Airmic 2021: Beware the cyber insider threat

This is according to Joseph Buckley, associated director at Control Risks, who was speaking on a panel at the Airmic Conference 2021.

While the Tesla attack was thwarted, it is nevertheless a concern for organisations, which need to think about both the human and technology issues surrounding cyber security.

“What was primarily a virtual threat is becoming a physical risk in the insider space,” said Buckley.

The fact ransomware has proven so lucrative for malicious actors has offered the resources to explore new vectors for attack, including targeting insiders and IT supply chains, he noted.

Instances of ransomware have increased 20% in comparison to other cyber threats. Meanwhile the cost of remediation is increasing, and the average downtime is 23 days, causing a massive impact to businesses.

Average ransom payments are also increasing, with currently an average pay out of $300,000 per ransom. The proportion of victims willing to pay ransoms in an attempt to quickly restore their systems ranges from 10% in the UK to as much as 50% in the US, said Buckley.

“The criminals are getting richer, and this is driving cyber crime and the development of new tools and techniques, including the increased targeting of IT supply chain companies.”

“That revenue is being used to open new vectors”

His advice? Understand what your key assets are - both IT and physical - and where the threat may arise. Ask, who is likely to target those assets and why?

“Prepare for the worst and understand how this will happen from a scenario perspective,” said Buckley.

“Decide: Are we prepared to pay a criminal organisation? And can we turn our financial resources into bitcoin? Plan and exercise for this to happen.”