Cyber risk update for 2024
Published: Thursday, 8 February 2024
What are the 6 main cyber threats facing professional firms this year?
You need to know what to look out for
Colin Fox gives an overview of the latest cyber threats facing professional firms in 2024:
The cyber threat landscape continues to evolve as cyber-attacks become increasingly sophisticated. With technology always advancing, this enables hackers to be armed with new techniques of compromising computer systems, causing harm and disruption to both businesses and individuals.
The established modes of attack will continue to feature but they too are developing as hackers find new methods to use with their existing armoury.
Firms need to ensure that they are aware of the likely threats that may affect their business:
Ransomware
Since its early use by hackers, this has developed in both the methods utilised but also the ease in which it can be applied in launching a malware attack. New strains are appearing on a regular basis as they are endeavour to outwit cyber security defences. This remains the foremost mode of a cyber–attack and where cyber insurers see most claims.
Phishing
Humans are always the weakest link in cyber security. Phishing attacks remain a fruitful source of income for threat actors where large fund transfers take place e.g. conveyancing or merger and acquisition activity.
A click on a seeming less innocent e-mail link can lead to a ransomware attack and the loss of data. This ‘double’ form of extortion is very easily accomplished by new and existing phishing techniques.
Artificial Intelligence (AI)
The use of Generative AI by hackers is gathering pace due to its ease of use and its effectiveness. This is perhaps the greatest concern for businesses as it is possible to develop complex malware that security systems may not have the most up to date controls in place to combat such an AI instigated cyber–attack.
The Cloud
Whilst the Cloud has been considered a safe, cost-effective solution to store data, it is now being increasingly targeted by hackers. It is important that robust defences and adequate controls are put in place, but this is not always the case. With so many businesses now almost totally reliant on cloud technology this is a concern that the risk of cyber attacks will increase.
Managed Service Providers
Your supply chain is likely to be key to the businesses and particularly relevant to those within the SME sector. If this entity is compromised it can bring about a loss of data or severe business interruption loss. Within this spectrum are Managed Service Providers (MSP’s) who are employed for their IT specialism and cyber security expertise. Recent activity shows that MSPs are increasingly being targeted as they are perceived as a 'gate keeper' to a business.
The Geopolitical Factor
As the Ukraine and Russian conflict enters its third year, the spotlight has moved to the Israel – Hamas war. Israel is an advanced and sophisticated cyber security nation developing cutting edge technology and techniques. Hamas are also known to have carried out cyber–attacks in retaliation. There is potential for this to ramp up to a more meaningful level with the possible fall out impacting on other countries around the world.
The cyber landscape is constantly evolving. Your firm’s resilience to cyber threats will continue to be tested. Robust security controls, regular staff training, a strong back up plan and comprehensive cyber insurance will protect your firm’s data and assets.
Colin Fox
Cyber Insurance Consultant, Ntegrity
colin.fox@ntegrity.co.uk