24 July 2019

Cybersecurity in 2019 so far

What has cybersecurity in 2019 been like so far? The year may be just over half way through, but what a six month’s full of data breaches, state-backed hacking campaigns with cyber warfare to show for it. With cyber incidents in abundance and new cyber technology evolving, let’s take a look at some of the incidents that we’ve witnessed so far.

Data breaches are up

The proportion of UK firms reporting a breach has jumped, despite most businesses admitting they are under-prepared for cyber-attacks, according to research from Hiscox. The insurer found 55% of organisations had faced an attack in 2019, up from 40% last year.

Putting aside Facebook’s settlement to pay $5 billion to the FTC for user privacy issues, one of the most notable examples of a severe data breach this year is from British Airways (BA). The £183m fine, announced publicly in July 2019, is for the incident in 2018 when BA announced that approximately 380,000 transactions were affected by a data breach. The stolen data was thought not to include travel or passport details, but contained confidential and personally identifiable information.

Another fine of £98 million faces the US hotel group, Marriott International. The penalty relates to a data breach that resulted in approximately 339 million guests having their personal details exposed. Interestingly, this incident is thought to date back to 2014, but was only discovered four years later.

Both BA’s and Marriott’s fines have been dwarfed by the recent news that Equifax is set to pay around £520 million for their wrongdoings in protecting the data of over 147 million customers back in 2017.

These examples all contribute towards the idea that data protection agencies, such as the Information Commissioner’s Office, are starting to make examples out of organisation with poor information security practices.

Ready to strike with cyber

Whilst we’ve always anticipated cybercrime becoming a strategy used by nation states, 2019 has certainly evidenced this to be true so far.

Since President Donald Trump withdrew from the Iranian nuclear agreement, experts have warned of cyberspace tension between the two countries. Iranian hackers have already started to ramp up their activities across the world. Two fuel tankers were attacked in the Gulf of Oman in June and now the US Cyber Command has been approved to launch a cyber-attack against Iran’s rocket and missile launch-control systems.

Looking to Europe, Finland has recently taken over from the EU’s rotating presidency, and believes that Russia was responsible for blocking GPS signals in October 2018, when Finnish forces were taking part in NATO military exercises in Norway; providing yet another example of cyber activity for political gain.

There’s no doubt that using skilful cybercriminals will cause damage to worldwide political relationships. Critics propose that rather than being a singular tool for political attacks, cybercrime will simply escalate to real-world combat.

Mining for money

Whilst the average person may have heard about virtual currencies (or may even dabble in Bitcoin), cybercriminals are taking advantage of cryptocurrency to target victims with ransomware. Using this method of payment works well for the criminal, as transactions are not easy to tie to a real-world identity.

According to research1, cryptomining (a process in which cryptocurrency transactions are verified and added to the blockchain digital ledger) increased by 956% in a year and the number of organisations affected doubled in the first half of 2018, with the cybercriminals making an estimated USD 2.5 billion in those six months.

Cybersecurity in 2019 cryptocurrency

Research from an incident response company2 paints a concerning picture of the latest threats, showing that in Q2 2019, the average ransom payment increased by 184%.

Ransomware attacks in general are up 350% annually, showing that this is a favoured technique being adopted by cybercriminals.

One of the largest ransomware attacks so far this year was the Norsk Hydro incident in March. The cyber-attack paralysed Norsk Hydro’s computer networks and is costing the aluminium maker up to 450 million Norwegian crowns ($52 million) in its first quarter.

The Oslo-based firm, one of the world’s largest producers of the light-weight metal, was forced to halt production on March 19th, switching to other units and manual operation after hackers blocked its systems.

Norsk Hydro postponed its first-quarter earnings report by five weeks amid efforts to restore systems for reporting, billing and invoicing. It also maintained it will not pay any ransom to regain access to its computers and servers, and instead preferred to repair data from backup systems.

Going mobile

The rise in mobile devices as everyday part of life means handheld electronics are already becoming an area for attack for personal information. When using mobile devices in the workplace, this issue becomes even more important to ensure employees are trained to be extra vigilant. With more than 18 million mobile malware instances detected by Symantec in 2018 alone, 2019 is expected to see an even bigger increase.

More importantly, it’s the sheer variants of malware which are causing concerns. Whilst security teams and consultancies can identify mobile malware and make changes to secure systems and networks, cybercriminals will often work quickly to create new versions. According to Symantec’s annual Internet Security Threat Report, “threats in the mobile space continue to grow year-over-year, including the number of new mobile malware variants which increased by 54%”.

The financial sector is one area under major threat this year – with mobile malware, banking malware, and ransomware being the primary threats to expect in 20193. In the last year alone, 90% of all financial institutions are thought to have experienced a ransomware attack. In 2019, it has been reported4 that:

  • More than 204,448 users experienced an attempt to log their banking information
  • More than 280,000,000 URLs were identified as malicious
  • Cybersecurity statistics show attacks were launched from within more than 190 countries
  • Attacks on individuals doubled in 2018.
  • Attacks on Businesses increased to one every 40 seconds.

How to protect your organisation

There is no fool proof plan to outwit the increasingly creative cybercriminals. Cybersecurity in 2019 and beyond is about being aware of your vulnerabilities, putting things in place to protect your organisation and being prepared for the worst. When considering the latest malware threats, here are a few ways to minimise risk:

1. Keep your operating system updated

The WannaCry malware spread through an exploit that Microsoft patched back in March 2017. So, this infection may have been avoided by simply updating Windows as recommended by Microsoft.

It may seem like a pain to install OS updates but both Microsoft and Apple have made it so easy that there is no longer any excuse to avoid updates.

2. Use a trusted antivirus service

Antivirus software is often mentioned as a cure-all for every type of technology threat. This confidence is misplaced and overstated. The criminals often check their malware against popular antivirus software and tweak until they have a version that won’t be detected.

Still, as one layer in your overall defence, antivirus software is easy to implement and can protect you from known threats.

3. Keep your important files safe with a copy in the cloud

Despite minor shortcomings in cloud storage, they can be effective at protecting businesses from ransomware attacks. The scalability of the cloud allows users to keep up with constant development of malware technology. You can use the support of a cyber consultancy to help measure the risk of using cloud storage as well as ensuring you are protecting your files and information against things like DDoS attacks.

To learn more about how IRM supports organisations in defending themselves from ever-evolving cybersecurity threats, explore our website and contact us to speak to one of the team.

 

References:

  1. We Live Security: https://www.welivesecurity.com/wp-content/uploads/2018/12/ESET_Trends_Report_2019.pdf
  2. Coveware: https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
  3. Fortinet: https://www.fortinet.com/content/dam/fortinet/assets/threat-reports/threat-report-q1-2019.pdf
  4. Kaspersky Labs