Cybercriminals are increasingly coordinating attacks in conjunction with major news events; with the recent travel chaos, Covid-19, and the cost of living crisis, they are all being used to gain access to data and infrastructure. AJ Thompson, CCO of IT professional services firm Northdoor, explains how organizations can implement zero-trust strategies to better prepare for these pressures.
Cybercriminals are always looking for new ways to gain access to a company’s sensitive data and infrastructure. For several years, they had focused on users as the weakest link in a company’s security structure. This has increased as more employees work from home or in a hybrid role. The fact that there has been such a large increase in the level of sophistication of cyberattacks means that cybercriminals tend to be at least one step ahead of organizations’ passive cyberdefenses.
Impact of hybrid work
With cyber attacks increasing in number and sophistication, businesses need to better manage employees and devices. In addition to employees now regularly working outside the corporate security network, they are also suffering from security fatigue.
For example, many companies have a policy that employees are warned whenever an email arrives from outside the company. This tends to lead users to ignore such warnings and open emails without the necessary consideration of the possible risk. This risk is exacerbated by the fact that many now work in remote or hybrid roles, outside of the corporate network.
Cybercriminals have seen an opportunity with this new trend and are now looking for ways to further exploit it.
Major event attacks
So, with organizations and employees at greater risk than ever, there needs to be real awareness of what the latest threats look like.
An increasingly used tactic is attacks coinciding with important events. Over the past five years, cybercriminals have taken advantage of the uncertainty, fear, and need to resolve issues associated with major events.
For example, we recently saw TUI customers attacked by cybercriminals, taking advantage of the chaos caused by flight cancellations in the UK and Europe. Amid the confusion and the passengers’ determination to get some kind of compensation, the criminals quickly sent out links and messages encouraging users to click on the links to start the compensation process.
These links were actually malicious and had the potential to add malware to devices and give criminals the ability to steal personal and corporate information.
One of the cruelest examples of cybercriminals taking advantage of major events is their increased efforts during the worst days of the pandemic. They targeted organizations on the front lines to try and find a cure for COVID, with some statistics showing that the education/research sector saw an increase in attacks by 75% and the health sector by 71%.
Many of these attempted and all too often successful attacks were directed at individuals in organizations. Not only the number of attacks increased, but also the level of sophistication. In fact, a Deloitte report found that before the pandemic, about 20% of cyberattacks used malware or never-before-seen methods. However, during the pandemic, this rose sharply to 35%.
Therefore, users not only had to deal with a sudden increase in the number of attacks, but they came in new forms, perhaps not as easy to identify as before.
This trend of taking advantage of big events is likely to worsen in the coming months. The cost of living crisis is driving people to try to find solutions to their financial situation, which cybercriminals are keen to take advantage of.
Zero trust approach that protects the hybrid environment
With the likely threat of criminals taking advantage of events increasing, it will be critical for companies to better manage their hybrid and remote teams outside of the enterprise security environment.
Companies are doing this in a variety of ways, including implementing a zero-trust approach. Gone are the days when companies could sit behind a firewall with all their employees and assets safely hidden from potential criminals. The new reality of remote and hybrid workforces means that for many, most now feel outside of that bubble.
Organizations are faced with the prospect of employees working outside the office, on their own devices, affected by security fatigue and facing increasingly sophisticated and numerous cyber attacks. As such, implementing a zero-trust approach, where nothing inside or outside the corporate network is taken at face value, has to be a sensible approach. Zero trust wraps every user and every element of your infrastructure with layered, proactive AI technology.
By bringing all the information and controls of an organization’s hybrid infrastructure together in one place, IT and security teams can gain a clear, critical, real-time view of risk across their network. This enables them to respond quickly by making informed decisions about how to deal with emerging threats.