If you tried to visit Indigo’s website on February 9, you would have been greeted with the message, “We experienced a cybersecurity incident earlier today and are working with third-party experts to investigate and resolve the situation.” While a hastily put together version of Indigo’s website is back online, the retailer is still reeling from the impact of the cybersecurity incident over a month later.
Chapters/Indigo is just the latest retail domino to fall to cybercriminals in the past months. Canadians are taking note of headlines about attacks affecting the LCBO, Sobey’s, the Running Room and other organizations. Incidents like these are not just on the rise in Canada—they are part of a global trend with other international players such as Microsoft, the Red Cross and the UK’s Royal Mail all falling victim to cyber attacks in the last year. These incidents are damaging—compromising your networks, data, finances and reputation—and open your organization up to liability.
What is happening? How come cybersecurity incidents are becoming so prevalent? And most importantly, what can we do to stay protected?
Although it is rare for organizations to divulge the exact ways they were compromised, from our own data we know that cyber attacks are increasing in scale and sophistication. According to our 2022 cybersecurity survey, 44 per cent of surveyed respondents indicated that their organization has experienced a cyber attack in the last 12 months. One reason for this includes technological advancements, which are being leveraged by criminals just as they are by legitimate businesses. Tools such as Chat GPT might be a fantastic way to increase productivity for legitimate businesses, but criminals can also use them to generate convincing targeted phishing emails (known as spear phishing) on a scale we have never seen before.
Most cybercriminals are opportunists, looking for whatever chances they can to steal. From the very dawn of the internet, there have been those who have sought to exploit it for their own criminal purposes. As the COVID-19 pandemic ground many in-person business activities to a halt, it accelerated the pace of digitization in the workplace. Cybercriminals took note, and quickly kicked their efforts into overdrive. Think about the number of websites, apps and programs that you use in a work week compared to just a few years ago. Not only is it hard to keep track of them all, but having so many platforms increases the attack surface for cybercriminals. There are now a greater variety of entry points to your sensitive personal data than ever before.
The proliferation of Internet of Things (IoT) devices has become a growing threat vector. Cybercriminals can control a network of computers and IoT devices and use them to launch attacks. We now live in an era where malicious actors can use a network of smart fridges and other devices to overwhelm a hospital’s websites and servers, leading to the cancellation of surgeries and disrupting normal operations. While this thought might leave us feeling a bit helpless, the good news is there are actionable measures you can take to significantly decrease the likelihood of a successful cyber attack on your organization.
So, how can you keep your organization from becoming a cyber incident headline?
The most important thing is a change of mindset. Cybersecurity is not optional. The increase in attacks is not random. There has been a fundamental shift in the reality of our daily lives; networked technology is everywhere and has permanently altered how we exchange and store information.
As the scale and sophistication of cyber attacks grow, our defenses must develop to meet the challenge. At CIRA, we believe that a layered approach to cybersecurity will prevent these incidents. Cybersecurity layers are urgently needed; no one solution is a silver bullet, and redundancies are needed to protect against the ever-evolving threat landscape.
On the outer perimeter of a layered defense, firewalls are a powerful and cost-effective way of filtering the good traffic from the bad, however on their own they cannot stop every attack.
Anycast is a traffic routing method that can effectively shield organizations from DDoS attacks. This method routes incoming requests to multiple nodes or locations, which helps to distribute the traffic load and mitigate the effects of a potential attack.
Updating your devices and software is crucial to reducing cyber risk, and contrary to popular belief, it is not just an IT matter but an enterprise issue that requires executive-level decisions and enforcement rather than being left to employees’ discretion. The most critical layer is the human layer. Regular cybersecurity awareness training is one of the most impactful ways to decrease your companies’ risks. According to Verizon’s 2022 Data Breaches Investigations Report, 82 per cent of data breaches involved a human element. Advanced defensive technologies can be bypassed by criminals simply by manipulating your employees into giving them access to your most sensitive data, so you must ensure your staff are cybersecurity assets and not liabilities.
Unfortunately, anything claiming to be a simple singular solution to cybersecurity is only simple for criminals to exploit. Your organization’s cybersecurity policies should be intentional, well-considered, well-maintained and designed to guard against the specific threats it is likely to face. Being prepared is crucial as it’s not a matter of if, but when, your organization will face a cyber attack. Adopting a layered approach will help prevent your organization from starring in unwanted headlines.