Global cyber threat
Ransomware is the biggest cybersecurity threat facing the world today, with the potential to significantly affect whole societies and economies – and the attacks are unrelenting, the head of the National Cyber Security Centre (NCSC) has warned in an article on ZDNET.com.
“Even with a war raging in Ukraine – the biggest global cyber threat we still face is ransomware.
That tells you something of the scale of the problem. Ransomware attacks strike hard and fast.
They are evolving rapidly, they are allpervasive, they’re increasingly offered by gangs as a service, lowering the bar for entry into cybercrime,” said Lindy Cameron, CEO of the NCSC In a speech at Tel Aviv Cyber Week.
She added that the NCSC has dealt with “nationally significant incidents” along with hundreds of general cyber incidents that “affect the UK more widely every year”.
While she didn’t detail any specific instances of responding to ransomware incidents, Cameron warned that “these complex attacks have the potential to affect our societies and economies significantly”, and implied that if it weren’t for the work of NCSC incident responders, alongside their counterparts in the industry and international counterparts, the attacks could have had a major impact.
Working alongside other law enforcement agencies, Cameron said the NCSC was working to understand the criminal system that helps drive ransomware attacks – and how the nature of ransomware gangs and the techniques they’re using to facilitate ransomware campaigns continue to evolve.
“We want to make ransomware an unprofitable and unattractive business,” said Cameron, who argued it’s not all doom and gloom when it comes to cybersecurity, going on to detail how the NCSC’s Active Cyber Defence Program has helped to disrupt cyberattacks targeting citizens.
This includes a takedown project that has removed millions of malicious URLs, and the suspicious email-reporting service, which has allowed the public to report over 10 million suspicious emails, leading to over 76,000 online scams being taken down.
“We want to help create a society that is resilient to cyberattacks, where cybersecurity is second nature to all of us,” said Cameron.
According to newly released figures from cybersecurity company WatchGuard, the volume of ransomware has risen significantly with the amount of detected activity in the first quarter of 2022 more than three times what was detected during the same period last year.
The report suggests that the emergence of aggressive ransomware and extortion operations including LAPSUS$ and BlackCat are behind what’s described as “an ever-increasing ransomware and cyberextortion threat landscape”.
Earlier this month I was invited to participate in a United Nations Office on Drugs and Crime (UNODC), Cybercrime and Anti-Money Laundering Section discussions on ransomware and cybercrime in Fiji.
While it was attended by senior officials from the Fiji Financial Intelligence Unit (FIU) and Ministry of Defence, notable absentees were from the Ministry of Communications, the designated lead agency for cybersecurity in Fiji.
It’s a shame because UN funding is being made available and training on ransomware safety. Do email me if you or your organisation is interested in training being organised by the UNODC on ransomware.
In the meantime tech analyst Gartner said business leaders should build these strategic planning assumptions into their security strategies for the next few years.
1. Consumer privacy rights will be extended
Privacy regulation continues to expand and the tech analyst predicts it will be extended to cover five billion people, and more than 70 per cent of global GDP. It said organisations should track subject rights request metrics, including cost per request and time to fulfil, to identify inefficiencies and justify accelerated automation.
2. By 2025, 80 per cent of enterprises will adopt a strategy to unify web, cloud services and privxate application access
Garter said with the rise of hybrid work, vendors are offering integrated services across web and cloud-application security.
The benefit here is tighter integration, fewer consoles to use, and fewer locations where data must be decrypted, inspected and re-encrypted.
This is supposed to also assist with tightening cybersecurity through smaller cyber attack surface areas.
The tech analyst predicts that by 2025, 60 per cent of organisations will attempt to adopt zero-trust security, a concept that assumes there is no traditional ‘perimeter’ to the corporate network, so all devices and users have to be regularly reauthenticated. But it said more than half will fail to realise the benefits.
Replacing implicit trust with identity and context-based, risk-appropriate trust - is extremely powerful, said Gartner, but requires a cultural shift and clear communication that ties it to business outcomes to achieve the benefits. And not all companies will be successful.
4. Cybersecurity will become key to choosing business partners
Gartner predicts that 60 per cent of organisations will use cybersecurity risk as a “primary determinant” in conducting third-party transactions and business engagements by 2025.
Only 25 per cent of organisations monitor third parties in real time for cybersecurity exposure, according to Gartner.
But as a result of pressure from customers and regulators, it believes organisations will start to insist on measuring cybersecurity risk, ranging from simple monitoring of a critical technology supplier to complex due diligence for mergers and acquisitions.
5. Ransomware payment legislation will rise
At the moment there is little legislation around when companies can - and can’t pay ransomware demands. That could be about to change; Gartner predicts one in three countries will introduce such laws soon.
The decision to pay the ransom or not is a business-level decision, not a security one.
Gartner recommends engaging a professional incident-response team as well as law enforcement and any regulatory body before negotiating.
6. Hackers will weaponise operational technology environments to cause human casualties
Attacks on OT - hardware and software that monitors or controls equipment, assets and processes and is often the brains behind industrial systems in factories or power grids - have become more common and more disruptive, Gartner said, warning that threat actors will have “weaponised” operational technology environments to cause human casualties by 2025.
“In operational environments, security and risk management leaders should be more concerned about real-world hazards to humans and the environment, rather than information theft”, according to the analyst firm.
7. Resilience will be about more than just cybersecurity
By 2025, 70 per cent of CEOs will drive a culture of organisational resilience to deal with threats from cybercrime, but also from severe weather events, civil unrest and political instabilities, Gartner said: “With continued disruption likely, Gartner recommends that risk leaders recognise organisational resilience as a strategic imperative.”
8. Cybersecurity will matter for the CEO’s bonus
It is estimated that within five years or by 2026, 50 per cent of C-level executives will have performance requirements related to risk built into their employment contracts, Gartner said.
As Boards now increasingly regard cybersecurity as a business risk rather than just a technical or IT problem, accountability for cyber risk will shift from the security leader or IT GM to all executives, it said.
As we become more reliant on digital systems and the Internet for our work, school and play (entertainment) the issues of data security and privacy increasingly become more important as we should realise that the bygone era of paperwork and analogue devices, including face to face meetings and a casual cup of coffee are becoming a rarity.
Is it a good thing? I don’t necessarily think so as man is a social creature and needs community support from friends and family.
As the popular phrase coined by English poet John Donne in the 1600s goes - ‘No man is an island…’ God bless and stay safe in both digital and physical worlds this weekend.
is a private cybersecurity consultant. The views expressed in this article are his and not necessarily shared by this newspaper. Mr Tuisawau can be contacted on ilaitia@cyberbati.com