Out-Law / Your Daily Need-To-Know

Expect internet infrastructure to be the target of 'most impactful' cyber attacks of 2017, say UK agencies

Out-Law News | 14 Mar 2017 | 2:45 pm | 3 min. read

The "most impactful" cyber attacks of 2017 are likely to be those that target "the building blocks on which the internet runs", two UK agencies have predicted.

The National Cyber Security Centre (NCSC) and National Crime Agency (NCA) highlighted the threat in a new report which they said contains the most detailed assessment to-date of the cyber threats facing UK businesses (24-page / 3.75MB PDF).

Attacks on internet infrastructure, such as domain name servers, have the potential to affect multiple organisations, the report said.

"Domain name servers providers translate human readable domain names into internet addresses, acting as the phonebook of the internet; this helps users find the websites they are looking for," the report said. "There are many critical internet services, other than DNS, including website hosting, email, database servers, authentication and authorisation. Whilst they are not all vulnerable to the same attack methodology as DNS, a successful attack on one could have an equally far reaching impact."

"Rather than attacking a single website an attacker could target an upstream provider critical to the functioning of an organisation, such as DNS. An attack on upstream services would affect many organisations, serving to obfuscate the actual target or other simultaneous attacks," it said.

The joint NCSC and NCA report also flagged the growing cyber risk that stems from the connectivity of devices. They said that "huge numbers of insecure devices can easily be found online" and that consumers can expect to see a rise in number of ransomware attacks on their connected devices in 2017, as attacker seek "personal data such as photos, emails, and even fitness progress information".

"This data may not be inherently valuable, and might not be sold on criminal forums but the device and data will be sufficiently valuable to the victim that they will be willing to pay for it," the report said. "Ransomware on connected watches, fitness trackers and TVs will present a challenge to manufacturers, and it is not yet known whether customer support will extend to assisting with unlocking devices and providing advice on whether to pay a ransom."

Businesses were advised to take steps to address the risk of ransomware attacks. According to the report, "cyber crime is becoming more aggressive and confrontational, with an increase in the use of extortion", and ransomware is the "most common cyber extortion method" used by attackers.

"The threat of ransomware attack means that business should consider further mitigation and preventative solutions to combat it," the report said. "These include maintaining appropriate backups and defensive systems that automatically sandbox email attachments."

The report also highlighted the cyber attacks carried out on the SWIFT financial network and said that the use of financial trojans "have become more targeted and less visible", posing a risk to banks.

"The back-end systems and associated services of larger institutions will continue to be a target," the report said. "If successful, an attack could have a major and substantive impact upon a UK bank. The specialist skills required to accomplish such a targeted attack may eventually be offered as-a-service and consequently become available for sale in the wider cyber criminal community, as the traditional banking trojan methodology remains resilient and extant."

Donald Toon, director for economic and cyber crime at the NCA,said: "These threats demonstrate the need for a collaborative response across industry, law enforcement and government, with the ultimate aim of protecting customers and the UK economy. Businesses reporting cyber crime is essential if we are to fully understand the threat, and take the most effective action against it.  And while 100% protection doesn't exist, making cyber security an organisational priority and ensuring up to date processes and technology can protect against the vast majority of attacks."

Ciaran Martin, chief executive of the NCSC, said: "Cyber attacks will continue to evolve, which is why the country must work together at pace to deliver hard outcomes and ground-breaking innovation to reduce the cyber threat to critical services and deter would-be attackers."

"No single organisation can defend against the threat on its own and it is vital that we work together to understand the challenges we face. We can only properly protect UK cyberspace by working with others with the rest of government, with law enforcement, the Armed Forces, our international allies and, crucially, with business and wider society," Martin said.

Experts at Pinsent Masons, the law firm behind Out-Law.com, recently looked at the 10 things you always wanted to know about cybersecurity but were afraid to ask, and shared their findings in a themed series.

They looked at which people are typically behind cybersecurity breaches and the methods they usewhat the common vulnerabilities are and what good IT security looks like, and how the legal landscape and regulatory fines are changing. They also assessed the rising threat of ransomware and looked at how businesses may be able to seek protection afforded by legal professional privilege, and what they need to consider when working with criminal authorities, as well as the advantages of engaging credit monitoring after a breach and the potential benefits of taking out cyber insurance.