As technology evolves, the potential to exploit it does too. Because of this, there has always been a symbiosis between cyber security and cyber threats, with each one spurring the other on to new heights of ingenuity and innovation. With every new challenge comes the opportunity to meet it and improve on systems and techniques already in place.
If you aren’t part of the cyber security sector, it can be tricky to keep up to date with all the different developments. With this in mind, we have put together a brief review of the year so far in terms of cyber security.
April saw Russian-based attacks on critical infrastructure in the United Kingdom, United States and Australia. These so-called ‘nation-sponsored’ cyberattacks can be incredibly serious as the April attacks proved, with millions of computers being compromised. However, this threat was not limited to private individuals, meaning the FBI had to intervene, elevating this particular breach to a matter of national security.
Even more recently, this July saw fitness app Polar Flow experience a data breach that revealed the locations of “military personnel inside secret bases around the world”. This isn’t the only workout app that has been targeted this year; in February, MyFitnessPal had the usernames, email addresses and passwords of 150 million users stolen.
You can find a more detailed list of some of the biggest hacks and data breaches here but the common thread seems to be the scale on which these attacks are perpetrated, especially through seemingly innocuous sites and apps like Timehop and MyHeritage – and also their frequency. Further to this, the 2018 Cyber Security Breaches Survey found that 43% of UK businesses had reported cyber security breaches or attacks in the last 12 months.
Although the same survey reports that the average financial impact on businesses was only £3,100, in certain circumstances it can be far higher. This April, Yahoo! (now Altaba) was fined £35 million by the US Securities and Exchange Commission and a further £250,000 by the UK’s data protection watchdog for their serious 2004 breach.
Ciaran Martin, chief executive of the National Cyber Security Centre, a part of GCHQ, was quoted in the Independent as saying, “Cyber-attacks can inflict serious commercial damage and reputational harm, but most campaigns are not highly sophisticated.” However, he followed up by saying that steps could be taken to ensure that things like this don’t happen as regularly.
“Companies can significantly reduce their chances of falling victim by following simple cybersecurity steps to remove basic weaknesses.”
Cyber security is such a huge industry and, as we mentioned earlier, one that is constantly evolving. However, there are a few key trends in the sector that are being pushed to the forefront.
Digital Minister, Margot James says, “We are strengthening the UK’s data protection laws to make them fit for the digital age, but these new figures show many organisations need to act now to make sure the personal data they hold is safe and secure. The government is investing £1.9bn to protect the nation from cyber threats.” This shows that cybersecurity is an important government concern and not just the remit of private companies.
If you would like to read more about the UK’s National Cyber Security Strategy, you can visit Gov.uk to read their proposed plans from 2016 to 2021 – these documents are available in several different languages for any non-native English speakers.
Find out more about Northumbria University London’s Cyber Security MSc here.