The last few weeks have seen attacks against large organisations across all sectors with a variety of tactics – all organisations have to be aware of the increasing threats. AJ Thompson, CCO of IT consultancy Northdoor explains that cyber-attacks, including NATO, Sony and the Royal Family, all highlight varying tactics and increase in activity from cyber-criminals.
The last few days have seen a glut of high-profile cyber-attacks appear in the news agenda. It seems, on the face of it, that cyber-criminals can get through many organisations’ cyber-defences with apparent ease, taking what data they want and leaving a trail of chaos behind them.
The two ransomware attacks on MGM Resorts and Sony, come off the back of a succession of such attacks targeting high-profile companies and demanding ransoms for the return of stolen data. NATO and the Royal Family have faced politically motivated hacks, in these cases from Russian affiliated bad actors looking to cause disruption. Finally, Lyca Mobile seems to have experienced a large breach which caused its networks to fail and potentially customer data to be accessed.
The issue for most organisations is that the sheer volume of attacks and the varying nature of the tactics and motivation behind the attacks, makes it seem like an almost impossible task to defend against. However, whether it is ransomware, DDoS or a politically motivate disruption attack, the bottom line is that systems are being breached too easily.
The DDoS attack on the Royal Family website is a good example. The number of DDoS attacks are reducing because most websites should have the tools ingrained in them to deal with such an approach. It is therefore somewhat disappointing that such a major site, linked with the British Royal Family, has been so easily hit by a relatively outdated approach. It might well be indicative of a wider problem within organisations across the country.
IT teams, faced with a breadth of attacks can no longer see the wood for the trees, with some seemingly unable to act. This is not helped by a skills shortage in the sector and internal teams struggling to fill roles and ensure that they are adequately covered.
This issue is only going to get worse over the coming months with cyber-criminals likely to be upping their efforts, as more people start to shop online with the Christmas period approaching or with the ongoing war and political difficulties in Russia.
Keeping an eye on potential vulnerabilities, ensuring that all patches are implemented regularly as well as looking at what the latest threats look like, is a daunting task at best, with many smaller organisations unable to implement much if any of these crucial actions.
Some are turning to consultancies which can act as the eyes and ears for companies, enhancing their in-house teams as well as providing levels of expertise that would otherwise be unavailable to them. By offering cyber security as a Managed Service, consultancies can help combat the varying and increasing threat from cyber-criminals, as well as preparing the systems of organisations for new and emerging threats.
Northdoor is an IT consultancy based in London. The firm was recently ranked among Consultancy.uk’s Top Consulting Firms in the UK, where it received a Gold rating for Data Science.