With the Petya ransomware attack creating headlines around the world, Matt Middleton-Leal, from CyberArk, looks at the Cybersecurity threat to the UK a year after the Brexit vote.
The Brexit vote one year ago marked a shock moment of uncertainty about the future of a UK outside the European Union, both politically and economically. The past year has also seen an increase in high profile cyber attacks, epitomised by the recent ransomware attack that brought the NHS to its knees and hit at the heart of British institutional values. With the political and economic uncertainty of the Brexit vote remaining fresh in the nation’s consciousness, now is the time to take stock of the increasing cyber threat that faces our country. As Brexit negotiations kick off and Britain treads carefully through a treacherous political landscape, the risk of hacktivism and political phishing is rising, meaning there are natural concerns around the continued open sharing of threat intelligence. Right now, too many businesses are burying their heads in the sand about the potential implications of this political shift. Here’s a look at how businesses can stay in control:
1) Rise in hacktivism: The internet is well-known as a place to vent frustration and take revenge. Now, with greater animosity from across Europe post-Brexit, it’s possible that UK businesses will face a higher number of cyber-attacks. It’s an issue on the rise, with Gemalto’s latest Breach Level Index showing the number of hacktivist breaches increasing by 31 per cent in 2016. Government, media, critical infrastructure, and any business which has been vocal about Brexit, whether for or against, should be on particularly high alert to hacktivists; it only takes one individual with a strong political or ideological agenda to take cover under insider privileges and cause huge damage. Companies can stay one step ahead of socially minded hackers by managing access to corporate social media accounts and protecting privileged credentials which allow attackers to quietly extend beyond their initial foothold within an organisation.
2) Political phishing: There is a huge amount of confusion around what a Brexit deal may look like, including what it means and how we – as consumers and as businesses – need to respond. Cybercriminals prey on uncertainty and Brexit presents a golden opportunity for them to scare us into thinking we must take action. In the month after the EU referendum result, Symantec's threat intelligence researchers identified a 392 per cent increase in spam emails that used Brexit in the subject line to target people and organisations. Clearly, companies need to be diligent and have the appropriate security measures in place.
Political phishing attempts could lead to a successful ransomware attack or allow a cybercriminal to penetrate perimeter defences and set up a base of operation inside the network. The start of Brexit negotiations should therefore act as a timely reminder to educate the workforce on good email practice, such as not opening attachments from people they don’t know, and making sure they have the right security in place to stop attacks from escalating in the eventuality of a successful phishing attack.
3) Open sharing of threat intelligence: Last year, UK businesses reported cybercrime losses of more than £1bn, according to Action Fraud. That was a huge 22 per cent year-on-year increase. Cybercrime is one of the biggest threats we face right now and international governments, businesses, and the cybersecurity industry must act collectively to stand any chance of combatting it. Theresa May referenced the UK’s security capability as a Brexit negotiating card, while the government’s post-Brexit digital strategy included a strand on cybersecurity. Both of these serve to highlight the importance of UK intelligence agencies working in coordination with international partner agencies to identify, anticipate and disrupt hostile cyber activities by foreign actors. However, we still need more specific details on how we will make sure we don’t become isolated from Europe post-Brexit. One of the best ways for companies to stay in control is to collaborate across industries, encouraging leaders to share best practice and threat intelligence.
It’s unlikely that cybercrime will skyrocket in the short term as Britain works out its Brexit negotiating position, however in the mid to long term there will be some significant security implications. We have already seen conflicting opinions and concern over whether the UK will abandon GDPR standards post-Brexit. The fact is, in order to do business with the EU, we will have to adhere to GDPR’s standards and principles. In this and in many other areas, adapting to a changing risk landscape must form an important part of all companies’ post-Brexit plans.
Matt Middleton-Leal is VP for the UK, Ireland and Northern Europe at CyberArk.