Top 5 Cybersecurity Threats to Businesses in 2023
We have recently seen significant growth in cybersecurity threats and malicious cyber activities due to the increased use of remote working. This has expanded the remote attack surface and companies have been forced to invest enormous resources in cybersecurity to quickly identify and neutralise threats before they cause financial or reputational loss.
In this blog series, we’ll identify the most common cybersecurity threats, what tools exist for threat detection and the best practices for threat management.
1. Business Email Compromise (BEC)
BEC is an email attack designed to trick victims into transferring a considerable amount of funds or revealing sensitive information. The target usually receive convincing-looking emails that request abnormal payments or contain links/ attachments that harm their company’s system.
In 2021, BEC scammers made nearly £1.9 billion ($2.4 Billion) in the US alone, far more than via other types of cybercrime. The tactics and techniques are evolving – scammers will capitalise not just on the opportunities created by current social issues but also the latest news about a company.
During the COVID-19 pandemic, scammers targeted large organisations and local government. Victims were asked to transfer enormous sums of money to secure limited medical items such as ventilators and PPE. Also, there was a case where a company that announced it was exhibiting at an Expo on social media was targeted. Scammers claimed they had all the Expo visitors’ contact information and persuaded the company to pay for a list that promised to help generate sales leads but in fact was worthless.
2. Ransomware
Ransomware is malware that encrypts confidential data, applications or day-to-day operating systems; making them inaccessible to users until the target company pays a ransom. Phishing emails, Remote Desktop Protocol (RDP) exploitation and exploitation of software vulnerabilities remain a popular way to deliver ransomware.
The National Cyber Security Centre (NCSC) considers ransomware a national security risk given its potential impact on critical national infrastructure and essential services. In 2021, the NCSC coordinated the national response to 18 ransomware attacks, including the attacks on a supplier to the NHS 111 and South Staffordshire Water. However, the number of attacks is higher than we know since organisations seldom report incidents.
In January, a Russian-linked ransomware attack seriously disrupted the Royal Mail’s overseas delivery service. The postal giant worked hard to recover from the cyberattack for over a month and finally restored their service by the end of February. Their financial loss is yet to be known but is likely significant.
3. Phishing and Smishing
This is when attackers trick people into disclosing sensitive information such as credit card details, usernames & passwords or other private information. Phishing comes in email form and smishing as text messages. Both pretend to be legitimate organisations and contain a fraudulent link diverting victim to completing a seemingly genuine form with their personal information.
In the Cyber Security Breaches Survey 2022, 83% of the identified cyberattacks were phishing attempts. Some attackers pretended to be HM Revenue and Customs, saying the victim was eligible for a tax refund and asking them to provide personal financial information.
4. Poor Vulnerability Management
A weakness in an IT system that an attacker can exploit to deliver successful attacks is normally due to poor vulnerability management. They can often occur through software bugs, features or user errors which attackers use to achieve their end goal.
Log4Shell, a zero-day vulnerability, has globally affected countless computers since December 2021. It has been discovered in Log4j, a Java-based logging framework that allows software developers to log user activity and the behaviour of applications. Log4Shell enables attackers to execute the code remotely on a target computer, allowing them to do nefarious activities such as stealing sensitive data, taking control or installing malware.
A cybersecurity company has tracked 10 million attempts per hour to exploit Log4Shell in the U.S. Many technology suppliers were affected including Apple, Amazon, IBM, Cloudflare, Microsoft’s Minecraft, Palo Alto Networks and Twitter.
5. Proliferation of offensive cyber capabilities
This sophisticated approach combines cyber tools, vulnerabilities and skills to conduct offensive cyber operations.
The NCSC anticipates that the proliferation and commercial availability of offensive cyber capabilities will expand the cybersecurity threats to the UK. In the future, malicious and disruptive cyber tools will be available to a wider range of state and non-state actors and deployed with greater frequency and with less predictability.
Conclusion
Attackers are ingenious and aren’t bound by the governance, compliance and regulatory frameworks which most companies have to comply with. Companies are under pressure to react quickly to constantly changing cybersecurity threats. Formulating cybersecurity strategies and reviewing them regularly to protect your business is crucial. Attack vectors such as ransomware no longer make activities such as Disaster Recovery Planning an optional undertaking; Business Continuity Planning must be at the heart of your organisation’s approach to cyber risks.
How CACI can help
CACI has cybersecurity experts who can improve your business’s protection levels. Our capabilities include Zero Trust Network Architecture, Threat Analytics, Systems Hardening and Network Analytics. We can perform a risk assessment to see how ready your organisation is to counter threats such as those listed here and advise on how to address any shortcomings that are found.
Find out more about our cyber security capabilities.
Notes:
[1] Business-email-compromise-infographic.pdf (ncsc.gov.uk)
[2] NCSC Annual Review 2022
[3] Internet Crime Report 2021 (FBI)
[4] FBI Anticipates Rise in Business Email Compromise Schemes Related to the COVID-19 Pandemic — FBI
[5] Cyber Security Breaches Survey 2022 – GOV.UK (www.gov.uk)