MI5 has admitted that it is working to counter astonishing levels of cyber-attacks on UK industry. Head of MI5, Jonathan Evans, commented that vulnerabilities on the internet are currently being “exploited aggressively not just by criminals but also states’.
He also revealed MI5 is investigating instances of cyber attacks in more than a dozen companies and that one major London business has suffered £800 million in losses following an attack – something that terrorists could exploit in the near future.
This comes hot on the heels of a report from Cambridge University that claimed that cyber crime is currently costing Britain £11 billion.
Ross Brewer, managing director and vice president, international markets, LogRhythm, made the following comments:
The threat of terrorism is shifting from physical acts of violence to a more subtle, silent war that is fought from behind a computer screen. Cyber warfare is no longer a product of a Minority Report-esque era – and it seems that MI5 is now placing the issue directly under the microscope.
Considering the discovery of the Flame malware, Google’s warning to vulnerable users about state-sponsored attacks, and recent headlines around the ACAD/Medre.A virus, it is becoming clear that governments and businesses must take urgent action to boost security and ensure that any vulnerabilities are addressed.
There are clear examples of how a cyber attack can lead to loss of information and financial repercussions for big businesses, but as this threat develops and becomes more sophisticated, the potential to compromise critical assets and cause real world damage grows exponentially.
What’s more, as our world becomes progressively more connected – with the internet controlling most aspects of daily life from cars, to traffic systems to cash machines and other infrastructure – the problem becomes more complex, vulnerabilities increase and urgent steps must be taken to ensure that security procedures are aligned.
“Some academics, such as the authors of the recently released Cambridge University cybercrime report, claim that more resources should be focused on catching and punishing cybercriminals as opposed to preventing computer crime – but unfortunately this is as logical as waiting until you have been burgled before installing locks.
The scale and nature of today’s cyber threat calls for continuous, protective monitoring of networks to ensure that even the smallest intrusion or anomaly can be detected before it becomes a bigger problem for all. As traditional point security tools continue to prove their own limitations, more holistic strategies need to be adopted – and log data is becoming an invaluable intelligence resource for anybody wanting to keep a close eye on all network activity.
This level of visibility is also critical to facilitate deep forensic analysis into today’s sophisticated cyber attacks, enabling them to be accurately attributed to the correct perpetrators.