By Raj Samani
The UK government’s Cyber Security Breaches survey shows we’re dealing more critical cyberattacks than ever before and struggling to defend against them. Raj Samani at Rapid7 argues that dealing with such a critical number of cyberattacks is not dissimilar to an episode of The Wacky Races!
Businesses across all industries are seeing an ongoing escalation in the number of cyberattacks. The UK government’s latest Cyber Security Breaches Survey found that half (50%) of businesses it sampled had experienced some form of breach or attack in the past year. For medium and large businesses, that number is much higher at 70% and 74%, respectively.
The statistics should be a wakeup call to every organisation about what its security team is facing. This isn’t just a matter of numbers on a chart; it’s a daily reality for security teams in the trenches of cyber defence.
For security teams, every day feels like an episode of the classic cartoon “The Wacky Races.” The characters are frantically trying to outdo each other, navigating treacherous routes, and overcoming bizarre obstacles.
Now, replace those animated racers with cybersecurity teams. Like those cartoon characters, security experts find themselves perpetually fixing their cars—our digital defences—while barrelling down the racetrack at full speed. There’s no pit stop, no breather. The race against cyber threats continues unabated, with new challenges popping up at every turn.
It’s clear that the escalation isn’t just happening, it’s intensifying. And our responses must not only keep pace, but anticipate what’s around the next bend.
Dastardly Deeds: The geopolitical influence behind cyberattacks
Geopolitical tensions have a significant, undeniable influence on the cybersecurity landscape. Just like Dick Dastardly and Muttley had their secret weapons to slip up other racers, APT groups are using cyber to broaden their influence and destabilise other countries.
Cyber is now a common tool used by nation-state actors to cause economic and political disruption. The chaos sown by these malicious campaigns aims to weaken international alliances and disrupt stability. For example, in Eastern Europe, we’ve seen Russian-backed actors target critical infrastructure to destabilise economies and the functioning of broader society.
Each cyber strike, leaked document, and disrupted system serves a purpose in a larger strategy, affecting the immediate targets and the global geopolitical balance. Cyberattacks are no longer just about stealing data; they’re about reshaping global dynamics.
So, in this morbid landscape, there’s no time for a breather for the good guys. Security teams are constantly extinguishing fires in their digital environments, which feels like living in a straw house with a lit flame always nearby. Essentially, security teams are facing hundreds of Dick Dastardly’s secret weapons at the same time, but unlike the cartoon, they don’t have a guarantee that they’ll come out on top.
In order to protect themselves against cyberattacks, businesses need to first consider the implication of a breach. It means looking beyond the statistical impact and focusing on the human impact.
The impact of a breach goes beyond the technicalities
Amidst the technical discussions, the human impact often fades into the background, yet it is arguably the most critical aspect of any cyber incident. When systems are compromised, the immediate concern may be the data lost or the financial implications, but the real cost is borne by individuals whose lives are disrupted, often dramatically.
We saw this firsthand during a very public ransomware attack at a major meat supplier in the US. While the headlines might have focused on the technicalities of the breach itself and the potential geopolitical gamesmanship behind it, the true story is far more personal.
Many employees on zero-hour contracts and living paycheck to paycheck found themselves unable to work. This means that the disruption to their lives goes beyond just a missed day at the factory; it’s a missed rent payment, a child’s doctor visit postponed, and a family struggling to make ends meet.
This human cost extends beyond the immediate victims, and there is a broader societal impact when critical industries are hit. The fallout from such attacks can have lasting effects on community stability and public confidence. The narrative often misses these human stories, focusing instead on the technological aspects and forgetting the real victims who suffer as a direct result.
Cybersecurity, then, is not just about guarding data or thwarting hackers; it’s about protecting people. Businesses must consider this more significantly when discussing their security agenda, strategy, and investments.
By focusing on people, security teams can turn their ‘car’ into a winner, like Penelope Pitstop or the Ant Hill Mob, and protect their organisation against any attack.
The Road to Yellow Rock
Looking ahead, the cybersecurity landscape is poised to evolve dramatically with the advancement of technologies such as automation, AI, and machine learning. These tools offer tremendous potential to enhance our defensive capabilities, but they also present new challenges that we must anticipate and address.
Automation in cybersecurity can streamline many processes, allowing us to respond to threats with unprecedented speed and efficiency. However, as businesses integrate more advanced AI into their systems, they must also consider the implications of these technologies becoming accessible to adversaries. The same tools we use to protect our networks can be used against us in increasingly sophisticated attacks.
So, it’s critical to establish a strong foundation of cyber hygiene. Using measures like updated malware protection, password policies, cloud back-ups, restricted admin rights, and network firewalls can go a long way in helping security teams keep businesses operational. Just as the Slag Brothers in “Wacky Races” would patch up their Boulder Mobile on the fly, security teams must continuously fortify their digital infrastructure as new risks emerge.
There should also be a significant focus on board engagement and corporate governance. Cybersecurity strategies must be seen as a high priority among senior management. There should be open, transparent, and constant discussion with the security leaders to identify potential gaps in resourcing and analytical functions.
Businesses should also consider strict policies to ensure that AI systems are used transparently and ethically, with substantial human oversight. Security leaders need to develop comprehensive policies that address both the opportunities and challenges posed by new technologies. This includes fostering a cybersecurity workforce that is adaptable and equipped to handle a rapidly changing landscape and ensuring that all stakeholders have a clear understanding of the risks and responsibilities in this new era.
Ultimately, our goal should be to create a resilient cybersecurity infrastructure that not only responds to threats but also anticipates them, ensuring that as our digital world evolves while remaining a safe, stable, and secure environment for everyone.
Like the Wacky Racers constantly adapting to the test of ever-changing tricks and traps, our cybersecurity strategies must be equally agile and forward-thinking, ready to tackle the next challenge around the bend.
About the Author
Raj Samani is a security expert responsible for extending the scope and reach of Rapid7’s research initiatives. Raj joins Rapid7 from McAfee where he served as McAfee Fellow and Chief Scientist. Raj has assisted multiple law enforcement agencies in cybercrime cases, and is special advisor to the European Cybercrime Centre in The Hague.