Speaking on the theme ‘The threats that should be keeping you awake at night’ at the FourSys SecureTour in London, independent computer security researcher Graham Cluley described the three main areas of concern for businesses in 2017.
Claiming that it is not about giving the audience nightmares, and not about nation-state hackers who "target private firms", Cluley said that the three main problems were: ransomware, insider threat and business email compromise.
Focusing on last weekend’s WannaCry ransomware outbreak, Cluley said that this was ransomware "on a scale never seen before", and "it hit so hard it took some hours before people came up with a logo!"
He added: “WannaCry did traditional things with Bitcoin, so what made it so different? It was not traditional ransomware; it was distributed by a worm-like feature and exploited a component in Microsoft Windows vulnerability and exploited the SMB protocol to spread very rapidly indeed.”
He went on to claim that ransomware has "truly been a threat over last few years" highlighting other instances of the NHS being hit, as well the San Francisco rapid transport being shut down, and it is also hitting mobile devices.
In the other cases, Cluley said that in the case of business email compromise, where an attacker poses as a CFO and typically targets a junior member of staff but instead of sending malware, they just send an email to try to trick a person into sending money.
“People do this and as soon as they click on the send button, it is too late”, he said. Highlighting cases affecting major companies, Cluley said that this is effectively good social engineering.
Looking at insider threat, Cluley highlighted cases of what appears to be trusted employees, where just by wearing a Red Dwarf or Iron Maiden T-shirt they are able to gain access to an IT department and network.
“We’re working together to make the internet a safer place, so don’t have nightmares."