30th December 2021

Cybercrime and how to prevent it

The world has become digital and cybercrime is on the rise. Failure of companies’ technological defences entail both financial loss and damage to the reputation. But cyber-attacks can also target individual users outside of their professional environment. Lars Weber, Information Security Officer at Spuerkeess, tells us more about the most frequent cybersecurity issues and how we can secure our data at home.

1. Lars, what are the most common cybercrimes and which sector is the most affected?

If you only consider the absolute numbers, then it is clear that ransomware attacks are currently the most  frequent cybercrimes. These ransomware attacks come mostly in the form of a computer virus that will encrypt all your data. Once the system is hacked, the criminals demand a certain amount of money in exchange of your data. The attackers send the computer viruses via email to thousands of email accounts. Any sector is affected as the cyber criminals do not target any particular sector. Furthermore, these attacks are not very sophisticated and can be conducted by medium-skilled fraudsters, hence the rise in popularity of this form of attack.

This opportunistic approach can also be identified in the context of phishing attacks where phony emails are sent out to thousands of emails addresses at a time. The goal of these popular attack schemes is to trick the user into revealing their passwords. The passwords are then used by the attackers to connect to websites in order to buy goods or to access your private data.

2. What are the potential losses and who are the people behind these increasingly sophisticated attacks?

The potential losses of a cyber-attack vary as much as the forms of the attacks or the resources and motivations of the attackers. The other factor to consider is the value of the target of the attack. If your PC gets infected by malware and all the data on your PC is lost, then your loss can be very limited if the PC had no valuable data or if you have access to a recent backup. On the other hand, if you have been attacked but you have no backup and the malware has destroyed all your family pictures and important emails, then your loss can be substantial. The same is true for companies. Depending on the attack, the loss for the company can range from a minor nuisance to a fatal blow that could mean the end of your company. In extreme cases, the impact of a cyber-attack can also impact human life. Just think of the recent attacks on the IT infrastructure of health care institutions.

The people behind cyber-attacks are as diverse as the attacks. On the one end of the cyber food chain you have the low-skilled hacker apprentice who is struggling to get his malware to run correctly. On the other end you may be facing state sponsored organisations with state-of-the-art resources. In its essence, cybercrime is not different from traditional crime, where you find the full range of criminals: from the street thug to a global terrorist organisation.

3. What are currently the most effective security methods in order to prevent these attacks from happening?

Before talking about specific actions to set up, you should have a clear view of the risks that you or your company are exposed to. A cyber risk management process should give you this risk oversight. Such a process consists mainly in identifying and evaluating risks that you are exposed to. If you identify risks that you are not comfortable with, then you will have to take action to reduce these risks. This approach can also be applied in everyday life where you may have identified a high risk of a burglar getting into your house. Once you are aware of this risk you can reduce the risk by different means like, for example, installing stronger doors or security camaras. In order to reduce cyber risks, it is best to define an overall concept to cover the risks and subsequently reduce the probability of the risk and/or limit the impacts of the risk. Such a cyber security concept should be based on key guidelines that are implemented in the different fields of IT (for example on network level, on system level, on data level, ...)

One key guideline is the “layered defence model”, where you have more than one security mechanism to address every major risk. Take the example of the buglers. In order to protect your house, you install stronger locks on all your doors but you add security cameras - just in case the locks are opened by the burglars. Another key guideline is to "stay up to date" on your IT infrastructure. Almost all of the successful cyber-attacks have at some point exploited a vulnerability in an IT system which could have been avoided with frequent updating. Get the latest updates on your systems and you’ll make cyber criminals’ life harder.

The "least privilege" guideline should also be implemented because it will only grant the minimum but necessary access rights to an employee and thus limiting the impact of a potential compromise or abuse of the employee's User Id. To limit the operational impacts on your business of cyber-attacks, you should also have a "assume compromise" approach which will focus on the aspects of what to do once you have been attacked.

The guidelines above are not to be taken as a complete set of methods and guidelines as cyber security is a very vast and complex domain.

But in order to be effective, you will have to proceed in a structured and proven way which is having cyber risk management identify and evaluate your biggest risks and then addressing these risks with a cyber security concept based on a set of clear rules.

4. How can companies ensure an intelligent cyber risk management across their entire organization? What are your five tips?

Tips for companies to ensure an intelligent cyber risk management

1. Clearly define who is responsible for what.

2. Make sure risk management activity is independent from cyber security operations. This gives you assurance that no conflict of interest is preventing problems to get addressed swiftly.

3. Make sure the management of the company is constantly informed about the cyber risks the company is exposed to.

4. Define a cyber protection strategy : Based on the identified risks, define tasks and projects that mitigate these risks. Follow the execution of these tasks at board level.

5. Define a security policy giving all the employees the necessary guidance to follow cyber security best practices : Conduct awareness campaigns in order to make sure that your employees understand what is expected.

6. Adapt constantly.

Effective cyber risk management is much more than these key concepts, but you should start with these basic steps in order to have an effective approach and make the best out of your resources (budget, manpower, security tools).

About the blog:

 

There is an urgent need for rapid transition to Global Environmental Sustainability. Thanks to changemakers, progress is possible. "Why does it matter?" is a bi-monthly series that takes a quick look at the forefront of today's trends around  sustainability. From May 2021 on, we aim to elucidate this important topic through the eyes of our experts. 

 

Your contribution counts too! From June on, don't miss out our experts' practical tips for your daily life.