Story image

Cyber warfare set to surge in 2018 but expert says Britain is not prepared

31 Jan 18

A report from Gemalto found that 2017 was a prominent year for cybercrime.

900 data breaches occurred during the first six months, compromising 1.9 billion records and representing more stolen data than the entirety of 2016.

Venafi senior threat intelligence analyst Jing Xie says this explosive development in data exfiltration will continue in 2018, with an even more ominous trend revealing the number of sophisticated state sponsored cyberattacks increasing markedly last year.

“In 2017, attackers working for nation-states focused on efficiency and return on investment, and they were very successful,” says Xie.

“As a result, we should expect to see escalations and variations of similar attack vectors this year.”

This menacing movement has prompted Britain’s defence chief of general staff, Sir Nick Carter to warn that the UK is trailing Russia in terms of defence spending and capability.

In addition to Russia, North Korea, Iran and China have been held responsible for state cyberattacks on the US and Europe.

Sir Carter admits that state-based competition is being employed in more novel and increasingly integrated ways, with the end result being the threats the UK faces are not thousands of miles away but right on Europe’s doorstep. In light of this, Sir Carter is pressing the government for a significant increase in spending on the army, navy, and air force.

Huntsman Security head of product management Piers Wilson says it is absolutely right to call for increased resources for British cyber-security defences.

“However, the problem is more than just a need for more money and personnel to address the issue. Every day the UK is assailed by thousands of cyber-threats, from cyber-espionage aimed at the Government itself to attacks on critical infrastructure, industries, intellectual property and personal information,” says Wilson.

“Put simply, our defences could spend every penny available on people and tools and it still wouldn’t be enough to keep us secure. After all, we are still in the midst of a crippling security skills shortage that is expected to result in over 1.5m open jobs by 2020.”

Wilson says this means the government must make sure that spending is being directed intelligently on the right technologies and techniques to solve the problem.

“In particular, automated systems which are able to assess and rank various threats, allowing analysts to focus on the most pressing ones, are going to be essential. Intelligent automation, leveraging AI and analytics, can help defence analysts avoid running down endless rabbit holes and be smarter about defending all areas of the nation from attack,” says Wilson.

“Cyber-defence isn’t just a matter of deploying people where they are needed, but giving them the right tools and technology to do the job - and this carries over into the commercial world too.”

Xie shares these sentiments and asserts the ‘cyber warfare’ will only escalate.

“With every major nation-state expanding both offensive and defensive cyber war spending, public and private critical infrastructure and communication providers should expect to be caught in the crosshairs of cyber warfare,” says Xie.

“As a result of the cumulative impact of powerful spending and attack trends, we should expect to see at least one act of nation-state sponsored cyber warfare that directly impacts citizens this year.”

How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.
ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
Exclusive: Fileless malware driving uptake of behavioural analytics
Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
It's time to rethink your back-up and recovery strategy
"It is becoming apparent that legacy approaches to backup and recovery may no longer be sufficient for most organisations."