Cyber professionals are right on the frontlines when it comes to protecting public and private companies and their data.
In a recent survey by Mimecast, Australian companies expressed that they are now more likely to get sued by their customers due to a ransomware attack. About 80% of the companies Mimecast surveyed have increased their cybersecurity budget to address this issue.
Australian Cyber Security Centre (ACSC) has asked private organisations and government agencies to be on hyperalert to protect against cyber threats as the threat landscape across the world becomes more treacherous than ever.
Aside from the sheer scale of cyber threats, the nature of attacks themselves is changing. They’re becoming very calculated and deliberate. There is no longer room for set and forget approaches to cyber defence. Today’s adversaries are more skilled, well-resourced and highly motivated. Soon it won't just be theft of IP, denial of service or ransomware attacks we have to worry about. We must expect adversaries to deploy crippling attacks on critical infrastructure, government networks and industrial control systems.
Digital transformation has literally changed our world
The rise of the internet and IoT have been significant catalysts, as more and more aspects of our lives and our world become digitised. Many enterprises were forced to speed up their transition to the cloud due to the pandemic, driving change across the global economy. As Dan Gregory observed:
“We exist more in the online space than ever before, and to some extent, we exist less in the offline world. This has fundamentally affected the way we behave and how we conduct business.”
Emails — the most predominant attack vector — and instant messaging applications have become the primary collaboration channels across every industry, making them the weakest links in security. The attack surface has changed, and cyber vulnerability is on the rise.
There has also been an exponential increase in the number of connected devices and digital services across businesses and households, giving hackers near-countless entry points to play with. The complexity and scale of our globalised digital ecosystem means adversaries from any location can slip into our IT networks and mine sensitive data, while staying undetected for weeks, even months. Digital supply chains are becoming much more complex and layered, so it is a daunting task to monitor them effectively.
Ransomware is becoming professionalised
You may be tired of hearing cyber professionals talking about ransomware, but that doesn't make it any less of a threat. If you've ever been targeted by a ransomware attack, you’ll know that re-breach is a very real possibility. With no visibility on how hackers entered your systems, you can never be 100% sure you’ve sealed off all possible entry points. Hackers know that if you paid up once, chances are high that you will do so again.
Ransomware attacks have proved so lucrative that an entire industry has sprung up to offer ransomware-as-a-service, some of them functioning as privately held companies, complete with 24/7 tech support, based in countries where they can legally do business.
Our goals may be different, but we all face the same threat
Ransomware does not discriminate between its targets. Governments, charities, hospitals, all are fair game as far as attackers are concerned. Governments across the world have been overwhelmed by cybersecurity issues and are scrambling to find ways to secure their critical infrastructure. Law enforcement agencies have been focusing their attention on attribution and chasing down miscreants, while businesses are looking for ways to ensure business continuity and protect shareholder value.
But this fragmented approach can only get us so far. Hackers are already sharing intelligence and cooperating with each other, and we need to do the same.
David Raissipour, Chief Technology and Product Officer at Mimecast, highlighted the importance of open collaboration and communication between various applications and products during Mimecast's United Against Cybercrime Keynote webinar. He said,
"One of the ways we can solve cybersecurity problems and challenges is by looking at these problems as a joint attack and a joint defence - attacking the bad guys and defending the good guys. We, at Mimecast, have spent a lot of time building relations with products from other vendors. We have seen that many vendors lack overall context. What we need is to build communication and collaboration products that allow the exchange of context with other products and make them more secure."
I highly recommend checking out the recording of Mimecast APAC Connect event here.
Working together is critical, as the threat affects us all. Ransomware attacks are on the rise because those under attack are paying up. Money is a big motivator, and attacks will continue as long as hackers can make money off them. Only a united front can change this trend.
Change is in the air
Previously, people and companies were ashamed to say that they were compromised by ransomware, which was frowned upon and seen as a weakness. Now we're seeing organisations stepping forward and being honest about their experiences with ransomware attacks, and building up their brand and reputation while doing it. Security leadership that has lived through a breach are seen as more valuable. Similarly, cybersecurity professionals who have been through a major cyber event need to see it as a badge of honour and capture all the learnings to build up their capabilities.
Trust and reputation are the new currencies of the digital age, and transparency is becoming a highly valued trait in the business world. Governments across continents are introducing laws to protect the data and privacy of their citizens and businesses. This rising interest in data sovereignty is the motivation behind enforcement of unified data security and privacy laws, like GDPR, that span entire groups of countries.
Mutual cooperation is the best defence
Cyber awareness is at an all-time high, and those in positions of power realise cybersecurity is vital. This is the time for cyber professionals, corporations and government agencies to form a united front against cyber threats. The free-market economy has given rise to the cyber threat intelligence industry, which has proven to be an immensely powerful tool against hackers. Governments have already realised this, and are actively sharing threat intelligence not just domestically, but with global governments as well. It is time for private companies to step up. Malcolm Turnbull observed that
“Cybersecurity in a digital world is an asymmetrical battle.”
Even small players can do enormous damage, making communication and collaboration pivotal to building cyber resilience. We have to be able to share information globally. Unless we are all working together, there will always be vulnerabilities and backdoors that even the best-protected organisations can be subject to.
How organisations are creating a cyber-secure future
Organisations are increasingly adopting security-centric ways of working, like Zero Trust. As part of zero trust, organisations set up controls on machines of employees to scan everything coming in and going out of every communication channel to make sure they are communicating with a trusted source.
About 97% of IT leaders are expanding their cloud adoption plans in 2022, resulting in massive shifts in their application environment. On average, enterprise organisations have about 288 SaaS applications. This shift means your business-critical applications are no longer under your IT team's control but are controlled by a third party.
Organisations are turning to layered security tools and open communication between endpoint applications and the overall IT network to cut down the risk of data loss, data leakage, malware and phishing attacks. These tools also provide the visibility into data flow so IT specialists can understand what came in, who sent it, where it was stored, who was it shared with and how it was shared across tools and applications within their network. This level of visibility is great not just for security, but also for insurance, record keeping and compliance purposes.
The onus of security in the private sector falls on the CISO. The government is doing its part through ACSC, but there is a need to expand the role of the ACSC. We need to promote innovation and initiatives in the Australian cybersecurity community to build new collaboration tools for end-to-end security, threat intelligence and visibility.
The future of cybersecurity
The increasingly complex IT application and infrastructure network is creating an intriguing limitless, and reckless, metaverse - a metaverse of hybrid on-prem and cloud applications, internet-connected devices, hackers and a distributed workforce. Aside from Zuckerberg’s metaverse, of course.
As Dr. Catherine Ball noted:
“The metaverse will be one of the most intriguing and reckless places that we are about to put ourselves into. Metaverse weddings, spots, hacking bodies, the internet of things to the internet of bodies...what does that mean? What about the cybersecurity elements involved?”
She also points out that we have not achieved ‘herd immunity’ with cybersecurity at all. While companies can mandate cybersecurity training for their staff, will they offer it to their families?
We can foresee a need for a deeper cultural shift, with a baseline understanding of cyber hygiene becoming a way of life, within and outside companies.
At the heart of it, cybersecurity will always be a human-centric endeavour, with awareness training and positive cybersecurity culture being the biggest weapons in the war on ransomware. What’s important is how we use these new tools and technologies to enhance collaboration, intelligence sharing, and adoption of cyber responsible behaviour. The only way forward is together.