Recent data from the Information Commissioner’s Office (ICO) Data Security Trends Analysis Q1 2021-22 (capturing incidents for the period 1 April – 30 June 2021) reveal there’s been a sharp rise in specific cyber attacks as attackers seek to capitalise on the disruption caused by the pandemic and working from home (WFH).
The biggest leap was in misconfigurations of software and hardware, up a staggering 543% from 7 incidents last year to 45. This reflects the rapid expansion within the cloud as businesses sought to roll-out remote working to enable WFH. Misconfigurations routinely top the list of cloud security issues due to a failure to configure cloud solutions. Left in their default settings, these systems become much easier to compromise when exploits then surface.
There was also a marked increase in attacks against the user. Malware was up a third and phishing attacks were up 54% compared to the same time last year while ransomware more than doubled due to the growth of Ransomware-as-a-Service (RaaS). RaaS enables cyber criminals to use malware for extortion without the need to code it themselves and was responsible for two thirds of all campaigns during 2020.
This year also saw the ICO also include cryptographic flaws and denial of service attacks which were omitted last year, indicating a growth in highly targeted organised attacks. The only attack type to buck the trend was unauthorised access which fell 28% from 87 to 63, but this could equally be due to the difficulty of detecting such an attack outside the corporate network.
The results show that many users have fallen victim to attack while WFH, let down by insufficient support and a failure to implement secure remote access. Staff training should have helped prevent phishing attacks, for instance, with virtual training sessions offered to help with reinforcement. The increase in malware also suggests inadequate protection of endpoints, no doubt caused by many relying on connecting from home on personal devices.
The ICO also helpfully breaks down these figures into specific sectors, and virtually all of them have seen an increase in incidents. The retail and manufacturing industries continue to suffer the highest volume of attacks but saw a relatively modest increase of 48% compared to some of the others.
Perhaps not surprisingly given the disruption to normal working practices, it was the General Business sector that saw the greatest rise at 282%, closely followed by the Utilities sector at 250% and the Health sector at 238%. The Legal sector and Transport and Leisure both saw a tail-off in demand for their services during the pandemic but an uptick following the easing of lockdown, resulting in attacks increasing by 117% and 106%, respectively.
A sector that was relatively unscathed by the pandemic and able to maintain BAU was Online Technology and Telecoms. It saw an increase of only 14%, revealing that it was better able to defend its operations. Similarly, the Finance sector saw only a 2% increase and Local Government 6% while those operating in Social Care actually saw an 11% decrease in attacks.
The results of the Data Security Trends Analysis 2021-22 suggest that many organisations struggled to put in place adequate security measures and adapt quickly enough to meet the demands for WFH. This then made it difficult to enforce security policies, leaving staff exposed.
The question that now remains is how effectively these sectors can play catch-up. Given that we will have a hybrid workforce for the foreseeable future, its vital that organisations now identify where their security gaps lie. Most sectors have some work to do to better protect their infrastructure, data and staff.
Our recommendations are to:
If you’d like some advice on how to make your business more resilient and your staff more secure, or if you’d like to assess how effective your current security measures are, we’re here to help. Email us at contact@prisminfosec.com or call 01242 652 100.