|
|
|
Threat Assessment and Cyber News January 2024 |
|
Welcome to the first SWCRC threat assessment of 2024! We hope you had a great festive period, either restful or profitable (or both!) depending on your business. This month we’re focusing on the big picture of things you should have been avoiding in 2023, and things you’ll want to look out for in 2024. Lots of different ideas from different sources, and we hope you find them useful. |
|
Just one minute...
Before you dive into the Cyber predictions for 2024, can you spare ONE MINUTE to tell us what you think of these monthly updates? We want to give you what you want - so each month we'll ask no more than three questions about our service and we promise that we'll read all your comments and take action!
Click here. Thank you. We really appreciate your feedback. |
|
|
|
Google Cyber Forecast
We’ll begin with a view from Google, who recently published their cyber forecast for 2024 (full report at https://services.google.com/fh/files/misc/google-cloud-cybersecurity-forecast-2024.pdf . They’ve suggested that
So-called “zero day vulnerabilities” are increasing – where a problem with your software is uncovered and exploited by criminals. In a world where we’re all getting better at spotting malicious emails, these vulnerabilities provide an easier route into your network.
The solution? Make sure you update your systems promptly, so that security updates are applied. Make sure that you’re not using dated hardware, which is out of support and doesn’t get those updates. And when you buy new devices which connect to your network (cameras, plant equipment, tv’s), ask some searching questions about how long they’ll be supported for, and how security updates will be applied. Of note is a separate blog by Qualys at https://blog.qualys.com/vulnerabilities-threat-research/2023/12/19/2023-threat-landscape-year-in-review-part-one which suggests that 25% of weaknesses are exploited by criminals on the day they’re announced, and which shows the increasing number of such vulnerabilities year on year (below). |
|
|
Further predictions from Google on cyber security
Artificial intelligence will increasingly be used to support cyber attacks, making text, voice and even video content which look real, and avoid the spelling mistakes of the past. AI will allow attacks to happen at a greater scale, as communications can be quickly tailored to an individual with minimal effort: so you can expect an increase in phishing material. You and your staff will need to be more aware that you can’t necessarily trust email content, and that it’s best to check if in doubt.
Wiper software will increasingly be deployed by foreign states to cause mischief: what this does is simply delete data to stop a business from functioning. You can manage this risk by ensuring that you’ve got a regular backup plan in place. If you don’t know where to start, you can find guidance from the National Cyber Security Centre (NCSC) at https://www.ncsc.gov.uk/collection/small-business-guide/backing-your-data, or by inputting some of the key terms into your search engine.
Mobile cybercrime will increase, with social media accounts, pop ups and fake messages prompting users to install malicious applications onto their hand-held devices. Be aware that cyber security doesn’t just relate to your computers, and as far as you can, ensure that you’ve got protective measures in place for mobile devices. The NCSC has guidance for organisations who allow employees to use their own devices here https://www.ncsc.gov.uk/collection/device-security-guidance/bring-your-own-device. |
|
Actions to build your cyber security
A couple of other interesting thoughts on what to be aware of, taken from the various annual reviews that we’ve read. A spokesman for cyber company Integrity360 suggests that as cyber defences get stronger, criminals are simply resorting to bribing insiders to help them. This might be something as simple as sending a malicious email where the employee deliberately clicks on a link. That makes it relatively risk free for the employee.
If you’re a big business, this is about limiting the impact that any one employee can do to your networks. As a small business, think along similar lines: does everyone have access to everything? Source: https://professionalsecurity.co.uk/news/interviews/cyber-review-of-2023/
Linked to this, and of interest to bigger companies: a really interesting piece of research this month showed how ex-employees can retain access to your slack and zoom accounts even once you’ve removed them from corporate email. And you probably won’t even be aware. Truffle security run through this in more detail at https://trufflesecurity.com/blog/google-oauth-is-broken-sort-of/ , and they suggest that you should be disabling logins with google - although for some platforms there are more complex fixes.
A separate blog suggests a shift towards voice-based attacks, which we were highlighting earlier in the year. Chances are that whilst people are suspicious about emails, they trust a person far more, which is why criminals now direct them onto the telephone to encourage them to give up system access. Worth being aware of this if you’re unexpectedly called by tech support. Source : https://www.zscaler.com/blogs/security-research/top-5-cyber-predictions-2024-ciso-perspective
Lastly, we just wanted to reiterate that you should be careful about QR codes. When included in an email, they tend to be harder to detect and block than normal links. They also have the benefit of transferring the user onto their mobile device, which is less likely to have workplace security measures installed.
Below is a good example “from HR”. The user scans the code to confirm their details for salary payment to be made, and they are first invited to log onto a (spoof) Microsoft page with their company account. In this example, publicised by researchers at SecureWorks, they found that it then took two minutes for the account to be taken over, and subsequently software was installed to export all inbox content. https://www.secureworks.com/blog/qr-phishing-leads-to-microsoft-365-account-compromise |
|
|
Webinar Invite: January 18th
How is your 'New Year Cyber Resolutions 2024' going?
We can help! Join us for the first Cereal & Cyber webinar where we're discussing social engineering, online scams and what we can do to kickstart all those New Year resolutions with minimum pain.
Book here. |
|
|
Please share with any schools you know
South West Police Regional Cyber Crime Unit update on phishing attacks targeting schools.
|
|
|
|
|
This email was sent by South West Cyber Resilience Centre. © 2023 South West Cyber Resilience Centre. Joint Emergency Services Building, Wimborne Road, Poole, Dorset, BH15 2BP
Contact us: enquiries@swcrc.co.uk
If you want to stop receiving these monthly threat assessments, please update your preferences.
If you no longer wish to be a member of SWCRC you can unsubscribe |
|
|
|
