Perhaps the most high-profile example of the damage inflicted by ransom attacks is WannaCry, which spread across the globe and severally impacted the NHS. But the severity of the issue is further compounded by one crucial fact, according to Digital Guardian’s global security advocate, Thomas Fischer.“Attacks like this have been happening for years, but unfortunately we are either quick to forget, or simply don’t learn from past experiences,” he said. “After all, the recommendations remain the same.”
Such an attitude is no longer enough and the sophistication of ransom attacks, and cyber crime as a whole, has Wainwright worried. They have become capable of crippling networks, sabotaging software and seem to increasingly be targeting financial institutions.
It echoes research from Duff & Phelps earlier this year, which surveyed 200 executives in financial services companies. Some 80 per cent of respondents claimed they were set to double the amount of money being invested in cyber security.
“The real threat, however, comes from a sort of exponential, remorseless increase in the scale and significance of cyber criminal capability,” Wainwright explained to Reuters after his Web Summit panel.
“Cyber crime is becoming good enough to really threaten parts of our critical infrastructure, certainly in the financial, banking sector.”
Furthermore, cyber criminals now do their work from various, remote locations – including the bedroom – making it harder for them to be tracked and prosecuted. They’ve gone from lone wolves to pack members, with their fingers in multiple pies from, as Reuters suggests, selling drugs to hijacking ATMs.
“There is an underworld that’s a lot bigger, smarter and adept than most people think,” Wainwright said. “And, against it, we still have generally low cyber security standards.”
Indeed, while awareness is increasing, companies are still behind in terms of implementing adequate defence. The protection of the business isn’t the only thing at stake.
With GDRP around the corner, those found to have been hacked could in turn be penalised for lack-lustre security, especially where customer data is concerned.
“We are under constant threat and always a step behind those targeting us – as soon as one flaw is fixed another is exposed,” Phil Beckett, MD of disputes and investigations for Alvarez and Marsal, told Real Business. “Following an array of high-profile attacks on businesses, a renewed emphasis has been put on data protection and securities, but this reaction is too late.
“GDPR fines of €20m are imminent in the event of a data breach, so security needs to be at the forefront of everyones minds, especially those in the financial services. Admittedly, this should have been the case years ago but we simply cannot afford to ignore digital threats anymore.”
Wainwright’s shocking statistic should be seen as a wake-up call. No company is immune to a cyber attack, not even an SME.
Beckett added: “For anyone to think their business is not under threat is not only idealistic but also naïve – action is needed now and as ransom attacks continue to grow in number, the threat increases.”
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
