Cyberattacks on organisations and critical infrastructure are likely to increase in number and scale, with five key areas driving the growth, according to Accenture's mid-year Cyber Threatscape Report 2018. The report predicts an escalation of more-destructive cyberattacks, which will include attacks on global supply chains, as well as physical damage perpetrated by highly funded rogue nation states and cybercriminals looking to disrupt business operations. It pinpoints Iran as “a growing force to be reckoned with” and a significant base for cyber criminals.
The five key threat areas identified in the report are:
1. Cyber-espionage and ransomware threats from Iran
The report states that “new evidence shows Iran-based threat actors and state-sponsored groups are expanding their malicious activities and capabilities.” It mentions the cyber-espionage group Pipefish, which primarily uses malware to target Middle East companies in the energy sector in countries such as Saudi Arabia, Qatar and United Arab Emirates.
2. Extended supply chain threats
The report states that cybercriminal, espionage and hacktivist groups will continue to target supply chains, and the strategic business partners that contribute to them, for monetary, strategic and political gain. In particularly it highlights a China-based group of hackers known as Pigfish, which targets companies in a range of industries “to fulfil collection requirements for various espionage missions and simultaneously gain access to additional supply-chain attack capabilities and resources”. The report warns of a growing focus on targeting trusted third and fourth parties in supply chains as a means of obtaining a cybersecurity breach.
3. Critical infrastructure
Infrastructure in the oil and natural gas industry will continue to be an attractive target for cyber criminals for the remainder of 2018, says the Accenture report. It pinpoints potential threats from Russian state actors, which the report says “could sponsor disruptive or espionage-related cyber operations or support hacktivists in the name of protecting the environment to contain new competition to its largest energy market.” It also acknowledges a threat from North Korea, which it says could see rising oil prices as an incentive launch ransomware attacks to circumvent sanctions and raise funds.
4. Advanced persistent threats are becoming more financially motivated
Advanced persistent threat (APT) attacks are prolonged, multi-stage cyberattacks carried out with tools and techniques for cyber-espionage and for gaining access to financial data. They are increasingly being carried out for financial gain and are a persistent threat in 2018.
5. Miner malware is creating a cryptocurrency surge
Miner malware, whereby malware is used to install illegal software for 'mining' cryptocurrencies on a private or corporate computer system, is one of the largest growth areas in cybercrime in 2018, says Accenture, adding that growth in this area is likely to continue in 2019. The report states: “Ransomware continues to be the most prevalent attack vector for extortion operations, with attacks doubling from 2016 to 2017”.
NA + European firms lose $22.93 billion due to FX in Q1
FiREapps Q1 2018 Currency Impact Report shows EUR most affected; North American MNCs in far better shape
Are you ready to exploit instant payments in Europe?
SWIFT has passed all compliance checks required to offer customers seamless connectivity to TIPS via SWIFTNet Instant from go-live date
Managing a successful spin-off
Divestments are best done quickly but certain strategies should be in place to make sure the separation creates value