Tag Archives: Cyber Espionage

BlackBerry Cylance outlines cyber security predictions for 2020

Josh Lemos, vice-president of research and intelligence at BlackBerry Cylance, has put forward some predictions on cyber security trends for 2020 that will impact Governments and companies across a variety of industry sectors.

(1) Uncommon attack techniques will emerge in common software

Steganography, the process of hiding files in a different format, will grow in popularity as online blogs make it possible for threat actors to grasp the technique. Recent research at BlackBerry found malicious payloads residing in WAV audio files, which have been used for decades and categorised as benign.

Businesses will begin to recalibrate how legacy software is defined and treated and effectively invest in operational security around them. Companies will look for ways in which to secure less commonly weaponised file formats, like JPEG, PNG and GIF, etc without hindering users as they navigate the modern computing platforms.

BlackBerryCylance2020Predictions

(2) Changing network topologies challenge traditional assumptions and require new security models

Network-based threats that can compromise the availability and integrity of 5G networks will push Governments and enterprises alike to adopt cyber security strategies as they implement the 5G spectrum. As cities, towns and Government agencies continue to overhaul their networks, sophisticated attackers will begin to tap into software vulnerabilities as the expansion of bandwidth that 5G requires inevitably creates a larger attack surface.

Governments and enterprises will need to retool their network, device and application security. We will see many lean towards a zero-trust approach for identity and authorisation on a 5G network.

Threat detection and threat intelligence will need to be driven by Artificial Intelligence and machine learning to keep up.

(3) 2020 will see more cyber-physical convergence

As all sectors increasingly rely on smart technology to operate and function, the gap between the cyber and the physical will officially converge. This is evident given the recent software bug in an Ohio power plant that affected hospitals, police departments, subway systems and more in both the US and Canada.

Attacks on Internet of Things (IoT) devices will have a domino effect and leaders will be challenged to think of unified cyber-physical security in a hybrid threat landscape.

Cyber security will begin to be built into advanced technologies by design to keep pace with the speed of IoT convergence and the vulnerabilities that come with it. 

(4) State and state-sponsored cyber groups alike are the new proxy for international relations

Cyber espionage has been going on since the introduction of the Internet, with Russia, China, Iran and North Korea seen as major players. In 2020, we will see a new set of countries using the same tactics, techniques and procedures as these superpowers operate against rivals both inside and outside of national borders.

Mobile cyber espionage will also become a more common threat vector as mobile users are a significant attack vector for organisations that allow employees to use personal devices on company networks.

We will see threat actors perform cross-platform campaigns that leverage both mobile and traditional desktop malware. Recent research discovered nation state-based mobile cyber espionage activity across ‘The Big 4’, as well as in Vietnam. There’s likely to be more attacks coming in the future. This will create more complexity for Governments and enterprises as they try to attribute these attacks, with more actors and more endpoints in play at a larger scale.

Leave a comment

Filed under Risk Xtra

Cyber Europe 2014: ‘Biggest ever cyber security exercise in Europe’ states ENISA

Today, more than 200 organisations and 400 cyber security professionals from 29 European countries are testing their readiness to counter cyber attacks in a day-long simulation exercise organised by the European Union Agency for Network and Information Security (ENISA).

During the course of Cyber Europe 2014, experts from the public and private sectors including cyber security agencies, national Computer Emergency Response Teams, ministries, telecoms companies, energy firms, financial institutions and Internet Service Providers will be testing their procedures and capabilities against a life-like, large-scale cyber security scenario.

#CyberEurope2014 is the largest and most complex exercise of this nature organised in Europe. More than 2,000 separate cyber incidents will be dealt with, including Denial of Service attacks to online services, intelligence and media reports on cyber attack operations, website defacements (attacks that change a website’s appearance), ex-filtration of sensitive information, attacks on critical infrastructure (such as energy or telecoms networks) and the testing of EU co-operation and escalation procedures.

This is a distributed exercise involving several exercise centres across Europe and co-ordinated by a central exercise Control Centre.

More than 200 organisations and 400 cyber security professionals across Europe join forces today during the first phase of ENISA’s bi-annual cyber security exercise designated Cyber Europe 2014

More than 200 organisations and 400 cyber security professionals across Europe join forces today during the first phase of ENISA’s bi-annual cyber security exercise designated Cyber Europe 2014

Speaking about today’s event, European Commission vice-president Neelie Kroes commented: “The sophistication and volume of cyber attacks are increasing every day. These attacks cannot be countered if individual states work alone or just a handful of them act together. I’m pleased that EU and EFTA Member States are working alongside the EU institutions with ENISA bringing them all together. It’s only this kind of common effort that will help keep today’s economies and societies fully protected.”

Professor Udo Helmbrecht (ENISA’s executive director) added: “Five years ago there were no procedures in place to drive co-operation between EU Member States during a cyber crisis. Today, we have the procedures in place on a collective basis to mitigate a cyber crisis on a European level. The outcome of today’s exercise will tell us where we stand and identify the next steps to take in order that we make continual improvements.”

Sharing of operational information

Among other things, the Cyber Europe 2014 exercise will test procedures for the sharing of operational information on cyber crises in Europe, enhance national capabilities for tackling cyber crises and explore the effects of multiple and parallel information exchanges between private-public and private-private at both the national and international levels.

The exercise is also designed to test the EU Standard Operational Procedures (EU SOPs), a set of guidelines specifically designed for the sharing of operational information on cyber crises.

Professor Udo Helmbrecht: executive director of ENISA

Professor Udo Helmbrecht: executive director of ENISA

Increased sophistication of cyber attacks

According to ENISA’s Threat Landscape Report, which was published last year, threat agents have increased the sophistication of their attacks. It has become clear that maturity in cyber activities is not a matter for just a handful of countries. Rather, criminals in multiple countries have developed capabilities that can be used to infiltrate all kinds of targets – Governmental and private – in order to achieve their objectives.

In 2013, global web-based attacks increased by almost 25% while the total number of reported data breaches was 61% higher than in 2012. Each of the eight most prevalent forms of data breach resulted in the loss of tens of millions of data records, in turn exposing no less than 552 million identities.

According to industry estimates, cyber crime and espionage accounted for between $300 billion and $1 trillion in annual global losses during 2013.

This latest exercise simulates large-scale crises related to critical information infrastructures. Experts from ENISA will issue a report with key findings after the exercise ends.

#CyberEurope2014 is a bi-annual, large-scale cyber security exercise. It’s organised every two years by ENISA, and this year counts 29 European countries (26 from the EU and three from the EFTA) plus EU Institutions among its cohort. The exercise takes place in three phases throughout the year, as follows:

*Technical: Involves incident detection, investigation, mitigation and information exchanges (completed in April)
*Operational/tactical: Dealing with alerts, crisis assessment, co-operation, co-ordination, tactical analysis, advice and information exchanges at the operational level (taking place today and during early 2015)
*Strategic: Examines decision-making, political impacts and public affairs

ENISA's headquarters in Greece

ENISA’s headquarters in Greece

In the cyber security strategy for the EU and the proposed Directive for a high common level of network and information security, the European Commission calls for the development of national contingency plans and regular exercises, testing large-scale networks’ security incident response and disaster recovery capabilities.

ENISA’s new mandate also highlights the importance of cyber security preparedness exercises in enhancing trust and confidence when it comes to online services across Europe. The draft EU SOPs have been tested over the last three years, including during the course of Cyber Europe 2012.

Leave a comment

Filed under Risk UK News