Proactive management will help Irish IT teams thwart cyber attacks
21 June 2021 | 0
In association with CANCOM UK&I
In Ireland, we haven’t had to look far, or listen long, for news about cybersecurity attacks of late. And globally, a recent spate of ransomware attacks has crippled critical American infrastructure, disrupted food supply chains, and revealed that no firm – large or small – is safe.
Aside from the big, headline grabbing attacks, there has been a marked increase in the number and frequency of cybersecurity attacks overall. It is a new challenge for many organisations that simply cannot be ignored, and it’s therefore a topic that should be front of mind for all organisational leaders in Ireland.
It seems that just as swiftly as organisations switched employees to a home-working dynamic, so cybercriminals switched their attack vectors. Having employees working from home in unprecedented numbers quickly became a gateway to new forms of data theft and at levels previously unseen.
The path of least resistance
During lockdown, CANCOM’s cybersecurity researchers tracked a significant increase in phishing scams that were targeted at customers. The team also saw an increase in remote desktop protocol (RDP) server scans attempting to break into environments through the path of least resistance, by attacking areas that did not have robust security defences. In addition, CANCOM observed an increase in attacks using open source tools to find vulnerable Internet of Things (IoT) devices found in home offices that would be ripe for attack.
Some of the problems around remote working security can be attributed to rushed IT deployments at the start of the pandemic. These were quickly installed to plug gaps in remote working capability and were not fit for purpose long-term.
CANCOM researchers found several misconfigured Web applications that were in danger of being exploited, such as a ticketing system used by a big IT firm that had been mistakenly misconfigured and could have been used to deliver emails laced with malware. The team also found 29 subdomains that were deemed vulnerable for malicious intent if discovered. The subdomains were across various industries from large automotive manufacturers to multi-national investment firms. Should the vulnerabilities have been exploited before they were found, this could have led to the theft of sensitive customer data.
Teams pushed to their limits
In the age of digital transformation, IT and cyber resilience is the foundation of a company’s future viability. However, with the threat of cybercrime increasing across every sector during the pandemic, IT departments are being pushed to their limits. In fact, recent research suggests that these teams are, on average, 40% smaller than required, with the ratio of technical support staff to general employees now at a paltry 1:136.
Put simply, IT teams today are being asked to do more, with less. They are time-poor and understaffed, yet expected to constantly monitor the latest security threats and be ready to act at a moment’s notice in the event of a breach. Plus, they face a confusing web of complicated data protection regulations that can change from country to country. Not to put too fine a point on it, modern IT security requirements are pushing teams – especially those in SMEs – to breaking point.
The reality is that very few businesses have the internal bandwidth and expertise today to undertake 24/7 attack monitoring and protection themselves. Luckily, help is at hand. Outsourced security operations centres (SOCs) help businesses achieve comprehensive cyber protection in the face of unprecedented demand. They can either work completely autonomously or hand-in-hand with the business’ existing IT department.
There is no silver bullet
Companies of all sizes are vulnerable to attack, but there is no one-size-fits-all solution to protect today’s hybrid working environments. As with every IT investment, it is best to embed security in the foundations, by design – but include your team in the process.
It is important that organisations do not stand still. Once a new cyber defence has been deployed, it is then crucial to regularly check that it remains effective. And remember – you are not alone. In these increasingly challenging times, and under the increased pressure of having to secure today’s home workers, it is often no longer economical for IT teams to cover their entire technology stack themselves. Savvy organisations are, therefore, embedding flexibility in their armoury and leaning on the expertise of a managed services providers as required.
CANCOM UK&I has significant expertise in cybersecurity, and we have two dedicated SOCs – one in Ireland and one in England. Our cybersecurity expertise is well used in Ireland. During the WannaCry ransomware attacks of 2017 for instance, our security team worked with customers across the public sector, including a range of agencies in the health sector, to patch vulnerabilities.
But of course, the key to avoiding cybersecurity attacks is proactive management. At present, we are carrying out security health checks for some of the country’s major public sector bodies, working with VMWare to do the assessments, helping customers identify and fix any vulnerabilities before they are exploited. This is proving to be very valuable in identifying and remedying vulnerabilities that resulted from a rush to deploy solutions for remote working in early 2020.
Taking time to pause
The past year has significantly redefined the workplace. Home working has brought a myriad of benefits, so much so that many employees don’t want to go back to the office full time even when it’s safe to do so. Therefore, it’s crucial that organisations ensure office and home working exist in perfect harmony, by investing widely in the right tools and equipping IT teams with the means to protect the business and the staff within. It is a case of remaining one step ahead. It is a case of making good cybersecurity intrinsic throughout the entire organisation – from top to bottom. In Ireland, we know only too well from recent examples that this is more important than ever before.
James Kelly is Ireland country manager, CANCOM UK&I
CANCOM UK&I delivers a range of technology services across the public and private sectors. It carries the highest accreditations from technology and software leaders, and its data centres hold many certifications, including Government Official Status. The company provides a range of IT services, including professional services, managed services, support services and service delivery. Professional services include consultancy services, workload assessment & migration services, on premise services, and flexible resourcing. CANCOM UK&I employs over 600 people, more than half of which are based in Ireland.
To hear more and to stay up to date with the latest news and events, visit www.cancom.ie.