Organizations in the UK could now face serious consequences for having cracks in their cybersecurity armor. According to The Guardian, the British government has proposed penalties as a ‘last resort’ for companies that are failing to properly assess risks and prevent damage from hacks. Organizations could face fines of up to £17m if they fail to take measures to prevent cyber-attacks that could result in major disruption to services such as transport, health or electricity networks.
However, the proposals, which were officially launched on Tuesday, state that financial penalties won't be an issue iforganizations can prove they did an thorough-enough job assessing the risks in the face of an attack.
This new form of crackdown stems from several recent large-scale attacks. The WannaCry virus sparked the movement/idea, which was then rocketed to the forefront after a major IT failure at British Airways left 75,000 passengers stranded and cost the airline a whopping £80m (although the company blamed a power supply issue rather than admitting a cyber-attack).
The proposals will also require companies to show what action they are taking to reduce the risks. “We want the UK to be the safest place in the world to live and be online, with our essential services and infrastructure prepared for the increasing risk of cyber-attack and more resilient against other threats such as power failures and environmental hazards," states digital and culture minister Matt Hancock.
The consultation is set to be implemented on May 2018, and is part of a £1.9bn national cyber-security strategy. Other organizations have chimed in, saying that they want to see a giant push forward in the detection of attacks, developing security monitoring and raising staff awareness, as well as immediate reporting of incidents and ensuring that the proper systems are in place for recovery.
Ciaran Martin, the chief executive of the National Cyber Security Centre, joins the large pool of experts touting the importance of organizations needing to do more to increase cybersecurity. “The NCSC is committed to making the UK the safest place in the world to live and do business online, but we can’t do this alone,” Martin said. “Everyone has a part to play and that’s why since our launch we have been offering organizations expert advice on our website and the government’s Cyber Essentials Scheme.”
Our second story takes a look at the recent malware outbreak strikes Europe. Large banks, law firms, shipping companies and even the Chernobyl nuclear facility in the Ukraine were affected. Hackers exploited the EternalBlue vulnerability in older Microsoft Windows systems to rapidly spread malware.
The culprit? The NotPetya ransomware campaign, a variant of the malware Petya. Timothy Crosby, Senior Security Consultant for Spohn Security Solutions, says that the NotPetya attack was very much a horse of a different color, and an even greater cause for alarm than the WannaCry epidemic. Why? While motivation behind WannaCry was merely financial, NotPetya exists solely to create chaos and destruction.
“This Petya variant makes system restoration nearly impossible for those infected," says Crosby. "Here's the rub. Malware is growing increasingly sophisticated to the point that it’s virtually impossible to detect using standard cyber security protocols. NotPetya is just the beginning - cyber security teams must remain vigilant to detect and avoid attacks."
Crosby says that to safeguard a network, businesses must identify potential vulnerabilities through an information security risk assessment. With a rapidly changing cybercriminal landscape, static assessments, stale employee training and protocols will not keep up with the dynamics of cyber security today.
Here are a few suggestions Crosby has for tightening up processes and systems:
Security teams should monitor for aberrant and unexpected behavior, such as accounts being used at odd hours, at multiple locations or while on vacation.
Businesses should employ a host of protection programs that notify personnel when a threat exists, such as Security Information and Event Management (SIEM) systems that automatically aggregate events and alerts based on anomalous activity.
Our last story of the week examines new research from the cybersecurity experts at Netsparker. The research gives insight into what web developers believe is the most susceptible to hacking and how it continues to happen. To give you an idea, sixty-one percent of developers think the government is vulnerable to hacking, and more than half think smart home technologies are a cybersecurity risk. Yeesh.
The main theme here, if you haven't guessed it already, points to the Internet of Things (IoT). This is increasingly becoming a huge issues, especially as hackers are getting more cunning and sophisticated. Who would have thought we'd live in an age where someone could potentially hack your refrigerator (Smart House flashbacks anyone?)?
Developers think that new IoT driven technologies are indeed the most vulnerable. The rundown is as follows:
- Smart TVs – 42 percent
- Web apps and online services – 41 percent
- Connected cars – 35 percent
- ATMs – 34 percent
Additionally, when asking about cybersecurity in the boardroom, experts believe that the two biggest culprits are lack of IT understanding and budget (57 percent for both), followed by an absence of concern (39 percent) and the fact that cybersecurity is complicated to understand (30 percent).
“Because of recent election-related events, it’s not surprising that developers and IT professionals have so little confidence in the ability of governments to prevent hacking," said Netsparker CEO Ferruh Mavituna. "But the reality is that all organizations and enterprises should take precautions to prevent data breaches.”
For more of a deep dive into the survey results and recommendations on how best to secure application software, visit www.netsparker.com.
The views expressed in this column do not necessarily reflect the views of Penton Media or The VAR Guy editorial staff.