In this week's blog, Sparta Global have highlighted five current cyber security trends. Discover the most common ways cyber attacks occur, and how we can prevent them from happening...
Automotive hacking is gaining unauthorised access to a vehicle's computer systems. People have managed to gain access to vehicles they don't own, such as unlocking a car door and more advanced things such as connecting wirelessly through Wi-Fi or Bluetooth.
In today's world, most cars are more electronic than ever. According to research by the consulting company McKinsey, a typical automobile nowadays contains roughly 150 electronic control units and approximately 100 million lines of code.
By 2030, it is predicted that a commercial vehicle would have 300 million lines of software on board.
The high-level threats are that an attacker could:
How to prevent these types of attacks:
Mobile phone security has not kept up with the evolving threat landscape it faces. Despite this, many still believe mobile phones to be much safer than computers for browsing the web. People often use a single phone to access most of their sensitive accounts, such as for online banking, making mobile devices a prime target. With more people currently using their phones to browse the internet than computers, and the high value that a single compromised device yields, these insecure devices are becoming the prime target for cyber criminals.
AI has high potential in the cybersecurity industry - for both good and bad. AI based threat detection systems can be used to learn the normal operating activities of a computer system, and detect better than a human, when an anomalous behaviour has occurred. AI can also be used to predict which types of attack will become more prevalent and could even be used to predict new types of attack.
However, AI can also be implemented by cybercriminals. Whilst the AI can be used to make detection systems, AI is also being used to create smart malware, capable of avoiding detection. The emergence of deepfake technology, which uses an AI learning algorithm to create digital replicas of someone's likeness, is also posing a unique challenge to the cyber security world. By impersonating someone’s face and voice advanced spear phishing attacks can be performed, tricking the victim into handing over sensitive information to someone they believe to be seeing/speaking to.
The number one threat that can come from within an organisation is the employee themselves. This can happen in a variety of ways, such as human error like disclosing private information to a third party or general incompetence, so it's important to keep staff training current regarding security. An employee can purposefully introduce a flaw in the system that can cause devastating losses for a business as well as creating breaches in company-wide privacy.
An example from the United States, according to the Verizon 2022 DBIR (Data Breach Investigations Report) in Mining, Quarrying, and Oil & Gas Extraction + Utilities, there were.
Threat Actors (Hackers, Malicious actors)
Ways to protect your company from breaches:
Ransomware is a type of malware which prevents you from accessing your device and the data stored on it, usually by encrypting your files. A criminal group will then demand a ransom in exchange for decryption.
If you’ve been keeping up with the news, you will see ransomware is a big problem in today’s cybersecurity world.
The AIIMS (All India Institute of Medical Sciences) attack is one recent example. At least five servers have been infected as a result of the cyber-attack. The hospital services have now been operating in manual mode since the cyber-attack.
The primary goal of the hackers was to extort money. According to the PTI news agency, hackers allegedly demanded a ransom of Rs 20 million (roughly £199,202) in cryptocurrency.
The personal information of millions of patients, including government employees and politicians, has been compromised by this cyberattack.
A ransomware incident on Rackspace Technology Inc. resulted in an outage that stopped its users from accessing email for five days. The cyberattack last week "may result in a loss of revenue for the Hosted Exchange business, which generates roughly $30 million of yearly revenue," according to the cloud computing company based in Windcrest.
Ransomware attacks on local governments, businesses, schools, and healthcare providers are proliferating. Examples from the San Antonio area include the attack on the Judson Independent School District last year, which led to the payment of more than $500,000 to the hackers to prevent the release of private data on the dark web. For more than a month, the hack rendered the district's phones, computers, and emails inoperable.
3,729 complaints regarding ransomware were filed with the FBI's Internet Crime Complaint Centre last year, with losses totalling more than $49.2 million. The industries with the biggest casualties were healthcare, financial services, and information technology.
If you are interested in Ransomware attacks, NHS released a document stated ‘Lessons learned review of the WannaCry Ransomware Cyber Attack’ which you can freely access on their website: https://www.england.nhs.uk/wp-content/uploads/2018/02/lessons-learned-review-wannacry-ransomware-cyber-attack-cio-review.pdf