Guest Blog: Val Gabriel of HP Ireland
With Irish SMEs paying out twice the average EU rate in cyberattack ransom money, Val Gabriel of HP Ireland has some advice on resisting attacks
Over the past decade, digital transformation has supercharged both sides of the attack-defence divide, exposing corporate networks and empowering threat actors to do their worst when it comes to cybercrime. Locally, research commissioned by the European Commission shows that 32% of SMEs in the Republic reported some type of illegal online activity affecting their business since 2021.
These instances are being driven by a highly professionalised cyber-threat supply chain that is enabling threat actors with little know-how and limited resources to imperil personal, economic, and national security.
The bad news is that cybercrime innovation hasn’t stopped. According to ‘The Evolution of Cybercrime: Why the Dark Web is Supercharging the Threat Landscape and How to Fight Back – a HP Wolf Security Report’, in the future we could see emerging technologies like AI and quantum computing be abused to line the pockets of criminal groups and even further nation state goals.
Research from the European Commission also revealed that 12% of Irish SMEs who were victims of cybercrime said they had paid ransom money — double the EU average. It also found Irish SMEs recorded above-average levels of incidents with ransomware, with 8% reporting such cases. This too is double the EU average.
The key to resistance will be mastering security basics, planning for the worst, and encouraging collaboration across industries.
The reality
Criminals have always been among the first to take advantage of new technology, and the internet was no exception. Today’s cybercrime economy is characterised by complex supply chains comprised of individuals with highly specialised skills. Network access, control and persistence is prized above all else, whether via credentials or exploiting vulnerabilities. The supply for both has exploded, lowering prices and barriers to entry.
As part of the report, HP Wolf Security commissioned a three-month analysis of underground markets and forums, revealing that compromised remote desktop protocol (RDP) credentials are selling on average for just under €5 each, and that over three-quarters of malware adverts listed are under €10, and nearly all (91%) adverts relating to exploits are under €10.
Value-added services rolled out by malware sellers make launching attacks even easier for those with few technical skills. They tout one-to-one mentoring, exemplary customer support and discounted malware hosting through bulletproof hosting providers. HP Wolf Security’s cybercrime report concludes that just 2-3% of sellers are actually coders, reducing cybercrime to a series of reproducible, procedural steps that threat actors can follow again and again to make money.
In this new world, trust and reputation are everything. Vendor feedback scores are ubiquitous, of course, and most sites offer dispute resolutions and escrow payments. But we also observed that 77% of criminal marketplaces now require a “vendor bond” or licence to sell, which can cost threat actors thousands.
Scanning the horizon
Looking to the future, where might the next explosive threat come from? The short answer is that we’re likely to see a continuation of the collaboration, specialisation and professionalisation witnessed to date.
Hackers will continue to exploit the expansion of corporate attack surfaces, perhaps upping the ante with extortion attacks timed to create the most disruption.
As always, they will be first to use emerging technologies. Quantum computing could be deployed to supercharge decryption efforts. A decentralised, blockchain-based internet could also open up new opportunities to create reputation systems that support the cybercrime economy, which may be harder for the authorities to take down.
AI could also be used to automate the selection of targets from a victim’s address book and build highly convincing spear-phishing attacks based on previous communications, helping to improve ROI.
Resilience, best practices and collaboration
We all need to do more to fight the growing instances of cybercrime in Ireland. For individuals, this means become more cyber aware. For organisations, there is a need to focus on mastering the basics, planning for resilience, and collaborating to reduce risk.
By “mastering the basics” we mean following best practices like multi-factor authentication, IT asset discovery and management, vulnerability management and controls to restrict what can be installed on machines. But it also includes prioritising self-healing hardware to boost resilience in the event of a breach. In addition, organisations must shut off common attack routes, such as those delivered via email and the web, which could be neutralised through techniques such as threat containment and isolation.
Next comes resilience — achievable by putting in place the people, processes, and technology to detect, prevent and recover from any attack before it gets serious. This means planning for the worst-case scenario, putting the processes in place to limit supply chain and insider risk, and practicing incident response repeatedly.
Finally, remember security is a team sport. Collaborate with peers, invest in third-party security assessments and penetration testing, and gather and share threat intelligence with industry peers — to see what’s happening now and what might be around the corner.
Today’s cybercrime underground is not dissimilar to the workings of a factory. It features a high degree of specialisation, with criminal labour sub-divided into niche roles, while other tasks have been distilled into repeatable, almost automated workflows. It is also undeniably industrial in scale and impact.
Understanding these dynamics is the first step on the road to building greater resilience against a formidable adversary. The bad guys may be first to take advantage of new technologies. But with better insight, defenders can build effective strategies to mitigate the impact of cybercrime head on.
- Val Gabriel was appointed managing director of HP Ireland in May of this year