This article was written by Steven Jupp, CEO at Avem Capital Limited.
Having spent most of my life working with technology companies, firstly as a hobby, then as a career and finally as an owner, I have seen many changes in businesses’ perception of security. Coupled with these changes there have been a variety of advances in the methods used to hack, crack, phish and infect technology-based systems.
In today’s world it has unfortunately become commonplace that we are facing an ever-growing threat from an increasing scope of technologically focused criminals. As we are seeing in the physical criminal world, the world of cybercrime is also growing and increasing in line with the opportunities it creates. It is evident that these opportunities are not only for those using technology to enrich their daily lives, but these opportunities are also for criminals exploiting its use as well.
The world of cybercrime is growing and increasing in line with the opportunities it creates
In a world where businesses can be brought to their knees within minutes or held ransom to large financial demands, one would expect a financial firm to adopt the highest degree of logical security to match the physical building’s security. I myself have witnessed horrific networks, bolted together by inexperienced IT engineers or even admin staff, attaching just about everything possible to a so-called, secure infrastructure.
I started writing this article a few weeks prior to the Wannacry ransomware propagation of the internet of everything. Poorly patched and out of date operating systems were the cause of a global outbreak of which many in the logical security sector would deem ridiculous.
On a number of occasions I have read about previous ransom operations, whether directly attacking a corporation, or worm type attacks as seen with Wannacry. Aside from the ones reported in the press, there is also a worrying trend on the number of hidden attacks, not disclosed to public by corporations. This was reported by a number of security officials, including myself, as far back as 2008 and then through the Securities and Exchange Commission of the US requesting disclosure in October 2011.
Some now argue that companies keeping these attacks secret may lead to quicker fixes, but I would consider them to actually be protecting their entities from reputational harm. In some guises, there is obviously a need for the consideration of secrecy, but I would argue that in the world of finance, where regulation is increasing, the disclosure of such attacks is paramount to the client’s financial integrity.
Previously, most disclosures have been based on identity theft, account details and even the recent 191 million US voter registration records loss. However, with a new world of financial gains being made through ransom, we now enter a potentially catastrophic situation whereby a hedge fund or financial institution is held to ransom by organized crime. If the company is made to report the attack immediately, they could complicate / elongate the process of strengthening their cyber defense systems. Leaving the attack undisclosed however, could lead to a further attack of other firms.
There is currently an unhealthy wave of patchy laws and regulation globally
There is currently an unhealthy wave of patchy laws and regulation globally. This has led to mainly voluntary sharing of threat information. The governments of the world need to act extremely fast or the financial sector risks being a ‘cherry to pick’. The finance industry is fast becoming a rich flavor for the organized and even less organized crime syndicates around the globe and our collective efforts are required to detract anyone who thinks they can benefit from this.