The cyber threat landscape is evolving – now is the time to focus on your employees

Cyber Protection, April 20, 2022

Cyber Protection, April 20, 2022

The number of cyber attacks and incidents against European and Nordic organizations have been steadily increasing in recent years. Therefore, companies need to have the cyber security agenda as one of their top priorities, ensuring the protection of their business-critical assets and service/product areas.

The cyber threat landscape has matured alongside political activities in the last quarter

We clearly see the trends and tendencies on the darknet as well as through open sources (e.g., the Danish government’sCFCS 2022 threat assessment, Russia and Ukraine), indicating a significant increase in political pressure on tech-, financial- and manufacturing companies. The pressure is primarily on organizations that have made their political stance clear against the situation in Ukraine. We typically see Denial-of-Service Attacks (DDoS) targeting publicly available IP addresses, as well as malware attacks via the phishing vector. Out of the malware attacks, there is a clear tendency around the use of wiperware, a malware strain where the sole purpose of the cyber-attack is to ensure a complete production halt. This halt is ensured through malicious software, targeting and destroying all systems in its vicinity by wiping the company units of all content. This tendency has been more and more prevalent in the last 30-45 days.

The threat actors are far more aggressive than previously experienced. This is reflected, among other things, in the services offered through the darknet. There are reports of named actors looking for IT developers employed in some of the larger Nordic/Northwestern-European companies and enterprises. The actors in question offer IT developers up to €100,000 to insert code lines in the organizations’ proprietary software or open a backdoor through other measures, targeting core systems.

If the threat actors succeed, they have effectively compromised the target organization and created a way into the core business network. From here on out, it is a matter of establishing presence and creating additional backdoors as well as elevated rights within the organization’s key areas: business critical systems and networks. At this point, the attacker, whose primary motivation is financially driven, is ready to threaten the core existence of its target. This is just one example of a new reality that Nordic/Northwest-European organizations are faced with.

What can companies do to protect and mitigate cyber attacks?

The key parameters to cyber security within an organization is to, first and foremost, ensure you are in control and ready to make informed decisions within the cyber security agenda. Getting in control starts by identifying trends, industry characteristics, data points, attack vectors and weaknesses within the company’s infrastructure. This provides an overview of the current threat landscape that the individual organization is facing, as well as their inherent ability to navigate the threats and the ability to operate when risks materialize. Hereafter, the organization is able to create a fit-for-purpose plan, clearly stating where, how and to what extent to deploy protection-, detection- as well as response- and restore cyber capacities.

In addition to the above, one should also have the long-term strategic direction for the company in mind – the tactical and strategic goals in relation to core business operations versus the threat landscape and the implications the organization potentially faces. This ensures that financial resources and employee efforts are focused on the organization’s most urgent areas.

Four steps to prevent and resist cyber attacks

  • Keep employees informed and updated. Describe what the cyber threat landscape looks like and the risks the company is facing
  • The best firewall is the human firewall. Training employees in moving from a reactive to a proactive mindset. Today, we have advanced learning systems available, especially for training and improving the human firewall in a cyber security context. These systems are powered by AI and Machine Learning technologies and offer quick and responsive solutions, with near-zero administrator/service interaction required
  • Invest in technological tools and / or services aimed at preventing and protecting against cyberattacks, as well as detecting any ongoing attacks
  • Implementing the right level of process and governance is key. It is critical that the organization activates and implements process functions that are in-line with the threat landscape and risk appetite as well as the company’s scope and ambition within the cyber security area

Many organizations underestimate the value of the above efforts, both in terms of ensuring the future growth and prosperity of the organization, as well as the inherent value the customers receive.

The threat landscape is constantly changing – now is the time to act.