10 Years On: As cyber threats evolve, so does cyber protection
TECHNOLOGY has come a long way since 2008 and has fundamentally changed the way we do business and the way we live our lives. Connectivity has increased exponentially, with advanced mobile and broadband technology enabling huge amounts of data to be transferred easily and quickly. Most businesses now run at least some of their IT solutions in the cloud, which is convenient but means that data is increasingly exposed. Technology has evolved and the threats have too.
Risks of a mobile society
In 2008 the biggest cyber threats were mostly opportunistic and generic and took a ‘scatter gun’ approach, with the perpetrators attempting to steal money, obtain credit card details or login information from their victims; traditional crimes with a digital spin. With traditional perimeter-based networks, where all data is kept in one place, security teams would attempt to block these attacks by building big walls with technologies like firewalls and spam filters.
Now attacks are more sophisticated and targeted, with the emergence of criminal activity such as spear phishing – targeted phishing, often involving the fraudulent sending of emails from a supposedly known or trusted sender – and whaling – targeting high-profile business executives to steal sensitive information from their companies. Hackers are doing their homework first.
Alongside attack sophistication improvements, the proliferation of cloud and on-demand online services means it is increasingly difficult to keep the traditional perimeter. These challenges are compounded by the proliferation of the smartphone; 139m. were sold globally in 2008, compared with 1.5bn in 2017. Smartphones mean that most people are almost always online and this totally changed users’ behaviours and lifestyles. Everybody has IT in their pocket so, far from a criminal needing to access a local area network in a small office, the perpetrator of a cybercrime might be sat next to the victim on a bus.
Data has always had value
Data breaches are increasingly common but have always been a security concern for organisations. In 2018 organisations like Dixons and British Airways have suffered data breaches as a result of hacking but in 2008 the most high-profile data breach occurred when top secret documents containing the security services’ latest intelligence on the al-Qa’eda terror network were left on a commuter train between London and Surrey.
Of course this could still happen today, but the most high-profile cyber breaches are the result of hacking, which has become an almost-daily reality for organisations, with prominent attacks reported against the NHS and others. Cyber attacks were previously a potentially costly annoyance but now represent a serious threat to the existence of large businesses because reputation and customer trust can be eroded with one significant data breach.
With greater accessibility to free hacking tools, increased technological knowledge and online forums, almost anybody can choose to become a cybercriminal, or can easily reach someone who is already engaging in criminal online activity.
How does protection keep up?
In the face of these changes, providers such as Sure have also had to change the way they work by outpacing the cybercriminal fraternity and deploying robust preventative measures to keep customers safe.
Sure’s Distributed Denial of Service (DDoS – where multiple attacks flood the bandwidth or resources of a targeted system) capability blocks multiple attacks against its customers and network every day and its data centre hosting services have multiple layers of physical security and resilience.
Sure operates a secure cloud computing environment with data encryption and a sophisticated email security service. The numbers are staggering. On Sure’s servers alone 35m. emails are sent and received each month, equating to 1.5m. every weekday, 3.5m. email attachments are scanned and checked per month and 10m. emails per month are rejected as spam, phishing, malware or malicious.
People the first line of defence
While there will always be those who seek to deploy technology in a criminal way, industry is well-equipped to counter such activity and protect the majority of individuals and businesses who are utilising it for good. It’s hugely important to train staff to recognise threats as people are often the first line of defence for organisations, especially now that everyone is online all the time.
If the last 10 years have taught us anything, it is that no individual or business should be complacent; protecting yourself requires awareness, education and the latest technological solutions.
If you’d like to learn more about how to protect your business from cyber threats get in touch with the Sure team at business@sure.com or on 01481 757757.
