these issues can only get worse until organisations shape up and address the dangers.

After all, for many organisations being seen to be attacked is as serious as the attack itself. So be realistic about the risks, understand the issues, ensure your security procedures are known and followed, and find ways to manage your team in a dispersed, home-working world.

  • Tweet  
  • Facebook  
  • LinkedIn  
  • Send to  
  • Topics
  • Cloud Computing
blog comments powered by Disqus
Back to Top
  • Contact
  • Delta
  • Marketing solutions
  • Enterprise IT Events
  • Incisive Media
  • Terms & conditions
  • Policies
  • Careers
  • Twitter
  • LinkedIn
  • Newsletters
  • Facebook
  • YouTube

im_logo

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017
Loading