Following our previous summary of cyber-attacks in 2017, we’d like to draw some conclusions and expand on trends for 2018. At CyberDome we believe that it is important to be specific and proactive about these conclusions, when watching your cyber radar and planning ahead for your organizations cyber needs.
As a result of the increased success rate for cyber-attack groups last year – utilizing internal weaknesses in an organization and their supply chain – we estimate that this method of attack will be expanded on as they continue to find these targets and methods worthwhile.
2016 and 2017 saw a sharp upward trend with attacks on financial systems such as SWIFT, ATM and core banking and accounting systems. This particular trend is expected to continue to increase in 2018 coupled with further attacks on banks core systems.
The amount of time it takes for worldwide usage of attack methods to be publicized is getting much shorter. Which means that attackers continue to have access into those organizations until the situation is remediated (which can sometimes take months). This practice is more widespread than before, for example the NSA attack methods in the hands of the North Koreans and Russians. At CyberDome we believe that forecast will continue, also in Nigeria.
Meanwhile in Europe, on the 25th May 2018, the General Data Protection Regulation (“GDPR”) will come into effect. This new law will require all companies to report a database that has been penetrated within 72 hours or face heavy fines. Although most organizations will find it challenging to abide by the new regulation, we still expect to see a rise in transparency and with the reporting of such instances in Europe. Just remember that any companies anywhere in the world are bound to this law if they do business with companies that are based in the EU.
5 things your organization should do in 2018 to ensure better cyber security:
- Give preference to a holistic security model that can effectively deal with the rapid evolution of attack techniques as seen over the past two years. With the evolvement of hybrid vectors organizations can no longer give priority only to external factors.
- Separate networks and disconnect core systems from the internet.
- Establish an emergency backup system that will enable your organization to function for one to three months if needs be, in the event of a cyber-attack.
- Examine your cyber security updates policy. It is advisable to ensure it is udated and current despite the momentary inconvenience. You can establish realistic intervals for updates that are also compatible with the rest of the organization’s needs.
- Raise awareness about new attack vectors among employees, with emphasis on new social engineering techniques and significant campaigns.