There was a lot of talk about cyber weapons and the cyber dimension of global politics after the NotPetya and WannaCry attacks in 2017 and the Stuxnet worm, first discovered in 2010, when it was used to attack the control mechanisms of Iran’s uranium – enriching centrifuges.
Professor Ciarn Martin CB, former director general of the National Cyber Security Center (NCSC), said there are increasingly “realistic scenarios” that are causing US and UK governments to rightly warn organizations to be on increased alert. However, these warnings are not properly worded in a panic situation. There is no specific threat. ” The good thing is that both governments are proactively involved with organizations to help them improve their cyber resilience.
Companies around the world have been hit by the NotPetya attack, causing huge commercial losses. In the article “The untold story of NotPetyaHow a single piece of code destroyed the world, “Wired.com described the NotPetya attack as” the most destructive cyber attack in history. “
Recent warning By leading government organizations in the field of cyber security has called a new malware “Cyclops Blink”, citing it as an emerging threat. National Center for Cyber Security (NCSC) Describes Cyclops in the link As a “highly sophisticated piece of professionally developed malware”. It is clear that the threat of malware, and especially sophisticated malware, remains.
Improving cyber resilience with NCSC
The NCSC is leading in helping organizations become more resilient at all times, but with the increased potential for cyber incidents they have put out Instruction Organizations improve their cyber resilience. This guideline applies to all scenarios, and begins with the statement, “The threat facing an organization may change over time. At each stage, a balance needs to be struck between the current threat, the means necessary to defend against it, the consequences and cost of those protections and the overall risk to the organization.”
One of the good things about NCSC consulting is that they are always impartial, easy to understand, easy to implement, and it’s free. This latest directive describes its purpose as “when organizations may face a greater threat, and the steps to be taken to improve security.” It also provides cost-effective training, recognizing that not every organization is the same or can afford the same solutions, so it is highly tailored to the organization’s risk appetite, tolerance and budgets.
CISA Director, Jen Astralie, said“We live in a time when every government, every business, every person must focus on the threat of ransomware and take action to reduce the risk of becoming a victim.”
What is important is that the cyber risk to an organization is balanced with the defensive measures taken to reduce it, as the threat may change over time and therefore the implications of the risk dilemma vis-à-vis the defense may again change over time. This is when the NCSC suggests that “beyond increased alert” can:
- Help prioritize the necessary cyber security work
- Offer a temporary boost to defenses
- Give organizations the best chance of preventing a cyber attack when it may be more likely, and recover quickly if it does occur
Like the NCSC, CISA provides clear and free advice. They state that during an increased threat period, “immediate actions that can now be taken include ensuring timely repair of all operating software; implementing a user training program that includes identifying and reporting suspicious emails; securing and monitoring a remote desktop protocol, if used; and maintaining offline backup; Of your data. “
Again, like the NCSC CISA website www.StopRansomware.govIs the federal government’s one stop shop for resources on how to protect large and small organizations from becoming ransomware victims.
Anticipate the threats
Given the rapid advancement in technology and what appears to be an ever-expanding threat environment, it probably makes sense for all organizations to always maintain increased alert, at least at a level that allows them to be one step ahead when exploitable environments such as Web 3 and Metaverse appear.
The Metaverse is concentrated on external devices, more IoT, and remains as vulnerable as anyone, but is another layer of exploitable endpoints where the prizes are crypto wallets, data and exploitation. Criminals will expand their knowledge and prepare for these new vicious opportunities. Organizations must do the same, since standing still in cyber is, in fact, reversed very quickly.
What is clear is that we are in a very insecure time where cyber security can still play a huge role in what is happening in the world. Therefore, preparation for increased resilience is only a logical way to minimize any potential risk and ensure organizational resilience and a solid foundation to adopt future technologies.
About the writer: Philip Ingram MBE He is a former colonel in British military intelligence and is currently an international journalist and commentator on security and cyber.
Editor’s note: The opinions expressed in this author’s article are solely those of the donor, and do not necessarily reflect those of Tripwire, Inc.
