Cyber threats and cyberattacks are no longer novel terms in the present era. Organisations, big and small, need to take on a proactive approach towards preventing various cyber threats and implementing policies that can guarantee security in an ever-evolving digital world.
The shift from centralised computing to cloud-based services — although considered secure — has exposed security gaps vital for an organisation to identify.
The implementation of cyber security solutions that in addition to providing traditional security, supplement cloud-native solutions is essential. It is imperative to understand these threats, some of which are listed below.
Cryptojacking is relatively a new form of cyberattack and quite hard to determine. Mining for cryptocurrencies like Bitcoin requires computing power, and cybercriminals have found ways to access cloud computing systems using their computing power for cryptocurrency mining.
More than 34 per cent of the organisations globally are affected by insider threats yearly — it may be due to an employee going rogue but mostly it’s a result of negligence or human error
It slows down the system and the issue might seem to be a slower internet connection or an update patch and it may take very long to determine that the system has been cryptojacked
2. Data breaches
Most of the cyberattacks take place in order to steal data by attempting to gain unauthorised access to the cloud network. Besides data, which is all so important, it puts a business at risk of having stolen intellectual property, facing hefty fines by the General Data Protection Regulation and most importantly, losing the trust of its customers.
3. Denial of Service (DoS) Attack
DoS or DDoS attacks are orchestrated to bring down a server or multiple servers at the same time. Attackers flood the targeted systems with bursts of traffic so that the systems’ buffering capability exhausts, causing it to slow down and eventually shut down. Hence the services provided by the systems are attacked and become inaccessible to users resulting in a loss of business.
Malware is an intrusive software that cybercriminals look to inject into a computer system through phishing or network breach to steal data.
Typically, organisations are focused on preventive tools to stop network breaches. They assume that by securing the perimeter, they’ll be safe from cyberthreats. However, some advanced malwares do find their way into the networks.
It’s crucial to continuously monitor and detect malware that has breached the perimeter defence. Implementation of multi-layered protection is required to prevent malware from breaching a network.
5. Insider threats
More than 34 per cent of the organisations globally are affected by insider threats yearly. It may be due to an employee going rogue but mostly it’s a result of negligence or human error.
Proper training and understanding of cybersecurity amongst staff at all levels is vital to guarantee prevention against insider threats. Ensuring that a proper off-boarding process is in place when an employee resigns is also crucial here. Their access to company data must be restricted by the removal of login credentials.
6. Hijacking accounts
Hackers use an employee’s account as a gateway to gain access to the whole network. They use password cracking techniques and phishing emails to gain access to accounts, so it also falls under the category of insider threats.
Hijacking can be prevented by proper user accounts management. It means that every user account throughout the organisation is given access to only essential information. Therefore, if an account is compromised, data leakage is minimal. Additionally, accounts’ monitoring and regular password changes should be implemented.
7. Insecure applications
Even a highly secure network is vulnerable due to external applications. Third-party applications and services are often prone to serious cloud-security risks. Before installing certain applications, they must be tested rigorously to ensure they pose minimum risk to the network’s cybersecurity.
Staffers should also be prohibited from downloading or installing applications on their own. The IT team must approve an application before it is installed on the system. Also, the installed applications should be patched with available updates regularly.
Recent cyberattacks in Pakistan
An exponential rise in cyberattacks has been recorded since the Covid-19 pandemic and it’s projected to grow in the coming years. By the end of September 2021, cyberattacks had already succeeded by 17pc as compared to 2020.
The Pakistan government and private sector face the same challenges hence serious actions are needed to be taken to reduce network breach risks. Some of the recent and critical cyberattacks are listed below:
National Bank of Pakistan
On October 19, 2021, NBP’s services went down due to a cyberattack. It’s claimed that due to prompt response, affected systems were isolated from the network and any data breach or financial loss was prevented.
Federal Board of Revenue
The FBR’s data centre was hit by a cyberattack in August 2021 causing disruption to all the FBR’s websites. Even after the websites were restored after three days, they have faced several disruptions to date. As per Finance Minister Shaukat Tareen, the FBR faces 71,000 cyberattacks every month.
The writer is a visiting faculty member at Indus University, Karachi
Published in Dawn, The Business and Finance Weekly, January 31st, 2022