Covid-19 has driven a significant increase in the number of people spending more time online. An unfortunate consequence is that criminals are looking to exploit the situation for monetary gain and instances of cyber fraud are on the rise. When the total cost of a simple business email compromise could be upward of £1 million—plus the stress it causes to the victim—security leaders should prioritise prevention, but plan for attack.

Last week I was joined by peers from the financial services, cybersecurity and law enforcements for a techUK webinar, discussing the rise of cyber fraud and how law enforcement agencies and the financial services (FS) sector are tackling this. We covered the rising trends, including threats arising from emerging technology, and suggestions for tackling cyber fraud. Here are the highlights:

  1. Covid-19 accelerates the need for adaptive security

The reality is that there’s no quick fix to the cybersecurity issues presented by the global pandemic. With more people online for longer periods of time, it has opened the door to opportunistic threats. Social engineering is an amazingly powerful mechanism to exploit human weakness, and we’ve seen lots of new phishing campaigns spring up using the vaccine, Covid testing and PPE to lure people into clicking. Security leaders should consider embracing adaptive security–putting the right controls and monitoring in place to help create a safe and secure working environment for their enterprise.

<<< Start >>>

 

<<< End >>>

  1. Attacks targeting business continuity are becoming more sophisticated

Cyber-attackers have aggressively targeted established platforms, and these compromises are a breeding ground for malicious activities. As attackers become more innovative and sophisticated, they’re able to design campaigns that evade detection. That’s why it’s so important for security leaders to identify and track priority adversaries and then threat-hunt against the specific behaviours those attackers employ.

  1. Masked or “noisy” cyberattacks complicate detection

Data-intense systems and services that communicate externally can make it easier for adversaries to hide their traffic in the background noise. Attackers are routinely using off-the-shelf tools combined with “living-off-the-land techniques” –a phrase describing the creative abuse of readily available tools–to divert attention through a “noisy” attack. This means that they create a lot of signals so that the organisation’s cyber team are diverted, leaving the attacker to achieve what they set out to do. The instances of spear phishing – a targeted attempt to steal sensitive information from a specific victim for malicious reasons by acquiring personal details on the victim–are on the rise too. We’ve also seen organised cybercriminal groups continue to try to compromise their victims’ supply chains. Continuous and bespoke threat intelligence is a priority–from strategic to tactical and technical–as is an intelligence-led security approach that focuses on the most important mitigations for identified adversaries.

  1. Ransomware is a profitable business for threat attackers

Since the first lockdown in 2020, phishing attack creators have become hyperactive, offering their services on an aggressive scale. As well as finding new ways to infect business systems with ransomware, attackers are finding new ways to influence victims to pay. There is a “name and shame” approach, which adds pressure on victims to pay up. Even though law enforcement and the cybersecurity industry have always advised against paying ransoms, our latest research found that in the second quarter of 2020, the average ransom payment rose by up to 60 per cent from the previous quarter. Sadly, this situation could become far worse. As threat actor profits increase, they can innovate and invest in more advanced ransomware, and take advantage of the greater vulnerabilities of remote working.

  1. Being connected has consequences

With so many people working from home, many businesses may be using unpatched and untested devices, which pose a much more realistic and accessible target for attackers to exploit. Security leaders are fighting back, but Operational Technology (OT) threats still prompt the need for more effective security controls, and this will only become more important in the “anywhere, everywhere” workforce planning scenario that most organisations will be moving to post Covid. Going forward, security leaders should share knowledge about solving for common classes of vulnerabilities and develop standardised, simple systems that are easy to integrate.

The good news is that the private sector and law enforcement bodies are collaborating to develop best-practice for preventing cyber fraud and for protecting businesses and individuals. Ongoing collaboration is needed though–this isn’t the time to be complacent.

    Accenture Security

    Accenture Security is a leading provider of end-to-end cybersecurity services, including advanced cyber defense, applied cybersecurity solutions and managed security operations. We bring security innovation, coupled with global scale and a worldwide delivery capability through our network of Advanced Technology and Intelligent Operations centers. Helped by our team of highly skilled professionals, we enable clients to innovate safely, build cyber resilience and grow with confidence.  Follow us @AccentureSecure on Twitter or visit us at www.accenture.com/security

    Accenture, the Accenture logo, and other trademarks, service marks, and designs are registered or unregistered trademarks of Accenture and its subsidiaries in the United States and in foreign countries. All trademarks are properties of their respective owners. All materials are intended for the original recipient only. The reproduction and distribution of this material is forbidden without express written permission from Accenture. The opinions, statements, and assessments in this report are solely those of the individual author(s) and do not constitute legal advice, nor do they necessarily reflect the views of Accenture, its subsidiaries, or affiliates. Given the inherent nature of threat intelligence, the content contained in this report is based on information gathered and understood at the time of its creation. It is subject to change. Accenture provides the information on an “as-is” basis without representation or warranty and accepts no liability for any action or failure to act taken in response to the information contained or referenced in this report.

    Copyright © 2021 Accenture. All rights reserved.

    Sanjeev Shukla

    Cloud First Security Lead – Accenture Europe

    Subscribe to Accenture's Cyber Defense Blog Subscribe to Accenture's Cyber Defense Blog
    Subscribe