Today’s cyber threat landscape impacts everyone and, in my presentation at ISW 2017 France in Paris last week, I explained its potential impact on the elections. Last year, we saw security experts warn that a cyber attack could sabotage the US election and, more recently, France's election campaign watchdog has said it is investigating a ‘massive’ attack targeting Emmanuel Macron after documents were leaked online the night before the presidential election.
Now concerns have extended to the UK, with the General Election taking place today. Attention has turned towards the danger of cyber criminals or state actors hacking into electronic voting systems or communications among political parties, or even candidates hacking voting data.
Phishing, for example, has become serious business for cyber criminals. Attacks are launched at all organisations – including government – and there are no signs of them slowing down. As reported in April, our 2017 Global Threat Intelligence Report (GTIR) found that such attacks were responsible for 73% of malware delivered to organisations. Furthermore, over 60% of recent NTT Security incident response engagements were initiated to help organisations manage phishing attacks. Ransomware is evolving too, with the large-scale WannaCry attack acting as a stark reminder that a comprehensive approach to cybersecurity is crucial for business resilience.
With an increase in phishing and ransomware attacks, it has never been so important for governments and indeed other organisations to apply the basic security measures. This includes:
- Awareness: verification, detection of strange behaviours
- Assessment: vulnerability management, penetration testing, risk assessment
- Technology: get the best you can, apply updates and review performance
Threat intelligence is also critical in mitigating the chances of a cyber attack during an election campaign. It provides actionable and detailed insight, reducing risk for organisations. Our Global Threat Intelligence Center (GTIC) does just that – it focuses on comprehensive threat intelligence that proactively identifies and stops global threats, contextualises information in our Managed Security Services and enables incident response capabilities to quickly respond to targeted attacks.
If you missed my presentation at ISW, you can find out more about our GTIC and threat intelligence capabilities here: www.nttsecurity.com/en/who-we-are/threat-intelligence/gtic/.