Cyber criminals to ramp up activity over holidays
Cybercriminals ramp up their activity over the holidays, according to Michael Mestrovich, CISO at Rubrik.
As the year comes to a close, Mestrovich looks at what organisations will face from cyber attackers in the New Year.
Avoid Cyber Scams Over Christmas
"While the holidays are generally filled with joy and happiness and offer us a time to take a break and relax, sadly cybercriminals don't take a vacation and in fact ramp up their activity in an effort to play the Grinch," Mestrovich says.
"While you are relaxing over the holidays, be sure to stay vigilant and keep the following Do's and Don'ts in mind when engaging with emails, texts, or calls."
Do not:
· Respond to emails or text messages from an unknown sender
· Open attachments, click on links in emails, or SMS text messages, sent from an untrusted or unknown source
· Reply to emails if there's no subject line or message body
· Accept coupons, unbelievable promotional deals, or shipping notices from senders that you don't normally conduct business with
Do:
· Verify the sender's name and email address
· Perform a cross-check through a different medium to ensure request legitimacy
· Scrutinise URLs in the web address before entering credentials into a login prompt
The attacks aren't going to stop
"Unfortunately, we will see more of the same in regards to cyberattacks in the coming year," Mestrovich says.
"Cybercriminals are making money hand over fist and until that changes, attacks will continue."
The need for machine learning and artificial intelligence will intensify
Mestrovich says the trend of more connected devices, driven by the Internet of Things, will accelerate as companies drive more automation to compensate for worker shortages.
"This combined with the general shortage of cyber professionals will force organisations to employ ML/AI at scale in order to keep up with the overwhelming volume of data that needs to be analysed to hunt for cyber threats."
Cybercriminals will keep hitting where it hurts
"Cybercriminals, backed by Foreign Intelligence Services, will continue to target critical infrastructure systems on a global scale, including water, power, emergency services and transportation in an effort to foment chaos and erode trust in civil services," Mestrovich says.
"Healthcare and education are two other sectors that will sustain cyberattacks, with the former having mortal consequences."
Private citizens will feel the impact
Mestrovich says as attacks will continue to hit services used by the general public, cybersecurity will become more of a hot-button issue.
"Federal and state agencies will need to step up their game and arm municipal service providers with the cyber defence measures they need to stay safe."
Properly prepared playbooks prevent pandemonium
"A playbook outlining best practices regarding cybersecurity (with institutional knowledge and guidelines) will be an essential part of municipal service providers response plan to attacks; they will not be able to afford top tier IT talent (of which there is already a shortage) so having a strategy supplemented by a rock-solid playbook will be the next best option," Mestrovich says.
Public sector + private companies = cyber defence dream team
Mestrovich says partnerships between the public sector and private organisations will become increasingly important in order to enhance software security and put up a credible defence against nation-state attackers, who have a wealth of resources at their disposal.
"Cyber criminals coordinate attacks, cyber defenders need to coordinate defence and response."