Top 4 Cyber Threats UK Businesses Need To Watch Out For
The cyber threat landscape continues to evolve and in order to maximise your cyber security budgets and position resources where they are most needed, you need to know what threats are most likely to make an impact in the near future. To help you, we’ve put together a list of what we believe are going to be the top 4 cyber threats in the UK.
After witnessing those record-shattering DDoS attacks in 2016 that were caused by IoT botnets, many people were predicting even bigger attacks in 2017. It didn’t happen. In fact, 2017 was relatively quiet in terms of IoT botnet-delivered DDoS attacks. However, that doesn’t mean IoT botnets have become extinct. They are possibly dormant or they could be gearing up for their next major attack.
Last October, Chinese security firm Qihoo 360 and Israeli firm Check Point revealed the presence of a more sophisticated form of IoT botnet that had already infected millions of network devices. Known as Reaper or IoT Troop, this IoT botnet uses code from Mirai, the notorious botnet that unleashed those massive DDoS attacks in 2016. No surprise there, since Mirai’s source code is now available as open-source in hacker forums. Reaper has not yet been used for any DDoS attack, so it’s possible we’ll be witnessing its coming-out party this year.
Botnets aren’t the only cyber threats that can involve IoT devices. Because IoT devices are fast becoming mainstream (if they haven’t yet), it’s not hard to imagine them being compromised and held hostage to cripple business operations. Yes, we’re thinking along the lines of ransomware-like attacks.Instead of holding computer systems hostage (the way the WannaCry ransomware did to NHS Trusts last year), cyber criminals could target IoT devices instead. In developed countries like the UK, where connecting electrocardiograms, thermometers, glucose monitors, wristbands, surgical theatre lighting systems, and even heart rate monitors to the Internet is gradually becoming a norm, this threat could very well be just around the corner.
Speaking of ransomware, we again expect another round of attacks from this type of cyber threat this year. Until businesses are able to develop effective defences against ransomware infections, it’s going to be hard to get rid of this nuisance as there’s just a lot of things going for it.
First of all, ransomware campaigns lean on a very sound business model. As long as the data or systems being held hostage are valuable enough and as long as the ransom amounts are reasonable enough, victims are forced to pay. This, of course, encourages cyber criminals to carry out more attacks. That’s why, even if you removed WannaCry and Petya (which dominated ransomware infections in 2017) from monthly figures, ransomware infection rates were still found to be on an upswing.
The emergence of wormlike, self-propagating capabilities, which allowed WannaCry and Petya to achieve massive outbreaks, is another major factor that could attract aspiring ransomware operators looking for a sizable payout from a single campaign. For businesses, it’s one malware capability that should never be taken lightly. Wormlike capabilities mean a single infection could rapidly spread to other systems in the organisation. Once your entire network is captured and your operations totally crippled, you may have no choice but to pay up.That’s also why business-critical infrastructures like data centers and cloud service providers could now be in the crosshairs of ransomware operators. CSPs and data centers could now be prime targets due to the data stored as well as the applications and servers running in these facilities
Cryptocurrency mining-inspired attacks
2017 was the year bitcoin value and popularity skyrocketed to unchartered heights. Formerly only confined to tech enthusiasts, cryptocurrencies gained a substantial following among non-tech investors last year. Unsurprisingly, cyber criminals have taken an interest in these high-potential investments as well. But because digital coin-generation requires system resources and electricity, cyber gangs have started developing illegitimate means of mining digital coins.
By using cryptocurrency-mining malware, cyber criminals are able to mine digital coins using botnets of infected systems. Other cyber crooks take advantage of services like Coinhive, Crypto-Loot, and JSECoin, which enable websites to mine digital coins using the browsers of their website visitors.
Although these services operate legally, some web admins don’t inform their site visitors how these in-browser miners actually work, i.e. use their (visitors’) computing resources to mine digital coins. As the values of cryptocurrencies continue to go up, we can expect a corresponding increase in digital coin-mining malpractices as well.
AI-assisted spear phishing
The latest Phishing Activity Trends Report from the Anti-Phishing Working Group indicates that this threat is very much alive. But while run-of-the-mill phishing attacks are easily thwarted by spam filters and basic corporate cyber security education initiatives, spear-phishing attacks are more difficult to defend against.
These highly targeted attacks appear and sound so legitimate, they’re hard enough to distinguish from official, non-malicious emails as they are. To make matters worse, this highly deceptive attack could get even better (from a malicious standpoint) soon.
Two years ago, a couple of data scientists conducted an experiment to compare the spear-phishing abilities of artificial intelligence and human competitors. The AI known as SNAP_R bested its human counterparts both in terms of the volume of phishing tweets it sent out and its conversion rate.
Remember, that was two years ago. Artificial intelligence is now being applied to cyber security solutions. Cyber criminals are normally one step ahead of the good guys, so they shouldn’t be too far behind.
To clarify, different businesses have varying levels of risks for the same set of threats. But we think the vast majority of businesses in the UK need to beef up their defences against the four cyber threats we discussed here. If you want to know how, feel free to contact us. We’ll be happy to answer your questions.