Hackers For Hire !
As the dark days and nights of winter are upon us, now more than ever a chilling fact which is more noticeable to us is the rise of smarter and faster cyber-attacks and cybercrime continues to affect daily life. Cybercrime continues to thrive and in our strong opinion, a security professional we should listen to more is Sir Jeremy Fleming. who oversees the UK spy agency GCHQ.
Speaking at a recent UK Cyber event, Sir Jeremy said: “We are seeing a change in those who can carry out cyber-attacks. We are now hearing the slogan – Hackers for hire.”
In the past few months, there has been a growing grey market which allows countries and criminals with no cyber skills or capabilities buy and use off the shelf sophisticated cyber tools, increasing the risk and unpredictability of hacking attacks on governments, businesses and individuals.
In our experience, ransomware attacks remain the biggest threat to global national security and businesses, with most of the criminal groups responsible based in and around Russia. There is an urgent need to reduce systemic cyber risks. However, most of the cybercrime that EU States have suffered has been the result of low-level, low life criminal activity, rather than actions taken by nation states such as the warring Russia.
The tragic impact of Russia’s invasion of Ukraine only added to the risks, Jeremy added, creating “shockwaves, some of which will be felt for decades”.
It is remains, unclear which of the criminal groups are “directed by the Kremlin, those operating from within Russia’s borders benefit from the tacit consent of the Russian state”, according to the NCSC
We have seen new and more powerful ransomware attacks immediately paralyse a target’s computer networks and data until a speedy payment is made.
“This new tactic from the criminal underworld and dark web leads us to expect that commercial availability of cyber capabilities will increase the future threat to the cyber security,” Sir Jeremy said in a speech at the UK’s National Cyber Security Centre, a branch of GCHQ.
Of particular concern are supply chain attacks, where a foreign state or cyber criminal takes advantage of lax security somewhere in a supply chain to penetrate an organisation. This remains a worrying fact for many Irish companies and businesses operating in Ireland today. Having witnessed the attack on our national health service, many commentators feel there are serious gaps in the nation’s defences, even for a neutral State such as Ireland.
We continually tell clients that: “It’s vital that organisations treat cyber security as a genuine board level risk. This is a critical risk issue which many CEOs need to take seriously.”
While we still believe people are becoming more cyber aware and contributing to overall resilience, phishing emails, which mimic online services that people use and trust such as utility companies or banks, remain a highly common method of attack, especially when linked to themes around Covid-19, the Russian invasion of Ukraine or changing to a new bank.
Its eyes wide open for the new couple of months, at least.