Why was 2017 the ‘year of acceptance’ for cybercrime?

Why was 2017 the ‘year of acceptance’ for cybercrime?

16th January 2018 Security

2016, early last year, was declared the ‘year of ransomware’. At the time, it saw the largest growth in ransomware attacks the world had ever seen and the destruction caused, set a precedent for 2017. Officially, in 2016, ransomware became organisations’ number 1 security concern. But in the year just passed, cybercrime has been received in a new way. Not only have these attacks been on the increase again, but for the first time, the public began to understand, why and how these attacks occurred. Really, 2017, was the first year where we’ve actually started doing something about it… “Antivirus is no longer enough” became a prominent message not only from Brigantia but across the globe. Cybercrime became accepted. Cybercrime became something that “will happen” and therefore must be mitigated against.

In 2017, we, as businesses and civilians, utilised more advanced ransomware protection methods than ever before. It seems to have finally hit home to businesses, of all sizes, that a layered approach to security is a must. One can argue why this realisation has finally happened – but the weight of noise and clamour in the media, high profile victims and a lack of understanding around new regulations such as the GDPR, I am sure, has had much to do with it…

Brigantia in 2017 saw outstanding growth with Heimdal Security, our market-leading and proactive second-generation malware prevention tool. We have been helping more of our partners than ever before to avoid their clients from being attacked and infected.

Why was last year “different”?

We saw some of the most damaging outbreaks last year, such as Petya, Nemucod, NotPetya and a reiteration of Locky which meant reaching more targets than ever before and having the potential for severe damage. Although the most worrying example of these outbreaks can be argued to have existed for financial motives, it also existed to hit a significant pain point in the UK and attempt to disrupt society. WannaCry was the first exploit that gained global reach and to use EternalBlue, which takes advantage of a vulnerability in Microsoft’s Server Messages Block. WannaCry effected hundreds of thousands of users across the globe and really ended up catalysing the growth of human realisation that there is a whole industry out there that can do REAL, and not just financial, damage. We are merely chickens in a coop with only hip-high wire to save us from the foxes. 2017 was a different year because our NHS was on the brink of destruction and was saved by an accidental hero. This made us realise that the time has come where if we as businesses and people are not properly protected, the repercussions might not be tolerable anymore.

What type of organised criminals would want to have such an impact?

The internet does not belong to one country and those who utilise it to make money unethically may not understand or resonate with certain publicly run bodies. This dramatically increases the threat risk, especially now that a competitive challenge has been set by The ShadowBrokers in the hacking community of “who can do the most societal damage whilst still earning a bit of cash”.

So now that we know the stakes are quite so high and there is an organised willingness to push destructive boundaries, what inevitable attacks can we expect during 2018?

The only advantage that we have going into 2018 is that we can expect similar things to come… it will not be a “surprise” – which some seemed to see 2017 as, remarkably in my eyes. It was reported that throughout 2017, British energy, telecoms and media sectors had been consistently targeted. This worry is being carried forward into 2018, along with the risk of destructive attacks against critical infrastructure in the UK. There is a chance that we might see the likes of telecoms and power stations affected. After all, Petya hit Chernobyl’s radiation monitoring system during 2017.

Although we cannot predict the attacks, one thing is for certain, unless you have a dedicated and purpose-built proactive layer that stops these attacks from knocking on the door in the first place, it is highly likely you will be impacted.

MSP/VAR; “Oh but my clients won’t pay for another layer of protection” – they will, and they are doing. Business end users become more aware of the threats by the day – schools tweak budgets, opticians accept the need to prevent leaking confidential client information and the local estate agent cannot afford the downtime that a malware infection or ransomware scenario can bring… So, just make sure you are the trusted advisor.

Heimdal Security pulls its intelligence live from the malware infrastructure. All 5 layers of protection, that the product offers, occur before even reaching your endpoint. Nothing else in the market combines both silent third-party patching and a DNS level two-way traffic filter… why is this important? Well… give me a ring and find out.

For more information, or if you have any thoughts on this piece, please get in touch via email angus.shaw@brigantia.com or on 020 3358 0090. If you would like a succinct graphical overview of whom we put our trust in, simply click here: www.brigantia.com/vendors

About the author

Henry Chaw:

  Join our newsletter