Cyber Security: four trends to watch

Welcome to the first of our series of blogs from the Cyber Security team at MHR.

Over the next few months, we’ll be addressing the latest topics, trends, and developments in the cyber security industry and their impact on the workplace. In this introductory post, we delve into some recent developments and discuss what your organisation can do to stay protected.

The rise of cheap ransomware

Ransomware attacks have become increasingly accessible and affordable. Recently, law enforcement agencies, including Europol, successfully dismantled the LockBit and Clop ransomware groups. While this is a significant victory, it has left a void quickly filled by low-level, unsophisticated ransomware, commonly referred to as "junk gun ransomware."

This type of ransomware is sold cheaply on the dark web, around £500 for the initial purchase, with an additional 5% of the ransom paid back to the operator. This low barrier to entry has made it appealing to a wider audience, primarily targeting small to medium-sized businesses. It's a growing threat that demands vigilance.

Weak password crackdown

On April 29, 2024, the UK Government passed a law requiring secure passwords for all smart devices, including mobile phones, Ring doorbells, smart fridges, and smart TVs. This move aims to combat the prevalent use of simple, easily guessable passwords like "password123." 

Manufacturers are now mandated to ensure that users cannot set weak passwords. For instance, if someone tries to use "Ring1234" for their Ring Doorbell, the software will prompt them to choose a more secure password that meets the minimum standards set by the UK government. This legislation is a significant step towards enhancing security for both individuals and corporate environments.

A rise in state-sponsored attacks

The first quarter of 2024 has seen a surge in nation-state cyber-attacks, particularly targeting critical infrastructure. Reports from the National Cyber Security Centre (NCSC) and GCHQ highlight the severity of these attacks. The UK identifies 13 critical infrastructure sectors, including energy, utilities, transport, government, and health, all of which are potential targets. 

Recent examples include the Ministry of Defence payroll breach attributed to China and GPS jamming of airlines linked to Russia. In the United States, Russian groups have been accused of attacking water utility companies. With nation-states possessing vast resources and sophisticated infrastructures, critical infrastructure remains a prime target.

To address this growing threat, the NIS regulation (Network and Information Security System regulation) is set to be implemented in October 2024, focusing on safeguarding critical infrastructure.

AI use in cyber crime

Cybercriminals are increasingly leveraging AI to enhance their attacks. Microsoft and OpenAI, the organisation behind ChatGPT, have confirmed that they have disrupted various cybercriminal operations using their platforms. This means that the often poorly written, grammatically incorrect phishing emails filled with spelling mistakes are becoming a thing of the past.

AI enables cybercriminals to craft convincing phishing emails and gather information about public organisations or individuals with ease, enhancing their malware's effectiveness. The NCSC predicts that AI usage in cybercrime will significantly increase the volume and impact of cyber-attacks over the next two years.

What can organisations do to protect themselves?

Despite the increasing accessibility of ransomware and sophisticated attacks, getting the basics right can significantly enhance your organisation’s security. Here are some fundamental practices to implement:

  • Strong password policies: Enforce the use of complex passwords and regular updates.
  • MFA implementation: Mandate multi-factor authentication to add an extra layer of security.
  • Zero trust: Adopt a zero-trust approach to minimise the risk of breaches.
  • Patching vulnerabilities: Regularly update and patch systems to close security gaps.

These basic cyber hygiene practices are crucial in protecting against common attack vectors.

At MHR, we’re also evolving our defences in line with attackers. As phishing emails become more sophisticated, our user awareness training has evolved. We conduct varying levels of phishing tests, from basic to advanced spear-phishing attempts, to better prepare our users.

We recognize that while cybercriminals use AI to attack, cyber defenders also leverage AI and machine learning to enhance threat detection and response. Tools like Microsoft Defender XDR's Copilot, an AI integration, help us stay ahead of threats and respond more swiftly.

Stay tuned for more insights from our Cyber Security team as we continue to explore the ever-evolving landscape of cyber threats and defences.

Looking for something specific?