There has been a significant shift in the methodology used by cyber criminals over the past couple of years, in particular. Whilst traditional ‘hacking’ and malware are still prevalent, there has been a boom in other types of attack, in particular Ransomware and Social Engineering. So, why has this happened?

Most profitable types of cyber attack

There is an old saying, “follow the money”, and nowhere is this more pertinent when considering cyber-crimes against UK business. Look at the number of cyber-attacks over the past 12 months from the Beaming Breaches Report in May 2017 - the usual cyber-attacks still feature highly:

  1. Phishing - 1.3m businesses affected
  2. Viruses - 1.28m businesses affected
  3. Hacking - 1m businesses affected

However, to understand why these emerging threats are becoming so popular, we need to look at the revenues generated:

  1. Ransomware - £7.4bn (388k businesses)
  2. Phishing - £5.9bn
  3. Social engineering - £5.4bn

Whilst there were more than three times as many instances of Phishing against UK businesses in 2016, when compared to Ransomware, it yielded just 80% of the revenue. So, Ransomware appears to be 20 times more profitable, per incident, than hacking attacks, and five times more lucrative than other forms of Malware.

More targeted attacks are, by their nature, a lot more labour intensive but, for the criminal gangs who are willing to put in the effort, the rewards can be huge.

Common cyber security myths

There are a number of myths surrounding cyber security, which are impacting on businesses’ decision-making:

  1. Skilled hackers targeting businesses

There is still a perception that there are darkened rooms full of highly skilled hackers targeting UK businesses. If you are a high value target, e.g. a high-profile business, or you are dealing with high value intellectual property etc., then this may be the case.

However, against the majority of businesses, the investment required to carry out such attacks just isn’t worth it- after all, skilled labour is expensive! A large proportion of the non-automated attacks are carried out by a relatively low skilled labour force, who simply find a ‘victim’, load a weaponised attachment into an email, and click ‘send’.

Methodology used by cyber criminals
As safeguards become harder to breach, cyber criminals need to get creative if they want to get in to our systems
  1. I don’t have anything that hackers want

Unless you are in the “high value target” category, mentioned above, you may not feel that your business has anything valuable to hackers, or to anyone else outside your organisation. However, the data your business holds is extremely valuable to you.

Without data, many businesses could not operate. So, if you lost access to all of your company data, how much would you be willing to pay to get it back? This is why Ransomware is becoming so popular.

  1. Cybercrime is an IT issue

The technical safeguards which have traditionally kept us safe are still vitally important. However, as these safeguards become harder to breach, cyber criminals need to get creative, if they want to get in to our systems.

The beauty of these targeted attacks is that, because they aren’t automated, they don’t always have the indicators which allow them to be detected by anti-virus/anti-malware software, so are more likely to find their way in to employees’ inboxes than traditional mass-mailings.

  1. It’s someone else’s job

If fraudulent emails get past your IT defences, your staff are the only thing standing between you and a potentially significant loss. Now imagine that the employee in question had no knowledge of cyber-attacks, and believed instead that the IT department were solely responsible for stopping cyber-attacks…

The truth is that nothing is 100% effective, so it is everyone’s responsibility to be vigilant. Education, and good business management is just as important to preventing cyber-attacks as the IT infrastructure itself.

Embedding a cyber security culture

Cyber security is not simply an IT issue, and there is no “magic box” to plug in. There are three elements to any system, and cyber security is no exception. Effective cyber security can only be achieved when all three work in harmony.

Technology – your IT ‘estate.’ By ensuring that you have all the necessary IT safeguards in place on ALL your IT assets, including mobile devices, printers, access control systems, CCTV (basically anything connected to your network), you reduce the risk of something getting through.

You also need to ensure that these safeguards are regularly updated – the threats are constantly evolving, your systems need to evolve too

Embedding a cyber security culture with best practices
Effective cyber security can only be achieved when technology, people and process work in harmony

People – your staff. A properly briefed, situationally-aware workforce are your last line of defence, should something get past your technical security measures. They need to understand the risks to the business, and their role in preventing cyber-attacks. Training should be done in three strands:

  • Training for directors – awareness of the risks, governance requirements etc
  • Training for all
  • Training for high risk groups – more focused training for people within your organisation who are more especially at risk, e.g. the Accounts department

However, training is not a one-shot deal. This needs to be an ongoing programme of work, with regular refresher and update sessions.

Process – how you let your staff use your IT. Just as you wouldn’t let every employee have access to your banking and accounting software, cyber risk can be significantly reduced by limiting the ability of staff to access unnecessary areas of your network. By only giving staff relevant permissions to do their jobs, you reduce their ability to inadvertently (or intentionally) do something wrong.

With the proliferation of mobile devices, we need to ensure that users are doing so responsibly. So, we need to ensure that the same security standards are maintained when working remotely, via laptops, tablets and smartphones.

The key to protecting your business against cyber-attack is to view the digital risks in the same context as the other risks to your business

It doesn’t stop at IT policies. Criminals “follow the money”, so it is important that there are financial policies in place to reduce the risk of accidentally sending money to the wrong place. ‘CEO Fraud’ happens when a criminal, pretending to be the CEO of a business, sends an email to the accounts department requesting a payment be made to a nominated bank account.

In some cases, accounts staff have transferred many thousands of pounds to fraudsters, when a simple process of confirming all financial transaction requests in person, or via telephone, would have identified the fraud straight away

Securing your business in the digital age

Could it be that the very word “Cyber” is turning us off? The mere mention of the word “cyber” security may cause the non-technically minded to glaze over, dismiss it as “an IT issue”, and leave it to the IT staff to deal with. At board level, this default cascading of cyber security to the IT department is one of the most significant barriers to achieving cyber resilience in business.

If the “C” word puts you off, think of it as ‘Digital’ Security, and consider: Do you understand your digital risks in the same way as you do your physical risks? Or your legal or compliance risks?

And therein lies the fundamental truth: The key to protecting your business against cyber-attack is to view the digital risks in the same context as the other risks to your business, and treat it the same way, instead of dismissing it as an IT issue.

If you understand where the digital risks are, how they can affect your business, and what you would need to do in the event of an incident - in exactly the same way as you would for everything else on your risk register - you have taken your first steps to securing your business in the digital age.

Download PDF version

Author Profile

In case you missed it

Has the gap closed between security fiction and security reality?
Has the gap closed between security fiction and security reality?

Among its many uses and benefits, technology is a handy tool in the fantasy world of movie and television thrillers. We all know the scene: a vital plot point depends on having just the right super-duper gadget to locate a suspect or to get past a locked door. In movies and TV, face recognition is more a super power than a technical function. Video footage can be magically enhanced to provide a perfect image of a license plate number. We have all shaken our heads in disbelief, and yet, our industry’s technical capabilities are improving every day. Are we approaching a day when the “enhanced” view of technology in movies and TV is closer to the truth? We asked this week’s Expert Panel Roundtable: How much has the gap closed between the reality of security system capabilities and what you see on TV (or at the movies)?

The five questions bank security and IT leaders need to answer about cybersecurity
The five questions bank security and IT leaders need to answer about cybersecurity

Organisations across the world face a new risk paradigm: one that encompasses cyber and physical threats. We’ve heard the stories associated with ATM skimming, identity theft, data breaches, scams, and phishing. Large financial services organisations are often the victim of hackers looking to steal corporate information and transactional data or funds, and criminals continue to become more sophisticated in their approach. Growth in cyber-attacks Additionally, cyber-threats have taken a front seat in the line-up of primary risks facing financial institutions today. And it is no surprise why: according to Cybersecurity Ventures, the amount of money taken in cyber heists, both in banking and elsewhere, was estimated at $3 trillion overall for 2015, and this substantial amount is expected to double by 2021. Cyber-attacks are becoming more prevalent, more complex and harder to address The fact that cyber-attacks are becoming more prevalent isn't the only issue; they're also becoming more complex and therefore harder to address. And although the convenient interconnectivity of the Internet of Things (IoT) creates many advantages for financial institutions, with that also comes an increased risk to dangerous threats. In today’s environment, banks, credit unions, and financial organisations of all types are primary targets for hackers. But it’s not just the monetary loss that these businesses need to be concerned about — there is also a threat to the brand, customer trust, and employee safety. All of these challenges and complexities open the door to new conversations and risks. Here are the top five critical questions today’s bank leaders need to be ready to answer. Should we collaborate to mitigate these threats effectively? Over the last decade, the emergence of the Internet of Things (IoT) and a demand for more mobile capabilities has changed the way people and businesses connect. But as the need for connectivity increases, so too does the need for increased security for physical assets, networks, and valuable corporate data. As a result, a dialogue between IT and physical security is necessary to help leaders gain a greater knowledge of how to best collaborate to ensure complete protection. Leaders must communicate closely to drive strategies that help identify vulnerabilities in a more proactive manner. The result of these conversations: a truly comprehensive approach to security intelligence. It’s not just the monetary loss that banks need to be concerned about – there is also a threat to customer trust and employee safety How can I pinpoint the important data for addressing cyber threats? To maintain a high level of security and ensure business continuity around the globe, companies seek solutions that help predict and identify threats in real time. But often, there are too many alerts generated by too many systems, and none of this raw data is actionable. Linking cyber and physical security together transforms alerts into actionable intelligence, which helps users connect the pieces of any situation and present a unified risk scenario to the appropriate analysts and operators. By capturing and analysing data in real time, enterprise organisations gain a visual representation of risks across the business while accessing information related to the most critical events happening at any given time. Not only does this unified process enable a higher and more proactive level of protection, but it also helps facilitate a plan of action based within a common, unified security operations centre. How can I inform of the importance of cybersecurity? Security leaders in banks need to feel prepared by staying updated, looking at common vulnerabilities, understanding the malware and challenges, and testing the environment. And collaboration is key to mitigation: Traditional security and fraud teams must work in conjunction with cyber teams to effectively handle all aspects of a cyber-attack. Additionally, CISOs need to “sell” cybersecurity to CEOs and the board by outlining the importance of protection through emphasising the impact of a potential cyber-attack on the business. Ensure you can verbally address the most critical risks to your senior leadership, including recent botnets, scams, and cyber gangs, to receive the support, and budget you need to address these threats head on. Is my system secure? It is critical that you are knowledgeable about the steps you can take to protect your security and network infrastructure from cyber-attacks. A firewall is useful to prevent hackers from accessing critical data on internal networks and computers Changing default passwords should be a first step, as some scams target devices with hard-coded factory defaults. Ensure software and firmware is up to date because updates often include fixes for potential vulnerabilities. These updates keep your devices and network more secure and increase overall system uptime. A firewall is useful to prevent hackers and unauthorised programs from accessing the critical business information and resources on internal networks and computers. Also, minimise potential risk by closing network ports and disabling services you don’t need. With all of these instances, it is best to work closely with your integrator partner and chosen vendor to ensure that your system is as secure as it can possibly be. What solutions are best to help mitigate risks? Technology is a great force multiplier. Security — both cyber and physical solutions — helps secure an entire branch footprint, alleviates risk, ensures operational compliance, and improves fraud investigations. Video surveillance systems, analytics, threat management platforms and more can provide organisations with intelligence and unprecedented protection from fraud, all while enhancing the customer experience. Overall, there are significant benefits to collaborating to gain comprehensive risk intelligence. By bringing various leaders, departments, technologies and strategies together, we can more effectively identify threats, develop trends and quickly access important data to ensure security and safety goals are realised.

BCDVideo signs OEM deal with Dell EMC: positive impact for surveillance storage
BCDVideo signs OEM deal with Dell EMC: positive impact for surveillance storage

In a significant move for the video security market, BCDVideo has announced that it is set to become Dell EMC’s OEM partner in the video surveillance space. For nearly a decade, the Chicago-based company has been known as a key OEM partner of Hewlett Packard Enterprise (HPE), providing storage and networking technology to security integrators on a global scale. This latest partnership will allow BCDVideo to take their offerings to the next level. BCDVideo Vice President Tom Larson spoke to SourceSecurity.com to discuss the reasoning behind the deal, and how the programme will benefit partners, integrators, and end-users alike. Expanding BCDVideo's product offering For BCDVideo, the HPE OEM programme has been widely acknowledged as a success, allowing the company to leverage a globally recognised brand and provide high-quality, reliable solutions across video networking and access control. Nevertheless, explains Larson, HPE server solutions are primarily suited to large-scale enterprise projects, and are therefore unable to accommodate for the growth in small- and medium-sized surveillance applications. The global collaboration with Dell EMC will allow BCDVideo to open up a broader product offering, building on success in the larger enterprise market to offer tailored solutions to SMEs. Our aim is to look at all best of breed technology to serve the video surveillance marketplace, and that means multiple partnerships” Support for integrators By leveraging Dell EMC’s sophisticated digital storage platforms, BCDVideo will now be able to offer a more cost-effective solution to integrators, without sacrificing the resilience and IT-level service that BCDVideo is known for. With access to Dell EMC’s expansive global sales and technical teams, the company hopes to expand its reach, all-the-while providing partners with around-the-clock technical support and a five-year on-site warranty. Customers should be reassured that BCDVideo will continue to offer HPE platforms, service, and support. “Our aim is to look at all best-of-breed technology to serve the video surveillance marketplace, and that means multiple partnerships,” says Larson.  “The addition of Dell EMC to our portfolio is a major win for BCDVideo, for Dell EMC, and for our integrators.” The global collaboration with Dell EMC will allow BCDVideo to open up a broader product offering Meeting surveillance market demands At the technology level, assures Larson, Dell EMC’s server offering is well suited to handle the increasing video resolution and growing camera count demanded by the surveillance industry. At the larger end of the spectrum, the company’s Isilon Scale-Out NAS solution can handle tens of petabytes of data, making it ideal for large-scale security applications such as city-wide surveillance and airport security. Dell EMC storage solutions are already proving successful at major international airports including Dubai and Abu Dhabi, each with a camera count in the 1000s.Dell EMC and BCDVideo together are ensuring our customers get the right solutions designed for the surveillance market” For Dell EMC, the new partnership means the ability to expand on this success in the enterprise market, leveraging BCDVideo’s surveillance expertise and high-level customer service to offer tailored solutions for lower-volume applications. Since its inception, BCDVideo has differentiated itself in the security space by providing a high level of IT service to integrators making the transition to IP systems. By combining resources, the partners will be able to service VMS and analytics companies, software vendors, and access control providers, as well as traditional business integrators. Ken Mills, General Manager Dell EMC Surveillance, explains: “Surveillance storage is not just about capacity, it is also about performance and reliability. Dell EMC and BCDVideo together are ensuring our customers get the right solutions designed for the surveillance market.” Accomodating for growth BCDVideo is well placed to accommodate this anticipated growth. Last year, the company opened a new 51,000-square-foot global headquarters in Illinois, home to 90 separate stations within their Innovation Center where each system is customised according to integrator needs. The new facility allows for expanding business with new and existing partners in the security market.