FEATURE : THREAT ANALYSIS complexity , sophistication and frequency globally . In the UK , ransomware attacks surged 80 % in just three months following the start of the pandemic .
While it was only a matter of time until ‘ outsourcing ’ came to the cybercrime business , the success of Ransomware-as-a-Service ( RaaS ) providers against infrastructure targets is sure to spur imitators and competition . The newfound ability for individuals to seriously impact critical supplies for personal profit is certainly troubling and opens our ageing infrastructure to an even wider pool of threats .
State-sponsored offenses hide behind mercenary groups
However , the rise in skills of these cyber mercenary groups may highlight an even greater long-term risk to all infrastructure . Numerous reports – including BlackBerry ’ s BAHAMUT : Hack-for-Hire Masters of Phishing , Fake News , and Fake Apps – show that mercenary groups offering APT-style attacks are becoming more readily available .
The Tactics , Techniques and Procedures ( TTPs ) used in these attacks are beginning to resemble the highly sophisticated state-sponsored campaigns . This means the profile and geography of potential victims has diversified exponentially . And these victims will become increasingly ‘ random ’ or illogical when analysed for any commonality .
This lack of commonality will also make it harder to identify when nation states are actually behind attacks , as their fingerprints will be largely removed .
Interestingly too , the interconnectedness of the UK ’ s infrastructure is starting to provide an asymmetric advantage for some nations we traditionally classify as hostile . North Korea , for instance , hasn ’ t had the resources to upgrade their infrastructures like the much of the west . This means much of the nation ’ s infrastructure remains unconnected to the Internet – making it largely insusceptible to cyber threats . The one-way threat posed by some nations may present a unique challenge to the UK and other highly connected nations in the years to come .
A reactive response won ’ t be enough – We must prepare
Reactive approaches won ’ t cut it in a threat landscape perpetuated by some of the most intelligent tech minds globally . To have the best chance of protecting data , funds and – most critically – the daily lives of all those living in the UK , we must stop attacks like Colonial Pipeline or WannaCry from happening in the first place .
The UK government must acknowledge the severity of these threats , considering them as destructive and disruptive as warfare in its more typical forms . It must take on board the messages from the National Cyber Security Centre and independent cybersecurity experts , with a view to anticipating an increase in the volume and severity of threats in the coming years .
And , most importantly , it must set in place strong cyber-resiliency plans and advanced technologies to help fend off these threats with a prevention-first attitude . Such a security posture starts with neutralising malware before it can exploit systems . Once it ’ s unable to execute , the downstream consequences , and the resulting efforts to trace , contain and remediate the damage , are dramatically reduced .
In turn , this will make targets less valuable for would-be criminals . Only this way can the NHS , emergency services and other critical national infrastructures continue their hard work in the knowledge that data is confidential , safe and used only in the best interest of the UK and its people . p
www . intelligentcio . com INTELLIGENTCIO EUROPE 57