In conversation with Nick Robilliard, Information Security Consultant at Resolution IT, and Nichole Culverwell, Director of Black Vanilla
Cyber security remains a significant risk facing organisations of all sizes and sectors. It’s likely to be a top-three concern for boards and has rapidly escalated since the Russian invasion of Ukraine.
How has the threat landscape evolved over the last few years?
Cyber crime is constantly evolving and increasing. Since the start of the pandemic, we’ve seen a sharp increase in phishing attacks which use the Covid-19 narrative to peddle fear into the victim in an attempt to gather sensitive information. The increase was so high, in fact, that Google’s Threat Analysis Group shared that they blocked 18 million Covid-themed phishing emails per day in 2020.
An example of this was an email sent to elderly people, promising them an early vaccine if they provided personal data. Another scam directed recipients to click on a link that supposedly offered health advice, new policies or the latest guidelines, which then installed malware on the user’s device.
Scammers know that 90% of data breaches are caused by human error, so targeting users who may not be up to speed with their cyber-awareness training often gives them the results they are looking for.
What do you predict for 2022 in terms of cyber security?
Following the Russian invasion of Ukraine, and given the number of cyber attacks on Ukraine’s banks and governmental departments, it is prudent to be at a heightened awareness whilst operating online. Although the chances of being specifically targeted remain slim, there is a greater risk of being part of the collateral damage – whether as an overspill of Ukraine-targeted attacks or attacks aimed towards Ukraine-allied countries.
According to Forbes, suspected Russian-sourced cyber attacks- observed over a two-day period- were recorded at an increase of more than 800%. With President Putin’s declaration that if the West gets involved it will face ‘consequences greater than any you have faced in history’, it is vital for businesses to prepare for the possibility that these attacks will be cyber in nature. Although it is still unclear which form these attacks will take, it would be wise to remain vigilant for Ransomware, Malware, Advanced Persistent Threats (APTs), Network Attacks and DDoS.
Even without the increased cyber risk from Russia, ransomware remains one of the biggest cyber threats today. In 2020, 51% of organisations were hit by a ransomware attack, of which 26% of victims paid the ransom to get their data back (Sophos, 2021). Another big threat that we’ve seen increasing recently is Business Email Compromise (BEC) attacks. These attacks involve a hacker posing as a company vendor or other business contact, persuading the recipient to direct a payment to their account. There was a 200% increase in BEC attacks in the first half of 2020 (Bitdefender, 2020).
How can businesses be prepared?
Governments across the globe have shared general guidance in relation to cyber security preparations, including patching internet-facing and business-critical software, preparing for ransomware and data destruction, training and preparing your staff so that you are able to respond quickly to a breach, and locking down your network.
Businesses of all types and sizes, and in all locations, are at risk from a cyber attack or data breach at any moment. There are many methods businesses can take to help mitigate the risk of a cyber attack, but as important as it is to put protections in place to prevent an attack, it’s also vital that businesses are equipped to react should an attack occur. This includes being able to communicate strategically and at speed with a variety of audiences and stakeholders.
In the first few hours of a crisis, attention is rightly focused on discovering the extent of the issue and limiting its impact. It’s not the ideal time to start thinking about who you need to contact or how to reach them. Preparation and forward thinking is invaluable in this kind of situation. Knowing who your key stakeholders are, how to reach them, and how you want to use your website or social media channels to communicate to a wider audience, all reduce the conversations required and the number of decisions you need to make.
Pre-prepared key messages or draft statements give you a foundation to build on and, if relevant, spokespeople should be media trained. Being able to access your communications plan and other company assets such as logos or pre-prepared graphics for social media is of course critical. It pays to have these files kept by a third party in case of a denial of service or ransomware situation.
So, what do ‘good’ crisis communications look like?
- A willingness, and ability, to act fast – you’ll likely need to start communicating before you know all the facts. Start by explaining what you know and the steps you are taking, show concern for those affected and be clear about when you will next issue an update
- Having 24/7 control of all your comms channels
- Having relevant spokespeople that are media trained and understand what the media want and need from a spokesperson
- Ensure staff understand the situation and your internal and external messaging is aligned
The Cyber Crisis Comms Respond & Recover Package from Resolution IT and Black Vanilla helps businesses minimise the reputational damage of a cyber security incident and gives organisations the tools and training they need to create a best practice communications plan.