How are emerging cybersecurity threats beginning to evolve?
The nature of cyber risk is constantly evolving, with both the ferocity and frequency of cyber attacks on the rise. But when it comes to preparedness, perception is as important as reality – and new research from Cohesity shows that perception of cyber risk is also growing.
The data security company surveyed almost 3,500 IT and SecOps decision makers in Australia, France, Germany, Japan, New Zealand, the UK, and the United States. More than nine out of 10 respondents say that the level of cyber threat has increased, while 72% say they would be willing to pay a ransom and use insurance to help recover the money.
Indeed, over 85% of organisations surveyed say they have a cyber resilience strategy in place. Nearly three-quarters have cyber insurance but, reflecting the challenges that the industry faces, almost half (48%) of respondents think it’s harder to get insurance now than it was three years ago.
Stewart Parkin, CTO EMEA for Assured Data Protection, explains: “Businesses are more reliant on the cloud than ever, however that makes them more susceptible to breaches, ransomware and other threats – not to mention traditional outages. With nearly all businesses looking to achieve cyber resilience, many have been investing in cyber insurance.”
Do hybrid working models impact cyber risk?
As the COVID-19 pandemic wound down and lockdowns ended, the world of work saw a sudden shift. Many businesses – buoyed by their ability to survive homeworking and incentivised to give their staff greater flexibility – kept a degree of homeworking or abandoned their physical offices entirely. Research from the UK and US suggests roughly three-quarters of employers in both countries have opted for, or are planning to opt for, some form of hybrid working model on a permanent basis.
This is good for employees – although research from careers portal Zippia appears to show that employers prefer hybrid working models more than their staff (51% versus 44%). However, it has also created an additional layer of complexity when it comes to cyber risk, with workers now dividing their time between home and the office.
“The most obvious risk is unsecured networks,” says Jamie Akhtar, CEO and Co-Founder of cybersecurity company CyberSmart. “Many staff now access company data through home routers or, worse still, public networks such as coffee shops. There’s also a psychological component to this, with research revealing that many of us are more inclined to engage in risky online behaviour when outside the office.”
“Hybrid working has been widely adopted and is not going away any time soon,” adds Fabien Rech, who is SVP & GM EMEA at Trellix. “As a result, businesses have become more vigilant to the threats of this model and have invested in security systems that address any gaps in defences. In this way, hybrid working is less of a threat today than it was last year.
“The shift to a hybrid and distributed workforce has inadvertently increased the attack surface area, as many employees use their own devices to access work applications and data. As a result, we’ve seen a rise in tactics such as phishing, with cybercriminals luring employees over emails to share login credentials or confidential information. This can then result in the loss of sensitive data, fraud, or network breaches.
“Mobile phones are a particular cause for concern as they represent a data goldmine for cybercriminals. The Apple security flaw that allowed hackers to access devices and obtain work emails, confidential documents, and company data is a prime example of how this could be devastating to employees – but it also illustrates the potentially crippling impact on a business.”
Is the war in Ukraine a cyber factor?
Another emerging threat in the cyber risk landscape has been the war in Ukraine. According to a new report from insurance company Beazley, Russia’s invasion led to a ‘split in allegiances’ between cyber gangs which resulted in a temporary reduction in the number of ransomware attacks – but this didn’t lower the number of cyber attacks overall, and shouldn’t be mistaken for a longer-term trend.
The war is not just playing out on the battlefields of Kharkiv and Bakhmut; it is being fought by state-sanctioned hackers in ordinary neighbourhoods throughout the region, and in particular in Russia, which is keen to make a dent in the infrastructure of Ukraine’s allies. As the conflict drags on and both sides become increasingly desperate, the risk increases that this cyber warfare expands to smaller and less obvious targets.
“Although state-sanctioned attacks might appear to be a risk mainly for government bodies and large corporations, the far-reaching nature of supply chains mean that hackers are increasingly targeting smaller organisations further down the pecking order to try and gain access to larger targets or causes,” Akhtar says. “With attacks on healthcare providers and schools being reported, it’s clear that nothing is off the table when it comes to potential targets.”
Rech continues: “Critical infrastructure continues to be a key target for state-sanctioned cybercriminals, as the impact of a successful attack can be particularly widespread and disruptive. In fact, in Q1 this year, we saw energy, oil and gas have the most detected attacks, whereas in Q4 2022, transport and shipping was the sector most impacted by these types of attacks.
“These disruptions are not only an effort to destabilise individual states, but they also have an impact on the wider global economy. As such, the impact can extend beyond borders and reverberate across different industries. It’s now crucial for businesses across all industries to bolster their defences if they are to successfully defend against sophisticated attacks.”
The fallacy of being ‘too small to be a target’
Indeed, the very nature of cyber insurance cover, with its annual premiums and renewals, means that planning in the moment instead of planning for the future puts you at an inevitable disadvantage. Few organisations can afford to assume that they won’t become a target in 6-12 months’ time, and the nature of your business’ risk might have evolved by then anyway.
Mark Hunter, Chief Financial Officer at Red Helix, explains: “For enterprises considering taking out cyber insurance as an additional safeguard, or for those looking at renewing their policy over the next few years, this means not only being aware of the requirements for cyber insurance now but also thinking ahead and considering what they may need in the near future.”
“We have also seen some other threats rising to the fore,” Akhtar continues. “Supply chain attacks have become enough of a threat – particularly for managed service providers – that governments across the world have moved to issue warnings and develop processes to try and counter the risk.”
