Emerging cyber security threats and how to defend against them

With cyber security threats on the rise, Flora Osei (pictured), RSA, Cyber Security Manager, looks at new and emerging dangers and how we can defend against them.

In cyber security’s never-ending cat-and-mouse game with cyber criminals, the threats are always evolving. As part of last month's Cybersecurity Awareness Month, let's take a look at some of the main attack channels:

• AI-powered deception – although artificial intelligence (AI) provides many benefits to the workplace and our personal lives, cyber criminals are also exploiting AI to deceive systems and evade detection. This will be accomplished through disinformation, fake content, bias exploitation and data poisoning.
• Supply chain gambits – this refers to strategic moves or actions taken by cyber criminals to exploit vulnerabilities within a company’s supply chain. They do this by manipulating or infiltrating this interconnected chain of suppliers and partners to gain unauthorised access, steal data, disrupt operations or introduce malicious software.
• Zero-day intricacies – in simple terms, a zero day is a vulnerability or security hole that is not known to any software developers or the public. Meaning if a cyber criminal finds out about this first, it is a hidden trapdoor for them to take advantage of and pose unpredictable risks
• ‘IoT’ vulnerabilities – Internet of Things (IoT) devices are physical objects that are connected to the internet and can collect and exchange data with other devices or systems. For example: smart thermostats, fitness trackers, smart fridges and even some vehicles. It’s a veritable minefield of data for hackers who can breach unpatched smart devices to gather sensitive data, move around the network, spoof high-profile individuals, and cause untold harm.
• The Cloud – as organisations migrate to this dynamic environment to store and share their company data, this presents a huge opportunity for cyber criminals to steal, manipulate or interrupt the flow of that data.

When it comes to prevention of future and present cyber threats here at RSA, the recurring theme we've shared in all of our cyber security awareness communications is awareness and action.

• We're helping to raise awareness through communications and learning.
• We all need to take action by being vigilant and reporting anything that doesn’t look or feel right. We also need to ensure all software updates are acted on immediately to help bolster our cyber defences.