Lockdown just a catalyst for latest cybersecurity attacks

Blaming lockdown and the pandemic for the latest flurry of attacks is too simplistic and hides the fundamental cybersecurity problem New Zealand is facing, says an expert in the Dark Web.

Joerg Buss, a director at Darkscope, says organisations are using local fire fighting to try and douse the rising global heat of cyber threats and it won’t work:

“People see reports about a cyber breach and immediately think they should buy security and tick a box, and then it happens again. Pouring a bucket of water on a campfire that’s out of control is not going to stop the inferno.”

Buss says the issue is perspective and understanding by organisations who think defence is the only form of protection.

“More time needs to be spent on researching threats, where they come from and what could ignite an attack. Once they have this, then they should invest in the right protection.

“Our current lockdown may have put a target on the back of New Zealand, but the internet is awash with constant potential attacks that will hit, pandemic or no pandemic,” he says.

Darkscope currently analyses over 200 million data points each week and has seen a significant increase in activity in recent months. A big change has been attackers changing tactics to target victims and hackers, or Threat Actors, collaborating to develop new strategies.

He emphasises that cyberattacks are now just part of business, they are not going away and there is a desperate need to be better at understanding what we are up against.

“Currently, we still don’t know what we don’t know and our reaction is usually to a transient symptom rather than looking at the fundamental problem.

“What is needed is a deeper appreciation of who the cyber attackers are and how they think," he says.

“They’re not hooded tech geeks working in a dim basement - they work for organisations that look like any other business, they have strategy workshops, business plans, bright offices and even expense accounts. There’s even collaboration between hacking organisations.

“Their work is carried out on the Dark Web and until New Zealand organisations understand what’s happening in this clandestine environment they will not be protected against future attacks that will keep on coming, long after Covid is history.”

Some numbers

The number of successful attacks published by Threat Actors themselves has increased by 400% in recent months. Darkscope’s Watchtower service discovers large data breaches daily involving terabytes of personal and financial data being available for free, in retaliation for ransomware not being paid. .

In addition to these, the system has seen over 180k offers for stolen data ranging from $5 up to $500k. These data are from organisations ranging from small New Zealand based businesses to multinational corporations with offices around the world. No business is too small or too large for these Threat Actors.

© Scoop Media