Cybercriminals 'will not stop attacking businesses'

Written by Hannah McGrath

Companies should prepare for the inevitability of a cyberattack as criminals develop increasingly efficient ways to infiltrate networks, according to experts.

Speaking on a panel discussion at London’s IP Expo 2018, Claire Albois-Galcoix, marketing director at Yubico, a password security provider, warned the audience that ransomware attacks such as the Wannacry outage in 2017 should now be considered part of the everyday threat landscape as criminals widen the scope and scale of their operations.

“These attacks are never going to away, it’s numbers game, a quantity game”, she said, explaining that large scale hacks which compromise internal data are easily replicated by criminals in different networks making use of the same lines of code.

“They don’t need to be more sophisticated, they don’t need to be clever, they just need to find the weakest link,” she added.

Potential methods for combatting the threat include more authenticity controls and password changing as part of a company’s “cyber hygiene” regime, the panel agreed.

Doug Howard, vice president of global services at RSA, suggested that treating all compromises as an inevitability was a “fallacy”, but said that the more companies prioritise fixing patches and updating systems, the safer they will be if an attack hits.

“The bad guys are going to go after the obvious thing first”, he said, adding: “Focus on the most basic thing in your network first."

Howard commented that the issues enterprises experience around security tend to be less a question of technology and more of people, with staff needing to be constantly taking steps to reduce the risk of a compromise- a process he called “incrementalism.”

Adam Brady, systems engineer at cloud computing security company Illumio, agreed, pointing out the importance of reducing applications and software only to those which are essential for the running of a business.

“Zero trust is good hygiene," he said, noting: “I only have the things I need for my application to work.”

Given the rising probability of hackers attempting to gain access to systems, David Atkinson, chief executive of cyber defence artificial intelligence company Senseon, said it was important for businesses to leverage information advantage and continuously improve knowledge in order to stay one step ahead of the hackers.

The panel suggested that the rise of automation may also have a role to play in bolstering network security.

“Anything manually done is high risk,” said Howard. “Automating it is not risk free, but…a machine is going to do what you ask it to do."

Their warnings came on the day that British and Dutch authorities claimed to have traced the source of cyberattacks on the UK foreign office computers at the Porton Down military research facility and the Organisation for the Prohibition of Chemical Weapons (OPCW) to Russia’s GRU intelligence services.

Announcing the findings, prime minister Theresa May and Dutch prime minister Mark Rutte said it was the first time authorities had “exposed” the hostile acts of the Russian military intelligence services in cyberspace.

Responding to the claims, the Russian embassy in London said the announcement was “irresponsible” and accused the UK of spreading “crude disinformation".

At a press conference in the Hague yesterday, Peter Wilson, British ambassador to the Netherlands, also detailed attempts by GRU agents to disrupt the investigation into the shooting down of Malaysia Airlines Flight 17 (MH17) in 2014.

Mr Wilson described the GRU as a “well-funded” unit of the Russian state and said it had been acting “aggressively” across the world “with apparent impunity”.