The many guises of cyber attacks

Posted: 27 July 2020
Cyber attacks pose a threat to businesses of all sizes and it seems it’s not a threat which will disappear anytime soon. 

According to recent data1, there’s been a 67% increase in the number of global security breaches over the last five years, costing businesses 72% more (around £13 million) on average.

The COVID-19 pandemic has radically changed the working model for many companies which quickly moved employees to home-working wherever possible. This led to renewed concerns around cyber and data security due an increased use of personal devices and apps for corporate purposes, which may fall short of required security standards.

Companies can help their employees to reduce the likelihood of cyber attacks occurring through a variety of methods. These include training and awareness programmes,  encouraging the use of strong passwords and use of password manager tools, and embedding robust security breach reporting processes into the organisation. It’s also recommended to make employees aware of the different types of cyber attacks which are common in nature, some of which are listed below.

This is a form of malware, often distributed through emails, which can take over a computer, locking it and, in some cases, encrypting the user’s files. The cyber criminals then demand a ransom to restore the computer.

Recently, ‘ransomware-as-a-service’ (RaaS) has gained prominence. This is a type of illegal ‘business model’  where a vendor offers hackers a platform tool for the purposes of using ransomware to hold computer files, information or systems hostage. The ransomware developers concentrate on developing the malware whilst enlisting cyber criminals for identifying and infecting targets. Both then profit from any payment made by the target. Focus is being turned towards commercial enterprises as a more lucrative target rather than individual consumers. Some reports2 predict that incidence of ransomware is likely to grow and that ransomware demands will be calibrated with company performance, data assets and other measurables.

Another variation on a ransom demand type attack is a distributed denial of service (DDoS) attack.

With these, the organisation’s systems or internet sites are bombarded with huge amounts of data in order to block their access, with the criminals often demanding a ransom to cease the attack. These are usually thought-out, planned and targeted attacks on businesses and use a vast amount of system resources, involving groups of hackers working together in order to bring about the attack.

In extreme cases, these attacks can be focused on causing mass disruption, so rather than demanding a ransom from one business, their intention is to cause chaos. If hackers target large data centres that hundreds of businesses rely on for cloud computing resources and data storage, then businesses are blocked from accessing their data, using software, and ultimately operating as a business. Hackers could have numerous reasons for carrying out such attacks, from political motivations to disgruntled former employees.

In both ransomware and DDoS cases, ransoms are usually in a virtual currency such as Bitcoin, where its anonymity makes it impossible to trace. Cyber criminals often set ransoms relatively low, working on the principle that more people will pay. However payments from the victim are rarely advisable since they could lead to rising ransom demands and may not even guarantee recovery of the data.

Cyber criminals can use several different methods to break into an organisation’s IT systems and access sensitive data. These include taking advantage of a weakness in an organisation’s cyber security or spear phishing, where the cyber criminal sends a targeted email seeking access to information. Organisations can also become victim to hacker theft, where a criminal makes unauthorised payments on the company’s behalf.
Cyber criminals can also exploit the weakest link in a supply chain, targeting that organisation with security flaws or malware which can then be passed along the supply chain. As well as looking for suppliers with weak cyber security, managed service providers can also be targeted due to the  potential for spreading the malware to a large number of customers.
Cyber attacks vary hugely by type, scale and severity and are continually evolving as criminals manage to exploit new technologies. The changing nature of ever-sophisticated attacks inevitably makes them harder to identify and mitigate. Some further types of emerging attacks include:

Cryptojacking, which is also known as cryptomining malware, is where a hacker hijacks a computer or mobile device and uses it to mine cryptocurrency on their behalf. As well as the security and ethical issues this raises, it can also push up operating costs and potentially slow down legitimate work.

Whilst data remains a lucrative commodity, the cyber risk landscape will continue to evolve. Understanding the risks and taking appropriate steps to mitigate them will help businesses beat the cyber criminals and continue to enjoy the benefits technology brings.

cyber security threat
This is the name given to an event where hackers disrupt a large number of organisations by targeting common internet infrastructure and/or service providers. As an example, a cyber attack on a major cloud computing company could affect all of its customers.

It’s estimated that by 2030, there may be as many as 50 billion IoT connected devices globally.3 As more smart devices become connected in the Internet of Things, it will increase exposure to cyber risk, especially where connected devices might have lower levels of security. For instance,

criminals may be able to gain access to an organisation’s IT systems through employees’ mobile devices or the company’s connected kettle. Computerised controls, including alarms, environmental controls and CCTV can provide a back door for cyber criminals because they often utilise cost effective but non-supported operating systems. Unsupported systems can be open to security threats and provide easy access to computer systems, bypassing firewalls and  enabling hackers to gain access to business’s private or confidential data.

Christian Simpson
Senior Cyber Underwriter

1 The cost of cybercrime. Ninth annual cost of cybercrime study. Accenture. 2019. p 10-11

2 Understanding Ransomware Trends. Cybercube 

3 Statista. https://www.statista.com/statistics/802690/worldwide-connected-devices-by-access-technology/