How to keep your organisation safe through a summer of cybercrime

How to keep your organisation safe through a summer of cybercrime
Bharat Mistry, Technical Director at Trend Micro, shares his advice on how best organisations can protect themselves as cybercrime continues to rise drastically this summer. 

As the temperatures warm up and lockdowns ease, you might be forgiven for thinking that summer means an easier time at work. Unfortunately for cybersecurity professionals, that’s most definitely not the case. You might want to take it easy, but threat actors rarely take PTO. From crippling cyberattacks on UK schools to urgent new advice for patching critical vulnerabilities, there’s no shortage of stories to keep CISOs awake at night.

The good news is that mitigating cyber risk doesn’t need to be prohibitively expensive or complex. Now is a great time to revisit policies, tooling and strategy, to set your organisation up for success.

A summer of cyberthreats

By any measure, ransomware is the most visible and dangerous threat UK organisations have to deal with this summer. Trend Micro detected a 34% year-on-year increase in new variants in 2020, and the underground market remains as prolific as ever this year. Over recent months, high-profile attacks on US oil and food supply chains and managed service providers have escalated ransomware to the highest levels of government. In addition, both G7 and NATO leaders have called out nations such as Russia for harbouring criminal groups.

Yet while these big-name attacks tend to be most eye-catching, the majority are still aimed at SMBs. And the affiliate groups that carry most of them out are getting bolder. According to insurers, the average size of demand made to North American ransomware victims soared by 170% year-on-year in the first half of the year. We’ve seen attacks combining not only encryption of key files and data theft but also DDoS attacks and the contacting of customers and stakeholders—all with the end goal of forcing payment. The good news is that their tactics are increasingly predictable: initial entry via phishing, vulnerability exploitation or RDP, and lateral movement using legitimate tools.

Less easy to predict or deflect are nation-state attacks. Yet as state-backed operatives get bolder, more organisations are becoming exposed to potential compromise—either as a target themselves or a “stepping stone” en route to higher-value partners. When the US government starts offering rewards of up to US$10mn for information identifying these actors, you know that the advantage is increasing with the attackers.

Making things even more difficult is the increasingly blurred lines between state-sponsored and cybercrime activity. Nation states today might buy hacking tools off the dark web and even hire cyber-criminals to do their dirty work. In the meantime, the cybercrime economy continues to mature. Today it’s a finely tuned machine where each component has a precisely defined role. As we’ve reported, “access-as-a-service” vendors are increasingly common. These threat actors typically compromise targets and then sell network access to ransomware groups and others. The pressure to patch vulnerabilities and find misconfigured endpoints has never been greater.

Review and prioritise

Although we say that things are getting harder for cybersecurity leaders every year, 2021 has had more bumps in the road than most. But that doesn’t mean it’s game over. In fact, the summer offers a useful opportunity to take stock of what works and what doesn’t and to advance the corporate cybersecurity posture.

READ MORE:

We know that attackers are increasingly hijacking RDP endpoints and other accounts by brute-forcing credentials or using previously breached passwords. That makes multi-factor authentication increasingly table stakes for today’s CISOs. We also know that they’re still exploiting vulnerabilities to compromise systems, including those dating back several years. So patch promptly and consider virtual patching capabilities to protect end-of-life and other systems where fixes can’t be easily applied. Finally, review the legitimate tools (PSexec, Cobalt Strike etc.) that are regularly used by threat actors once inside your networks to perform lateral movement without raising the alarm. By understanding how they’re used by your employees, you’ll be better placed to spot anomalies that could indicate malicious activity. More broadly speaking, use this summer to identify your most business-critical systems and build defences around them first. Work with your security partners to audit their solutions and ensure you have the latest builds and features in place. And review your policies, especially incident response and recovery in the event of a ransomware attack. The bottom line is that no organisation is 100% safe from a security breach today. It’s all about spotting them early on and taking action before the bad guys have.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Amber Donovan-Stevens

Amber is a Content Editor at Top Business Tech

Birmingham Unveils the UK’s Best Emerging HealthTech Advances

Kosta Mavroulakis • 03rd April 2025

The National HealthTech Series hosted its latest event in Birmingham this month, showcasing innovative startups driving advanced health technology, including AI-assisted diagnostics, wearable devices and revolutionary educational tools for healthcare professionals. Health stakeholders drawn from the NHS, universities, industry and front-line patient care met with new and emerging businesses to define the future trajectory of...

Why DEIB is Imperative to Tech’s Future

Hadas Almog from AppsFlyer • 17th March 2025

We’ve been seeing Diversity, Equity, Inclusion, and Belonging (DEIB) initiatives being cut time and time again throughout the tech industry. DEIB dedicated roles have been eliminated, employee resource groups have lost funding, and initiatives once considered crucial have been deprioritised in favour of “more immediate business needs.” The justification for these cuts is often the...

The need to eradicate platform dependence

Sue Azari • 10th March 2025

The advertising industry is undergoing a seismic shift. Connected TV (CTV), Retail Media Networks (RMNs), and omnichannel strategies are rapidly redefining how brands engage with consumers. As digital privacy regulations evolve and platform dynamics shift, advertisers must recognise a fundamental truth. You cannot build a sustainable business on borrowed ground. The recent uncertainty surrounding TikTok...

The need to clean data for effective insight

David Sheldrake • 05th March 2025

There is more data today than ever before. In fact, the total amount of data created, captured, copied, and consumed globally has now reached an incredible 149 zettabytes. The growth of the big mountain is not expected to slow down, either, with it expected to reach almost 400 zettabytes within the next three years. Whilst...

What can be done to democratize VDI?

Dennis Damen • 05th March 2025

Virtual Desktop Infrastructure (VDI) offers businesses enhanced security, scalability, and compliance, yet it remains a niche technology. One of the biggest barriers to widespread adoption is a severe talent gap. Many IT professionals lack hands-on VDI experience, as their careers begin with physical machines and increasingly shift toward cloud-based services. This shortage has created a...

Tech and Business Outlook: US Confident, European Sentiment Mixed

Viva Technology • 11th February 2025

The VivaTech Confidence Barometer, now in its second edition, reveals strong confidence among tech executives regarding the impact of emerging technologies on business competitiveness, particularly AI, which is expected to have the most significant impact in the near future. Surveying tech leaders from Europe and North America, 81% recognize their companies as competitive internationally, with...