Cyber security is a pressing issue for businesses in every industry. A cyber attack can cause serious problems for both large and small organizations. Customer data can be stolen, services can be severely disrupted and consumer trust can be compromised
According to Forbes, 2021 saw 50% more weekly cyber attacks on corporate networks than in 2020. The Allianz Risk Barometer currently identifies cyber incidents as the number one threat to global businesses in 2022 - ranking above business interruption, natural catastrophes and even the COVID pandemic.
We recently sat down with Davide Del Vecchio, our Cyber Security Director, to discuss how Deltatre works to protect clients from cyber incidents.
What is the most common cyber security threat that the sports, media and entertainment industry faces?
Davide outlined the current state of the cyber security landscape, identifying some of the most frequent tactics deployed by cyber criminals:
“Cyber criminals have automated attacks, so they now basically attack everyone all the time. This is why the attacks that companies in the sport, media and entertainment sectors face against their digital platforms are no different from the attacks that most of the websites on the internet get.”
“Probably the most common cyber-attack is brute-force attacks - a kind of attack where cybercriminals scan the whole internet for open services (with an authentication like SSH or RDP) and then try to authenticate by using dictionaries of common passwords.”
Attacks can also be targeted against specific websites within a certain timeframe (i.e. DDoS attacks). These attacks aim to consume the resources or bandwidth of the target to disrupt their regular services.
Davide also reiterated the dangers posed by ransomware:
“Another example is ransomware, which most of the time is an “opportunistic” attack, meaning cyber criminals will try to benefit from weak targets that they find on the internet.”
“Once they’re in (usually thanks to phishing or unpatched known vulnerabilities) they will deploy a malware which encrypts data and ask for a ransom in cryptocurrencies in exchange for the encryption key.”
How is a new attack commonly identified by a cyber security team?
Many common cyber attacks are automatically identified and blocked by security technologies. However, it’s important to continuously improve and enhance these solutions, as Davide explained:
“Due to automated attacks, we have thousands of attacks every second on every server or device that is connected to the internet. Once they’re in, it’s just a question of minutes or seconds.”
“Therefore, most of our time is spent engineering technologies that automatically identify and block attacks in the shortest timeframe possible.”
How can a ransomware threat be disassembled?
“Cyber criminals first try to find a way to get inside the network of the victim. They do it by searching for an easy target - criminals will scan the whole internet, 24 hours a day, to find known vulnerabilities.”
Once cyber criminals breach the target network, they’ll perform what’s known as ‘lateral movement’ to access more endpoints, servers or databases. The goal is to compromise the systems that contain data or the services that are critical for the business.
Davide then explained the third step of the process — the encryption of the data.
“They leave a ransom note asking for a certain amount of money in cryptocurrencies in exchange for the decryption key.”
A successful ransomware attack can leave organizations in a very precarious situation, with crucial data being stolen or key services being disrupted. This is why effective security technology is a worthwhile investment for any business in the sports industry.
How can companies prepare themselves to avoid an attack?
Davide noted that there isn’t a single solution for successful cyber security. A series of actions are required to keep clients safe and secure.
“Avoiding clicking on suspicious links, for example, is something everyone should do. Developers should try to introduce the minimum possible number of vulnerabilities in their code, and DevOps should configure and update services properly.”
“We must also not forget the customer risk appetite. We need to remember that the final decision on cyber security is always in the hands of the customer, but we’re here to help them to assess their risk and find the best balance with appropriate security solutions.”
This is why Deltatre is working hard to embed security checks in every step of client projects - from the initial idea to the final launch. Maintaining and updating these security solutions is an ongoing priority.
Cyber security attacks are increasing every year. Can we expect this to continue? What do you see as the next major threat?
As long as new technology continues to appear, criminal cyber attacks will follow suit.
“One of the emerging threats will probably be embedded systems, and all the systems that are now incorporating ‘smart’ features.”
“Cars, cameras, locks - everything is getting connected. But to be honest, these systems aren’t always very ‘smart’ and certainly aren’t secure.”
New forms of consumer and business technology will always open up opportunities for criminal activity. That’s why cyber security solutions also need to constantly develop and anticipate new threats.
What are some of the most exciting technologies available to cyber security professionals? How can they combat threats in the sport, media and entertainment sector?
“At the moment, the most exciting technologies are the ones capable of working with large amounts of data. These technologies can automatically learn from attacks and can defend against unknown vulnerabilities.”
Davide also emphasized his passion for working alongside humans in the cyber security space - not just machines and data systems.
“While with computers and code the same kind of answers will solve the same kind of problems, with humans it’s not the case. You need to think outside of the box to find a solution.”
Cyber security is an extremely dynamic industry. The potential dangers and solutions are constantly changing and evolving. Working closely with clients to understand their businesses, and the threats they face, is vital to creating effective security measures.