Regardless of your thoughts on Brexit, it can’t be denied that the drawn-out process has created mass confusion as firms rush to prepare for an unpredictable future. Because of this, we decided to survey IT decision-makers in UK enterprise organizations to determine the effects of an uncertain Brexit had on cybersecurity spending habits.
Our data shows that 53% of firms are increasing their cybersecurity budgets in preparation for a rise in threats once we leave the EU. Businesses anticipate that Cybercriminals will seek to use confusion to their advantage, whether that is through malware attacks or targeted phishing campaigns to coerce critical data or financial gain from organizations.
So, what are the top 5 post-Brexit threats identified by businesses?
1. Malware: 49%
Malware is a broad term encapsulating the myriad of techniques cybercriminals use for gaining access to critical data – whether it may be a Trojan horse, spyware or one of the many other forms of malicious code. While the means may vary, the objective remains the same: to gain access to the corporate network to steal data. The warning signs of a compromised network (missing files, changed login credentials, etc.) can be detected by a trained eye, but these signifiers may be misinterpreted as ‘business as usual’ amongst firms rushing to adapt to the changes Brexit brings.
To mitigate this risk, organizations must have advanced email and web security solutions deployed to ensure malware does not disrupt business, as well as threat detection systems to assist in the identification and quarantine of malware. Advanced email and web solutions can mitigate the risk, as they have the ability to automatically remove malicious links detected in email and attachments, or from documents downloaded from the web, before the threat executes within the corporate network. This protects the organization from staff mistakenly clicking on malicious links which is the most common reason behind cyber-attacks being successful.
2. Phishing: 40%
Phishing attacks epitomize the ‘cast a wide net’ approach to cybercrime. An example of this is ‘spear-phishing’ attacks on targeted firms. This involves an email being sent to employees at a firm – ostensibly from the CEO or CFO – asking employees to share sensitive bank account information or requesting funds be transferred into a spoofed bank account. Whilst these are significantly less effective (on a 1:1 scale) than some of the more insidious forms of hacking, what they lack in refinement, they make up for in scale.
It only requires a single worker to fall for the ruse. To offset this, employees need to be educated on the signs to look out for in a phishing email as part of an ongoing cyber training program. In addition, employing technology such as Adaptive Redaction will ensure that any employees who might take the ‘bait’, are incapable of sharing critical information or credentials as the technology will automatically redact sensitive information being sent to a recipient that not authorized to receive it. The technology is automated and a failsafe to ensure that no sensitive data can be leaked from within the network, either intentionally or otherwise.
3. Ransomware: 40%
As one of the fastest growing forms of cyber-attack, ransomware poses a serious threat to firms post-Brexit. Ransomware is malicious code loaded onto a network to isolate critical data, which the hackers then demand a hefty ransom to either release back to the firm, or in some cases destroy it (as opposed to sharing it with competitors). Cybercriminals will frequently pose as clients or partners via email and will seek to obfuscate and confuse employees into opening a file containing the malicious code. As Brexit looms, one method of attack could involve would-be hackers posing as ‘official’ comms or Brexit-orientated advisors, in an attempt to gain entry to a corporate network.
These attacks can be prevented through employee education sessions on how to identify these dangerous emails, as well as having an advanced threat protection solution installed to detect and strip malicious code before it penetrates the network.
4. Nation-State Cyber-Attacks: 39%
As the world has changed, so has its battlefields. Once, nations duked it out through their conventional militaries, but in the 21st century, many nations’ resources have shifted from tangible materials to the more ethereal. Intellectual property, industrial secrets, cyber-currency and critical data are all targets for nation-state sponsored cyber-attacks, often intended to disrupt national infrastructure, weaken economies and generally cause trouble for opposing states. Firms with globalist ambitions or foreign rivals are particularly susceptible to attack from these threats, but that’s not to say that no other businesses can be affected.
As nation-state attacks can vary broadly in their methodology, organizations must ensure that every aspect of their corporate network is secured against an attack. Many firms may not realize they are part of a nation’s critical national infrastructure but act as an important facet of the overall supply chain, making them a target for nation-state attacks. A key example would be the Norsk Hydro owned aluminium plants, which were forced to shut down for a number of days following a hack that left them unable to continue production safely. Whilst the hack later turned out to be a ransomware attack, the inability of these factories to produce key supplies is indicative of the potential disruption a state-sponsored cyber-attack can bring.
5. Changing Regulation: 37%
Although not commonly thought of as an aspect of cybersecurity, compliance with ever-changing regulations is a critical facet of a strong cyber defense. Firms may be charged with incredibly damaging – indeed, even business-destroying – fines if they are found to not be complying with the latest regulations. As the fines levied in the wake of GDPR has shown, even seemingly inconsequential actions such as sending an email to the wrong recipient could have staggeringly devastating consequences, with fines of up to €20m or 4% in annual turnover.
This is subsequently seeing the increased take-up of advanced data loss prevention technology that can support organizations to automatically protect sensitive information from being shared outside of the corporate network, including detecting if an email is being sent to an unauthorized recipient, thus negating the possibility of a breach in data regulation legislation.
As Brexit confusion increases and Britain’s future remains uncertain, firms must ensure that they are prepared for a rise in cyber-crime from opportunists seeking to exploit the chaos and confusion leading up to the UK’s withdrawal from the EU.