Cyberattacks are becoming increasingly common and we must get ahead of them rather than picking up the pieces, writes Dr John Isaacs.
Almost daily across every news organisation, often well below the main headlines, you are likely to come across details of the latest cyber-attack. Words like 'ransomware' and 'data-breach' are used to describe the often catastrophic impact on the target. While it may seem like something that only happens to large enterprises, it can impact a whole range of businesses, public bodies, education providers, charities and individuals.
Across the globe, there is a continued rise in cyber-attacks and general security concerns, with these becoming particularly prominent during the pandemic. In the last 18 months, organisations have adapted to the 'new normal' of working from home and there has been a growing reliance on the internet to provide services or carry out business. Many companies are rapidly undergoing a digital transformation to adapt to this new way of working. This rapid move online can expose many more organisations to vulnerabilities or attack, especially if cyber security aspects are not considered.
The attacks and breaches that we do hear about are just the tip of the iceberg, belying a secret digital war, constantly being waged between organisations and a range of anonymous attackers. Most attacks remain unpublicised for security and reputational reasons. While UK government figures indicate one in ten companies have had some form of attack in the last 12 months, even these figures could be underestimating the problem. Due to the desire for secrecy among both victims and perpetrators, it is hard to know the true scale of cybercrime.
What we do know is, it is becoming more prevalent, with a significant rise in 'ransomware' type attacks in the last few years. Ransomware is sophisticated computer code that prevents users, or an entire organisation, from accessing their systems or data and demands a payment for access. Often the ransomware collects sensitive organisation data and directs this back to the perpetrators as leverage in blackmail. The impact on the organisations involved is enormous.
This month, a cyber-attack on a US fuel pipeline company, Colonial Pipeline, caused a reduction in oil supply across America's east coast. The drop in supply caused a rise in consumer petrol pump prices, sparking a crisis during a period of economic recovery. Last week, the Irish health service (HSE) suffered an attack, described as the most significant in the state's history, that resulted in cancellations in appointments and outpatient services. Closer to home, Scotland's Environmental Protection Agency suffered a similar 'ransomware' attack in December. The attack affected a range of the organisation's systems and shut critical operations for a considerable time.
The thing about these attacks is that the target won't have actually been selected by anyone, at least anyone human. In the vast majority of cases, the attacks are the result of a vulnerability in a piece of software, a network or information security policy. One of the factors that make cybercriminal groups so dangerous and successful is their ability to adapt and grow. Cybercriminals and the tools they use are adept at finding new vulnerabilities to exploit. This underscores the importance of being able to foresee and anticipate potential threats and strengthen an organisation's cyber defence.
Often cyber security experts are brought into a company after an attack or breach has happened. This is important, as it does provide a picture of what has happened and help identify the vulnerability. Wouldn't it be better, though, if the organisation was protected in the first place?
To do this, organisations need access to staff with key skills and training in cyber security. However, there is a gap in the demand and supply of people with these skills across Scotland. Encouraging young people into cyber security roles, creating apprenticeships and upskilling for existing staff is vital to ensure that our organisations can protect themselves against these pervasive and rapidly evolving threats.
RGU's new Graduate Apprenticeship course in cyber security provides students with the skills required to become a successful cyber security professional in this growing, fast paced sector. Students also develop the lifelong learning professional skills, ethics and behaviours required to stay abreast of a rapidly evolving domain.
Our cyber security Master's course was recently accredited by the National Cyber Security Centre - a part of the UK Government Communications Headquarters (GCHQ). GCHQ themselves have highlighted the importance of taking a national approach to cybersecurity, calling it 'an increasingly strategic issue'. This underscores why organisations must embed highly trained and skilled cybersecurity experts within their workforce to not only protect their IT infrastructure but also their reputation and finances.