The biggest cyberattack threat is people, not computers

By Phil Chapman, Head of Cybersecurity Curriculum, Firebrand Training
Share
Phil Chapman, Head of Cybersecurity Curriculum at Firebrand Training speaks about the threat of cyberattacks

While the Secretary of State for Defence, Ben Wallace, has gone on record stating that the UK is prepared to launch offensive cyberattacks against hostile states, the UK is facing a cyber war on the home front. Away from the global aspects of state-sponsored threats and terrorism, the war rages on in our homes and businesses. Just like in medical terms, viruses and malicious software work against the vulnerabilities of our systems meaning that we can never be 100 percent secure. Every day is a battle against a different type of virus, and every day we shore up our defences, remove them or invisibly live with them. 

This year, and somewhat under the radar, we are witnessing a month-on-month growth in cyberattacks using bots and botnets. These are implanted into vulnerable systems to be controlled remotely to steal data and credentials, spy on us by opening up a backdoor or stop our systems from working. Others can hijack internal systems to perpetrate a criminal act on behalf of someone else. The rise of the botnets is currently being calculated to have risen to over 80% in Q3 of 2021 according to Internet-based monitoring agencies.

 

IoT at home: Leaving the backdoor wide open 

There are several key factors which are driving this increase. Firstly, malicious software thrives in a target rich environment, especially those that are in close contact or share connections.  The growth of smart devices and the Internet of Things in our homes, offices and on our wrists increases that footprint. 

The plug and play attitude of most users who simply follow the easy to follow instructions and leave devices on their default settings, unfortunately means the hackers know exactly how security settings work. These become easy pickings for any locksmith.

 

Frail networking protocols fuelling cyber hitmen 

Secondly, we rely every day on infrastructure which is built on foundation applications and protocols created 30 years ago and which have hardly changed over the years.  As technology has advanced, these protocols continue to support and work hard but are vulnerable and fragile.  The recent outage of Facebook, although not malicious, is a clear example of how frail these networking protocols are, and a simple misconfiguration can bring it all to a halt. 

Hackers do not have to be gifted coders to attack these systems, they just need to know that they exist to be exploited and have a motive to do so. A simple search on a Dark Web marketplace site will allow you to purchase a whole host of malicious code, tutorials or hire an ‘As a Service’ to do the attack for you, all at very little cost and with no expertise required. Distributed Denial of Service as a Service (DDoSaaS) is like hiring a cyber hitman to kill a company.

 

The weakest link: The user 

Finally, the target audience has moved to a vulnerable area and no longer acts like they would do in the safety of the office.  Working from home, working from abroad and remote working are not new concepts but have come to the fore in recent times. Telecommuters connect to systems across an open internet, video calls, emails and other data sharing applications leading to increased vulnerability. 

Ultimately, the weakest link in the chain is the user who doesn’t understand the risk. We use multiple security policies to protect our assets, but these apply to normal working conditions when our staff and management teams are safely tucked up in the office. But now there is a new battle ground and policy should be the first thing to consider before tackling the technology to defend it.

 

Boosting cyber immunity

Just like a medical virus, the cyber versions can mutate to counter any barriers they meet.  New versions appear almost daily and are always one step ahead of our anti-virus systems. Vaccination is a great form of defence, but we know that it's not 100% effective.  So, we need to layer in other forms of technical, physical and procedural protection to keep us safe. Rather than stop criminals in their tracks, this defence in depth technique only delays the advance of the attackers.

The weakest part of our defences are the biggest assets - people.  People need to be protected and people need to be aware of the threats against them.  So, a User Training & Awareness Policy should be top of the list.

 

Share

Featured Articles

Resilience: Firms Fail to Grasp Cyber Financial Impact

Resilience and YouGov survey reveals 74% of mid to large UK businesses face cybercrime, while ransomware understanding lags behind data breach concerns

SonicWall and CrowdStrike Unite for SMB Security Service

SonicWall partners with endpoint protection specialist CrowdStrike to offer managed detection and response capabilities through managed service providers

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

FS-ISAC CISO JD Denning explains the cyber strategies financial providers need to adopt in order to stay afloat in the wave of cyber attacks

Darktrace Reports 692% Surge in Black Friday Cyber Scams

Cyber Security

KnowBe4 Launches AI Agents to Counter Phishing Threats

Technology & AI

Gen Reports 614% Rise in Command Prompt Manipulation Scams

Cyber Security