The 6th e-Crime & Cybersecurity Spain
Online, 17th November 2020
More data, more connectivity, digital currencies, and finally, true digital transformation: how do we make it all safe?
Spain was one of the countries in which the WannaCry ransomware infections were first spotted in May 2017 and the country remains a favoured target for cybercriminals. Over the past 10 months Spain has been repeatedly targeted, with ransomware the most common problem.
In early November 2019 a variant of the BitPaymer ransomware hit Spanish broadcaster Cadena SER and tech services firm Everis. Other companies - including Spanish airport operator Aena - took down some of their services as a precautionary measure. And on November 27, security firm Prosegur, which runs six SOCs among other services, confirmed that it had been hit by the Ryuk ransomware.
This year, hackers have used the COVID-19 pandemic as cover to launch more attacks on CNI. In March, the Policía Nacional issued a warning that the "entire computer system of Spain's hospitals" was being targeted in an email campaign incorporating Netwalker ransomware directed at Spanish healthcare workers.
Most recently, in late July, the state-owned railway infrastructure manager ADIF was hit by REvil ransomware, with hackers claiming to have taken 800GB of data including correspondence and contracts.
These attacks illustrate the key problem facing CISOs and their fellow cyber-professionals: for hackers, the current environment is just another situation to be exploited with their favoured tools. For CISOs, it is still an unfamiliar and evolving landscape of hybrid working, scattered technology and scattered people, combined with a COVID-driven acceleration of digital transformation programmes.
Managing this mix requires more than a tactical IT approach to cybersecurity. Companies will be increasingly forced to adopt a broader risk management approach, starting with an evaluation of where the most significant business risks arise from their IT estate.
As for what those risks are - according to Verizon's DBIR, Cloud assets were involved in 24% of breaches this year, with applications a key issue. 40+% of those breaches came from web apps, rapidly overtaking desktop as the top source of breach. Third-party vendors present a real and growing threat to organisations.
Asset management is still a problem. The DBIR also shows that half of all companies are present on seven or more networks. Getting visibility into your entire asset footprint and understanding your extended attack surface is crucial.
The 6th e-Crime & Cybersecurity Spain will take place online and will look at how cybersecurity teams, risk management functions and boards are tackling these issues. As digitalisation goes critical, is this finally the moment at which traditional cybersecurity management has to change?