By George Ralph
I was pleased to read this week that the UK’s NCSC (National Cyber Security Centre) has partnered with both its US and Australian counterparts to track global ransomware trends. The partnership includes the ACSC (Australian Cyber Security Centre), the FBI (Federal Bureau of Information) and the CISA (Cyber and Infrastructure Security Agency). By anyone’s standards, that is a group of organisations who have an enormous amount of knowledge to help combat the fight against cybercrime, including ransomware attacks. While it is a positive step forward in how we continue as an industry to tackle cyber crime, it also shows all of us quite how serious a problem we are now facing globally to keep our organisations safe.
The uptick in cyber criminal ‘services for hire’, noted as a main trend in the report, is a particular concern. For our industry, the view has always been that attacks have largely been based on chance, where cyber criminals have been targeting a wide number of networks at any one time looking for weaknesses in the network that they may then be able to breach. Phishing attacks have also been a major player in terms of cyber breach. With the trend in criminal services for hire, we can expect to see more laser focussed attacks on specific firms. This is because the calibre of the criminal organisation and their tech will be more advanced. Cyber crime ‘as a service’ is organised crime, not individuals trying their luck.
With the influx of criminal gangs, we are also seeing more value being put behind victim information. In our market, data is our most valuable asset and that data, particularly investor data, is also extremely valuable to a gang.
The FCA wrote last year about due diligence on supply chains and third party vendor relationships. I think this is another area of serious focus for us all. The global report also commented on more targeting of cloud services and the software supply chain. The type of attack is designed to infiltrate huge swathes of network architecture. There is a high risk with this type of attack that firms might not directly be aware of the breach either, as it is not entering the network where an attack or breach would be expected, at the endpoint.
Mitigating the risk of attack, defending your network and reducing the risk of compromise can all be achieved with a holistic approach to your cloud, data and cyber solutions. A zero trust network architecture, which I am seeing becoming the industry gold standard, and multi factor authentication are must haves to satisfy your own concerns and those of your investors and the regulator. It is critical we all take action now to protect our own infrastructure and that of our clients and partners as well.
You can read the NCSC article here: https://www.ncsc.gov.uk/news/ncsc-joins-us-and-australian-partners-to-reveal-latest-ransomware-trends