Whenever there’s an opportunity, cyber criminals will exploit it. This year, the global economic outlook is not bright and with the UK facing a Cost of Living Crisis it's a perfect time for fraudsters to increase their scam attempts and for cyber criminals to exploit people struggling financially.

security-First-1-1

Fraudsters will step up their Phishing attempts

With the cost-of-living crisis dominating the headlines, cyber criminals are increasing their efforts to target people worried over their bills by sending phishing emails and texts claiming to be from government and local authorities that promise energy bill and council tax rebates. Energy suppliers are also being impersonated, often via phishing emails that encourage a target to click a malicious link that promises to take them to either a cheaper tariff or special discount offer.

Another tactic that has been increasingly witnessed are phishing emails encouraging people to apply for fake cost of living payments that mimic genuine government support packages. Fake texts and emails sent under the guise of the Department for Work and Pensions have been doing the rounds since early September 2022, but we can expect similar phishing attempts to increase dramatically in 2023 as the cost of living crisis bites harder.

Get your Guide HERE

The Insider threat will increase

The cost of living crisis and a faltering economy will push many people to the brink financially in 2023 and cyber criminals know it. They will increase their attempts at bribing employees (who may be struggling financially) to provide them with the credentials they need to breach a business.

Malicious insider threats and targeted social engineering attempts are becoming increasingly common and pose a growing significant threat.

Insider

Threat actors will offer financial incentives to your employees

Because external security perimeter controls have gotten so good, ransomware and different Advanced Persistent Threat (APT) groups are now just resorting to bribing employees. The way that works is that a person goes to one of their forums which are often located on the deep web or in some cases even on the clear net and find listed opportunities.

“An employee of a company would post on a forum something like ‘Hey, I work as a helpdesk engineer at XYZ company? How does this work?’ In the case of ransomware gangs, they will give details and they’ll either give them access to something or they'll send a phishing email with a malicious link to the person who will then deliberately click it once received. As there is no penalty for poor cyber awareness the insider essentially gets away with it and once the attacker has what they want they will then pay the insider a cut of the ransom,” explains Integrity 360’s Principal Architect Zach Fleming. 

APT groups operate at a sophistication that will surprise anyone who doesn’t pay attention to cyber security.

These top-tier APT groups are very professional, providing support phone lines, chat-lines and ticketing systems that make it easier to pay the ransom. Crypto currencies having become increasingly mainstream over the past few months and years does not help also, as it is not just those that trade on the black market that use them anymore. For example, you can now buy certain car brands with Bitcoin!

With the cost-of-living crisis expected to deepen over the year we can expect to see a lot more instances of malicious insider threats as people struggling financially may turn to these groups to raise some extra money.

Consider the risk from vengeful ex-employees

Another thing to consider is revenge attacks from former employees. Companies will no doubt be cutting costs and unfortunately when times are tough often it is the employees who get the cut first. As such, businesses need to ensure that they enact any layoffs in a way that won’t cause resentment or lead to former employees seeking revenge. Easier said than done.

You can reduce the risks, however, by ensuring that all access to company systems that a former employee may have had is revoked and that any third-party applications they used in their job have their passwords changed. A Zero Trust policy will be of great benefit in ensuring that those who no longer work for an organisation cannot access its systems and networks.

Slashing Cyber security budgets is not the answer

Another major risk businesses will face during the economic downturn will be upper management’s desire to cut costs.

Cutting budgets is a sensible reaction during a period of rising costs and reducing margins, but businesses need to remember that cyber criminals never rest.

Slashing cyber security budgets can put a company at risk of losing their cyber security professionals (already in short supply) and can result in gaps in an organisation’s defences.

A more effective approach will be to get a full overview of your network and identify what is vital and what tools you can not operate without. Reducing cyber security capability doesn’t have to be the consequence of cutting budgets but instead should be used as an opportunity to optimise and streamline what you do have. Consolidation of platforms and convergence of technologies can be a useful way to optimise spending in addition to improving overall security posture.

Business leaders need to remember that effective cybersecurity detection and response is only possible if IT teams know what they’ve got to work with, and how users and data are interacting. They need continuous, accurate and up-to-date information to mitigate threats, navigate risks, and neutralize incidents. This where Managed Detection and Response (MDR) Services come into play, as usually partnering with an expert MDR provider can be more cost-effective and deliver better outcomes as compared to doing everything in-house.

Utilise an MDR Provider

During times of financial difficulty a company may struggle to afford to pay for in-house cyber security teams. With an MDR service, a business doesn’t have to worry about requiring an in-house specialist to cover everything. It’s cost-effective as well due to an MDR partner being able to provide services and security for a fraction of the cost caused by having a hefty wage bill for in-house talent.

MDR providers are more flexible too, allowing a business to scale at pace, confident in the knowledge they are protected from cyber threats. A business also saves money by not having to purchase as much expensive software or tools due to the provider having access to the latest technology and tools already that can be brought to bear within the service

With the skills gap showing no sign of closing and the economic situation set to be highly challenging in 2023 it just makes sense to use an MDR provider.

CTA-MDR-1Read other insights into the cyber security challenges organisations will face in 2023 in our Guide to 2023: Cyber Security in an ever-changing world.

 

Are-You-Threat-Ready