A look back on cyber security over the past year

05/01/22

Resolve’s Technical Account Manager Luke looks back on what’s changed from a cyber security perspective over the past 12 months…

If you’re reading this then you probably don’t keep up with cybersecurity news, if you do happen to, then you’ll already know that the past year has seen one large scale cybersecurity incident after another. Below I’ll delve into some of the latest cyber security attacks to make the headlines over the past year, and detail why such attacks appear to be on the rise. 

Dodge cyber security threats with our guide to spotting the red flags in questionable emails

Ransomware attacks

Over the past 12 months there’s been an ever-increasing number of ransomware attacks (ransomware encrypts files and folders across a business and demands a ransom for decryption), with some of the most prominent attacks even hitting mainstream news.  A couple of recent examples include…

And it’s not just ransomware on the rise, 2021 also saw its fair share of novel attacks and software vulnerabilities

A few months later, Microsoft then had to contend with the print nightmare vulnerability, in which PCs / servers running the print spooler (most of them do, and if you print, then yours certainly does) could be used to authenticate users at the system level. So an attacker getting into a regular user profile could give themselves above admin level access. Both this and the above exploit had to be fixed by patches, and in the case of the latter, additional registry edits. (6)

The above are just some of the more prominent cyber-security issues of the last year, but many more happen on a smaller scale all of the time. The 2021 Cyber Security Breaches Survey found that 39% of UK businesses have had a security breach or attack in the last 12 months. (7)

Why are cyber attacks on the rise?

We can never say for certain why the number of cyber-attacks have increased over the past year or so, but a very likely candidate more recently has been the rise of the COVID pandemic and the need for a speedy and prolonged move to remote working. This in itself will have opened businesses up to many new attack surfaces, such as through Virtual Private Networks, Remote Desktop Protocol and the interactions between these and other remote connection methods and potentially users home PCs, which tend to be far less secure than business managed ones.

There has also been a steady increase in state-sponsored hackings (8), and regardless of whether hackers fall into this category, or criminal gangs, the practice can be very profitable (for the hackers), in terms of money or information, yet have devastating financial affects for the hacked companies. Many of the larger companies which are falling victim to cyber-attacks are paying out their ransoms, which only encourages more of the same malicious attacks.

The before mentioned Breaches Survey also have plenty to say about the nature of breach attempts, with a staggering 83% of businesses reporting phishing attempts in the last year (phishing being emails trying to get usernames and passwords from workers one way or another) (7). It can’t be stressed enough how important vigilance by employees is to preventing breaches.  Tactics such as phishing and calls / emails impersonating others to get credentials are broadly referred to as “Social Engineering” attacks. They rely on circumventing some of the technological protections such as strong passwords, antivirus and security policies, by going straight for the one thing that is generally not directly monitored and controlled…users.

It should go without saying, but just looking at the above cyber security breach examples should give you more than enough reasons to make sure your business is cyber secure, both from a technical and staff training standpoint so that you as a business stand the best chance of not being the next cyber-attack victim.

If you would like a more in-depth chat about cyber security and its affect on businesses, do get in touch.  We also have a ‘Social Engineering Red Flags’ infographic which will help guide you on cyber security threats to look out for…

Sources

(1) - https://www.bloomberg.com/news/articles/2021-06-04/hackers-breached-colonial-pipeline-using-compromised-password

(2) - https://www.bbc.co.uk/news/business-57423008

(3) - https://www.bleepingcomputer.com/news/security/accenture-confirms-hack-after-lockbit-ransomware-data-leak-threats/

(4) - https://www.businessinsider.com/solarwinds-hack-explained-government-agencies-cyber-security-2020-12?r=US&IR=T

(5) - https://www.zdnet.com/article/microsoft-exchange-zero-day-attacks-30000-servers-hit-already-says-report/

(6) - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

(7) - https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2021/cyber-security-breaches-survey-2021

(8) - https://www.computerweekly.com/news/252499042/Nation-state-cyber-attacks-double-in-three-years

let's start the ball rolling

Fill in the form or use the contact details below and we’ll get our expert team to put together a package that’s personal to your business.

hello@resolve.co.uk
Sales: 0114 213 4555
Support: 0114 299 4050