What can businesses learn from recent WannCry and ransomware cyber attacks?

The massive cyber breaches that occurred over the course of the weekend has swept across organisations all around Europe. From Scottish Power and the NHS in the UK to Renault in France and Iberdrola in Spain, the attack targeted numerous industries that have all proven vulnerable.

With this in mind, we asked Vitali Kremez, Director of Research at Flashpoint, to offer some timely advice to businesses on how they can approach gearing up their cyber defences…

Another day, another well-known brand hacked. Earlier this month, a major UK retailer’s website was breached and its customers’ data exposed when a third-party e-commerce vendor used by the retailer suffered a security compromise. It is thought around 26,000 of the retailer’s customers will likely be impacted as a result of the breach. This high-profile attack is yet another example of a well-known brand affected by cybercrime. 

Cybercriminals have been known to target businesses across all sectors. Other recent high-profile cyber attacks have successfully breached well-known brands including telecoms providers, retailers and banks. Evidently, all industries are potentially vulnerable. As businesses become ever more negatively affected by cyber attacks, lessons need to be learnt and effective cyber defences implemented in order to protect businesses and their customers.

The problem is, this is easy to say, but much harder to do. Businesses of all sizes will find it a struggle to minimise and ultimately block the myriad of cyber threats they face. Some breaches occur due to bad practice and poor security; however in other cases, organisations with even the most robust security defences may face so many threats that some slip through the cracks.

When a business is successfully breached and customer data is exposed, the consequences can be severe. Recently, a national telecommunications company was fined £400,000 by the UK regulator following a large-scale breach that compromised a vast amount of customers' data. The attacker was able to access the personal data of 156,959 customers including their names, addresses, dates of birth, phone numbers and email addresses. Evidently, these breaches can be serious with businesses and their customers susceptible to substantial financial and reputational damage.

The Role of the Deep & Dark Web

We know cybercriminals make use of the Deep & Dark Web in order to conduct their illegal activities. Earlier this year, it was reported that gamers were put at risk of having their private information sold on the dark web following a data breach involving 2.5 million accounts. Effective cyber defences need to include monitoring and understanding of the dark web. Without it, a business is trying to defend itself whilst blindfolded and with its arms tied behind its back.

Our research shows that cybercriminals are using the dark web to buy and sell fraudulent gift cards. This type of crime has grown substantially over the last several years because it can yield significant financial rewards at a relatively low risk for criminals.

Cybercriminals’ continued interest in gift card fraud aligns with a common practice among many gift card issuers: the prioritisation of user experience and profits over security. Unlike bank-issued credit and debit cards, gift cards are not held to strict anti-fraud standards, which means that many gift cards may lack common-yet-effective security features aimed to help combat fraud. This is just one example of criminal profiteering using the Deep & Dark Web.

Attaining effective cyber defence

Effective cyber defence requires barriers that deter cybercriminals alongside effective risk intelligence. In the high stakes world of commercial cybersecurity, prevention is better than cure. As previously stated, any breach or cyber compromise has the potential to result in substantial reputational and financial consequences. The recent case of the telecoms company serves as a case in point -- the company’s share price plummeted after the attack and still hasn’t recovered fully.

Businesses need to prioritise cybersecurity and make sure it is a C-Suite issue that is taken seriously by all departments and employees across the entire business. The weakest link in the defence is most often what will be exploited by criminals. As such, businesses need to ensure staff are trained so they don’t create a gateway for criminals. Furthermore, cybersecurity infrastructure needs to be updated and invested in to help businesses detect and mitigate cyber threats more accurately and effectively.

The latest cyber attacks once again shine the spotlight on cybercrime. It is an issue that affects companies of all sizes and from all sectors. Even countries are affected by it. It is a truly global challenge.

Above all else, it is crucial for businesses to focus on what they can control. Having effective insight and intelligence about relevant threats, investing in technology and people, providing training for staff on cybersecurity, and prioritising defence from the most senior staff through to the most junior is essential. Failure to take action will only make your business more vulnerable to compromise. These are the lessons businesses must learn from the latest high-profile cyber-attacks.

By Vitali Kremez, Director of Research, Flashpoint