- Fifth annual cyber briefing explores Artificial Intelligence and ransomware attacks
- Threat level is evolving due to fragmentation of the cyber criminal landscape
- Energy and finance are among key sectors represented at Belfast business event
As part of a week-long programme of events marking CyberNI Week, Pinsent Masons presented its fifth annual Cyber Report in Belfast today (5 March), where delegates from the energy, financial, transport and housing sectors heard about the threats handled by the international law firm’s specialist UK cyber team in the last year, and the scams that could emerge this year.
Entitled ‘Cybersecurity Landscape, Risks and Challenges’, the detailed report was delivered at a breakfast briefing chaired by Laura Gillespie, a partner at Pinsent Masons who leads the cyber team in Northern Ireland, who said: “It has been clear that the sophistication and volume of ransomware attacks has increased over the last 12 months; clients are responding, however, by doubling down their efforts in developing cyber readiness programmes.”
Ransomware incidents accounted for the majority of the incidents the team handled, totalling 58% of all incidents. Those targeted by cyber criminals ranged from small and medium enterprises to multi-national companies with a global footprint.
Businesses operating in the financial sector were the most frequently targeted; they accounted for 40% of breaches and tend to be targeted because they hold a wealth of monetizable data and information. In 43% of confirmed cases, criminals were successful in extracting sensitive data which can then be sold on the dark web or used directly to commit identity or financial fraud.
The new report from Pinsent Masons also alerted businesses to the fragmentation of threat actor groups, or some operating what is essentially a franchise model. The effect of this on victims is that it can be difficult to attribute an incident to a specific group, and therefore make it challenging to rely on threat intelligence.
Delegates were told the emergence of new technologies such as AI is not all bad news as it can have various benefits, including detecting cyber-attack techniques by analysing the data and structure of malware attacks, and identifying e-mails with rogue traits.
Tightening regulation as part of the EU Network and Information Systems Directive that must become national law by October is intended to deliver a high, common level of cybersecurity to help companies protect the IT infrastructure and prevent external attacks.
One key aspect of this is increasing accountability and liability of those people working at management level. However, uncertainties remain in the UK, with little progress made with the proposed changes to the UK’s NIS Regulations, and no changes referenced during the King’s Speech last year.
Pinsent Masons currently has a 25-strong Cyber team in the UK supported by colleagues across its global network. For more information, visit www.pinsentmasons.com/topics/data-protection-privacy#2.