Story image

Cyber warfare set to surge in 2018 but expert says Britain is not prepared

31 Jan 18

A report from Gemalto found that 2017 was a prominent year for cybercrime.

900 data breaches occurred during the first six months, compromising 1.9 billion records and representing more stolen data than the entirety of 2016.

Venafi senior threat intelligence analyst Jing Xie says this explosive development in data exfiltration will continue in 2018, with an even more ominous trend revealing the number of sophisticated state sponsored cyberattacks increasing markedly last year.

“In 2017, attackers working for nation-states focused on efficiency and return on investment, and they were very successful,” says Xie.

“As a result, we should expect to see escalations and variations of similar attack vectors this year.”

This menacing movement has prompted Britain’s defence chief of general staff, Sir Nick Carter to warn that the UK is trailing Russia in terms of defence spending and capability.

In addition to Russia, North Korea, Iran and China have been held responsible for state cyberattacks on the US and Europe.

Sir Carter admits that state-based competition is being employed in more novel and increasingly integrated ways, with the end result being the threats the UK faces are not thousands of miles away but right on Europe’s doorstep. In light of this, Sir Carter is pressing the government for a significant increase in spending on the army, navy, and air force.

Huntsman Security head of product management Piers Wilson says it is absolutely right to call for increased resources for British cyber-security defences.

“However, the problem is more than just a need for more money and personnel to address the issue. Every day the UK is assailed by thousands of cyber-threats, from cyber-espionage aimed at the Government itself to attacks on critical infrastructure, industries, intellectual property and personal information,” says Wilson.

“Put simply, our defences could spend every penny available on people and tools and it still wouldn’t be enough to keep us secure. After all, we are still in the midst of a crippling security skills shortage that is expected to result in over 1.5m open jobs by 2020.”

Wilson says this means the government must make sure that spending is being directed intelligently on the right technologies and techniques to solve the problem.

“In particular, automated systems which are able to assess and rank various threats, allowing analysts to focus on the most pressing ones, are going to be essential. Intelligent automation, leveraging AI and analytics, can help defence analysts avoid running down endless rabbit holes and be smarter about defending all areas of the nation from attack,” says Wilson.

“Cyber-defence isn’t just a matter of deploying people where they are needed, but giving them the right tools and technology to do the job - and this carries over into the commercial world too.”

Xie shares these sentiments and asserts the ‘cyber warfare’ will only escalate.

“With every major nation-state expanding both offensive and defensive cyber war spending, public and private critical infrastructure and communication providers should expect to be caught in the crosshairs of cyber warfare,” says Xie.

“As a result of the cumulative impact of powerful spending and attack trends, we should expect to see at least one act of nation-state sponsored cyber warfare that directly impacts citizens this year.”

How to stay safe when shopping online
Online shopping is a great way to avoid the crowds – but there are risks.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Why data backups should be a part of daily operations
"Disaster recovery needs to address complete system failure and provide a set of security policies to govern disaster incidents."
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.