Story image

Cyber warfare set to surge in 2018 but expert says Britain is not prepared

31 Jan 18

A report from Gemalto found that 2017 was a prominent year for cybercrime.

900 data breaches occurred during the first six months, compromising 1.9 billion records and representing more stolen data than the entirety of 2016.

Venafi senior threat intelligence analyst Jing Xie says this explosive development in data exfiltration will continue in 2018, with an even more ominous trend revealing the number of sophisticated state sponsored cyberattacks increasing markedly last year.

“In 2017, attackers working for nation-states focused on efficiency and return on investment, and they were very successful,” says Xie.

“As a result, we should expect to see escalations and variations of similar attack vectors this year.”

This menacing movement has prompted Britain’s defence chief of general staff, Sir Nick Carter to warn that the UK is trailing Russia in terms of defence spending and capability.

In addition to Russia, North Korea, Iran and China have been held responsible for state cyberattacks on the US and Europe.

Sir Carter admits that state-based competition is being employed in more novel and increasingly integrated ways, with the end result being the threats the UK faces are not thousands of miles away but right on Europe’s doorstep. In light of this, Sir Carter is pressing the government for a significant increase in spending on the army, navy, and air force.

Huntsman Security head of product management Piers Wilson says it is absolutely right to call for increased resources for British cyber-security defences.

“However, the problem is more than just a need for more money and personnel to address the issue. Every day the UK is assailed by thousands of cyber-threats, from cyber-espionage aimed at the Government itself to attacks on critical infrastructure, industries, intellectual property and personal information,” says Wilson.

“Put simply, our defences could spend every penny available on people and tools and it still wouldn’t be enough to keep us secure. After all, we are still in the midst of a crippling security skills shortage that is expected to result in over 1.5m open jobs by 2020.”

Wilson says this means the government must make sure that spending is being directed intelligently on the right technologies and techniques to solve the problem.

“In particular, automated systems which are able to assess and rank various threats, allowing analysts to focus on the most pressing ones, are going to be essential. Intelligent automation, leveraging AI and analytics, can help defence analysts avoid running down endless rabbit holes and be smarter about defending all areas of the nation from attack,” says Wilson.

“Cyber-defence isn’t just a matter of deploying people where they are needed, but giving them the right tools and technology to do the job - and this carries over into the commercial world too.”

Xie shares these sentiments and asserts the ‘cyber warfare’ will only escalate.

“With every major nation-state expanding both offensive and defensive cyber war spending, public and private critical infrastructure and communication providers should expect to be caught in the crosshairs of cyber warfare,” says Xie.

“As a result of the cumulative impact of powerful spending and attack trends, we should expect to see at least one act of nation-state sponsored cyber warfare that directly impacts citizens this year.”

JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
CERT NZ highlights rise of unauthorised access incidents
“In one case, the attacker gained access and tracked the business’s emails for at least six months. They gathered extensive knowledge of the business’s billing cycles."
Report finds GCSB in compliance with NZ rights
The Inspector-General has given the GCSB its compliance tick of approval for the fourth year in a row.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
WatchGuard appoints new channel distributors in A/NZ
The appointments will enable WatchGuard to expand its regional channel reseller footprint.