International trends in cybercrime show an increasing sophistication by both organized crime and hostile nation states. These cybercriminals are continuing their efforts against high-value targets that include the industrial, IT, and infrastructure sectors. This activity is occurring at a time when many organizations are struggling to develop integrated cybersecurity solutions.
Cybercrime Exploitation of Uncertainty
Cybercrime trends show continued use of familiar methodologies, such as Distributed Denial of Service (DDoS), phishing attacks, and ransomware attacks. They have however, been quick to adapt strategies to tailor their cyber attacks to exploit opportunities presented by issues of the day. The Microsoft Digital Defense Report released in September 2020 showed a large number of COVOID-19 themed attacks that started in February 2020 that trailed off in April 2020.
Similar findings were found in EUROPOL’s Internet Organised Crime Threat Assessment. This bringss additional challenges to law enforcement agencies involved in cybercrime investigations as they must continually respond to a changing cyber threats profile.
Industry Slow to Achieve Cybersecurity Maturity
Many industrial sectors have been reluctant to adopt systematic approaches to cyber hygiene. Effective cybersecurity for organizations must include an Information Security Management System (ISMS). An ISMS is a collection of policies, procedures, controls, and incident responses that systematically address information security in an organization. It is a framework based on risk assessment and risk management.
This has been the case with numerous businesses in the United States contracting with the Department of Defense (DoD). In 2020, the interim ruling, DFARS 252.204-7012, placed cybersecurity requirements on Department of Defense (DoD) supply chain contractors vendors to complete security compliance with NIST SP 800-171 DoD assessment methodology.
This has left many smaller businesses scrambling to meet SPRS Cybersecurity Assessment Requirements. Once this challenge has been met they must move towards future Cybersecurity Maturity Model Certification (CMMC) to protect Controlled Unclassified Information (CUI) in the defense industry supply chain.
Industry, Infrastructure, Internet of Things Devices, and Industrial Control Systems
Many manufacturers and public infrastructure providers have implemented Internet of Things (IoT) devices to increase efficiency and productivity. Billions of these devices are currently in use worldwide. These devices are used in smart home products, wearable technology, health monitoring devices, alarm systems, and transportation equipment. They can also be found in industrial controls technology, agriculture, military, and infrastructure applications.
Most manufacturers implement such devices to control processes and gather critical data. Unless these devices are correctly selected and properly implemented they present vulnerabilities for data breach of personal data, proprietary data, and industrial process control. For example, in February of 2021 a hacker was able to access controls of a city water treatment facility, increasing levels of lye to dangerous levels.
Managed Service Providers Cybercrime Vulnerabilities
Managed Service Providers (MSP) allow businesses to outsource functions such as human resources, IT, and payroll. These companies provide tempting targets for cyber crime. In 2020 there were numerous high profile incidents involving MSPs.
Once the MSP has been compromised the attack can be spread throughout its clients’ information with the same administrative rights as the service provider. The attack can then result in stolen data and/or a ransomware attack to the client.
Understanding the Players
Cybercriminals control a vast underground economy worth trillions of dollars a year. Hacking enterprises offer their services for hire and sell their stolen private and proprietary data online. These players specialize in specific methods to meet their clients needs. Beyond the hackers, dealers of stolen data create wealth to fund other activities including human trafficking.
Hostile nation states are key players in cyberattacks. While countries like China are openly engaged in stealing proprietary information to further its economic gains, others like North Korea have funded their missile development programs through cybercrime. A United Nations panel reported that North Korea is conducting operations against financial institutions and virtual currency exchanges.
According to the Microsoft threat report, nation state targets include IT organizations, commercial facilities, critical manufacturing, financial services, and the defense industrial base. The goals of these attacks is to acquire proprietary and confidential information and disrupt infrastructure facilities.
Responding to the Threats with ISMS
Responding effectively to international trends in cybercrime requires an integration of technological and management measures in an Information Security Management System framework. This framework should acknowledge that a majority of industry peers have experienced a data breach and create viable incident responses that can detect, respond, and recover.
An ISMS should maintain accurate asset inventory, identify data flows and remote accesses so that an organization can conduct risk assessments and institute effective controls, policies, and procedures. Risk management should also identify the gap between an organization’s current current state of control practices and its desired state and create gap remediation.
These controls must then be integrated with appropriate security management technology. Such technologies include physical security, multiple layer firewalls, and breach detection. These tools provide methods to secure, defend, contain, and monitor data.
CVG Strategy Information Security Management System Consultants
International trends in cybercrime present challenges to organizations of all sizes. We can help you meet your information security management system goals. CVG Strategy QMS experts are Exemplar Global Certified Lead Auditors. We can provide the training required to understand and engage in a ISMS and make it meet desired objectives.