The Director of City’s Institute for Cyber Security outlines a few areas of concern and focus as the COVID-19 crisis sees a shift to home-working.
As the COVID-19 crisis sends public and private sector employees into home-working mode, City’s Professor of Security Engineering Professor Muttukrishnan Rajarajan, says the security of many large and sprawling networks should be kept a top priority.
Professor Rajarajan believes that cloud security, state-sponsored attacks, phishing threats and hardware vulnerability are among a litany of threats to states and organisations, great and small.
He says “the cloud is still a major security hole for many organisations. Things like side channel attacks and access control continue to pose a major challenge despite efforts to come up with new ways to mitigate these threats”. Some of the issues involved include: the inability to prevent malicious theft or misuse of data; advanced threats and attacks against the provider of the cloud service; cloud applications being provisioned outside of IT visibility (shadow IT); and the general dearth of qualified personnel to manage cloud security applications.
With regard to state-sponsored attacks, Professor Rajarajan says there have been several recent cases of such attacks using advanced persistent threats (APTs):
“This mode of attack will grow exponentially due to the many instances of global political unrest we are seeing today. It requires techniques to mitigate zero-day attacks and other new variants of threat vectors that were not known previously. The focus should be more about predictive analytics and forecasting. In addition, semi-automated techniques and agile processes should be deployed”.
Although organisations are doing a lot to mitigate phishing attacks, Professor Rajarajan thinks that today’s ‘socially engineered’ attacks are very sophisticated and rely on credible sources and weblinks which makes people fall victim:
“The level of accuracy applied in these phishing threats is so high that it is becoming very hard to stop these on a daily basis.”
"With the World Health Organization declaring COVID-19 to be a pandemic, hackers with apparent links to the governments of China, Iran and other nations are using the crisis to create phishing emails designed to lure victims. These emails contain malicious attachments that are then used to spread malware strains, including TrickBot, Lokibot and AgentTesla, which are all capable of stealing data from infected systems."
In terms of hardware vulnerability, Professor Rajarajan, the Director of City’s Institute for Cyber Security says some hardware devices used in the UK marketplace appear to have malicious software pre-installed.
“This may be difficult to detect and hence new automated hardware testing techniques are needed so that devices can be tested before being deployed on highly critical national infrastructure. There are also efforts to have trusted platforms in mobiles so that sensitive data on these smart devices can be protected on the device itself before it is sent to third parties.”