With the elections in many European countries this year, European businesses are increasingly afraid that cyber espionage will rise. Dread of criminal intrusion and malicious interference has become a popular source of angst in the wake of last year’s US presidential election, when Russian groups were accused of attempting to manipulate the result.
According to research conducted by Trend Micro, 36% of businesses in Italy, 34% in France, 20% in Germany and 17% in the Netherlands ranked cyber espionage as the top threat to their security. The survey sought the opinions of 2,402 enterprise IT decision makers across Europe and the US.
This result is quite surprising given that the most common type of attack in the last year was ransomware – 78% of respondents reported being hit by ransomware in the last 12 months at least once – compared to cyber espionage, which was reported by only 15% of businesses.
Unpredictability of cyber attacks is the biggest challenge
36% of companies said that being unable to predict cyber attacks is the biggest challenge, followed by the lack of understanding of the latest threats and the inability to keep up with the changing cyber attack landscape.
The only predictable thing about cyber attacks is that you will be attacked
“The variety of attacks is extremely wide, and varies from sophisticated social engineering attacks on key staff, through attacks on applications, to DDoS on public-facing infrastructure. All these attacks can be damaging to your organisation and all need different remediation techniques,” says Geraint Williams, head of technical services at IT Governance.
“The least suitable people to find vulnerabilities in your attack surface are the people who built the infrastructure and applications. Unlike dedicated red teams and external organisations, they often make assumptions about the attacks they will face, meaning they cannot think outside the box and replicate the unpredictability of genuine attackers.”
Reduce the impact of unpredictability with routine checks
“Having your systems regularly tested by skilled attackers is a good way to understand the attacks you will face, because the tester stays up to date with the tools and techniques that the malicious attackers will use,” Geraint says.
Through penetration tests, ethical hackers will perform controlled cyber attacks against your system and networks, similar to what black hat hackers would do, but without maliciously exploiting your vulnerabilities. Based on their analysis, you can strengthen your defences to keep your security ahead of criminals.