Kyle Holmes, Managing Director of Calne-based Black Nova is warning companies across the South West to be more cyber aware than ever over the next 12 months.
Cyber attacks on companies and individuals have soared throughout the pandemic and they rose dramatically in 2021, with more ransomware attacks recorded between January and March last year than the whole of 2019.
These attacks have included attacks on hospital systems, oil pipelines, schools and businesses.
Kyle said, “Companies and directors need to be more cyber aware than ever before. Cyberspace and the digital world is developing at an astonishing rate. However criminals are moving as fast too and now is the time to look at your resilience to deal with that.”
Kyle and his team believe there are several major areas of risk to be aware of in 2022.
Homeworking – with more and increased home-working the risks are much higher, from linking private and professional devices, access to internal systems and company data from home and general home security which could be used to ‘spy’ or access sensitive or valuable data.
AI – while use of AI-led tech is increasingly clever at picking up ‘anomalies’ in behaviour online, it’s also being used to carry out cyber attacks.
Supply chains – being attacked through being linked to a supplier and its systems is seen as a red flag area. It’s believed by 2025 around 25 per cent of larger companies will not work with suppliers which cannot demonstrate their so-called cyber ‘resilience’.
The Internet of Things – it’s estimated that last year the number of connected devices was more than 18 billion. This connectivity can carry risks at home or in the office. Controlling many things digital from doors, to windows, to kettles to fridges means that hacking your fridge could lead a hacker straight to something far more important – personal or company data.
Kyle, said, “Companies need to do an audit of their equipment, their connectivity and their digital infrastructure to identify weaknesses, plug gaps and, from a human point of view, train and educate their team or teams – particularly if they are working from home. The latter is the best way to avoid being a victim of a phishing or ransomware attack which could seriously cripple, or even destroy a company.”
One of the biggest, and most sophisticated cyber attacks over the last two years was the SolarWinds hack which began in or around March 2020 in the USA, no one knows for sure as the impact of that attack has still not been fully assessed.
SolarWinds is a Texas based company providing information technology working with an estimated 33,000 customers some of whom are very large companies and government departments. This company was subject to a ‘supply chain hack’ which wasn’t discovered for months.
Malicious code was introduced into SolarWinds’ software system known as Orion. When it sent out updates to its customers, as is perfectly normal for software, it inadvertently sent out the ‘bad’ code which, in some cases, then infected the clients’ systems.
This code created a ‘back door’ allowing the hackers to ‘spy’ on other larger companies and government departments. Even today it’s not known how deep this attack went and which customers were affected.
Pictured above: Kyle Holmes, Managing Director, Black Nova