Building digital resilience to navigate evolving cyber-threats

Audra Streetman at Splunk SURGe describes the rapidly changing nature of cyber-security risk

 

Today, cyber-crime poses more of a danger to organisations around the world than ever before. Rapid digitalisation, alongside recognition of the rewards of digital crime (and increasingly organised and opportunistic cyber-criminals) mean that the average business exists within the context of a complex and ever-changing threat landscape. 

 

One major shift is the rise of generative artificial intelligence (AI) and sophisticated machine learning (ML) algorithms. These technologies empower cyber-criminals to enhance their operations. This includes expedited malware attacks, increasingly realistic deepfakes, and more convincing and automated phishing attacks. 

 

Safeguarding against cyber-threats is a huge challenge for both public and private organisations. It’s essential to not only be aware of how these risks are evolving, but how proactively building digital resilience can ensure these risks don’t cause irreparable damage. 

 

The ransomware risk

Ransomware remains one of the most pervasive cyber-threats, with the ability to compromise security and financial operations for organisations of all sizes. An alarming 96% of Chief Information Security Officers (CISOs) reported experiencing a ransomware attack in 2023, highlighting the true scale of the challenge. 

 

A particularly troubling trend is the emergence of highly coordinated ransomware groups that target critical infrastructure and major institutions. Groups such as Black Basta and Rhysidia have executed attacks on entities like Southern Water and the British Library, employing double extortion malware that encrypts and extracts sensitive data to maximise the victim’s potential payout.

 

For organisations that experienced a ransomware attack in the past year, 83% chose to pay the ransom, highlighting the lucrative nature of these attacks and their perceived effectiveness. 

 

Navigating the evolving ransomware landscape demands concerted efforts from organisations. Implementing robust software and infrastructure, fostering internal collaboration, enforcing network segmentation, and adopting multi-factor authentication (MFA) are just some of the essential steps in bolstering resilience.

 

Within an organisation, staff must also receive proper training on security procedures and how to spot early signs of attacks, such as unauthorised log-in attempts or network infringements. Although AI has aided attackers, it can also be used as a defence tool to detect anomalies and flag unusual attempts in real time. 

 

The rise of deepfakes 

The proliferation of AI-powered deepfakes is another concerning trend. While deepfakes have been circulating online for years – ranging from phone calls impersonating the US president to the rise of non-consensual deepfake pornography – recent advancements in generative AI coupled with a volatile political backdrop have heightened their potential for harm.  

 

Deepfakes possess the ability to erode public trust, rapidly disseminate misinformation, increase identity theft and fraud, and undermine fundamental communication tools across business, politics, and daily life. In the corporate world, deepfakes are primarily deployed to extract valuable data and assets, as seen by incidents like the $25 million fraud case where police in Hong Kong claim an employee fell victim to a deepfake impersonation scheme. 

 

Combating deepfakes is not an easy task, requiring concerted efforts from regulators, tech companies, and the public. Employee training programs focusing on deepfake detection and reporting, coupled with stringent security protocols around financial transactions are indispensable in mitigating these risks. 

 

Building digital resilience 

Organisations face a real uphill battle to bolster their defences and strengthen their digital backbone. With cyber-threats evolving faster than ever – from ransomware to the looming threat of deepfakes and AI – the challenge has never been clearer.

 

Addressing these risks demands a holistic approach and a strong cyber-security strategy. Whilst regulatory frameworks and technological innovations form part of the puzzle, organisations bear the primary responsibility for safeguarding their data, people, and reputation.

 

This means ensuring employees have the tools and education needed to help identify threats and anomalies, developing a robust continuity plan that helps maintain essential business operations during disruptions, and regularly testing all resilience strategies to ensure any gaps in security are identified and filled as soon as possible. 

 

As the landscape continues to evolve, integrating digital resilience into the very fabric of operations will be a strategic imperative. Those who don’t act face a difficult road ahead.

 

---

 

Audra Streetman is a Security Strategist at Splunk SURGe

 

Main image courtesy of iStockPhoto.com and marrio31