The triggering of Article 50 marks another moment in an uncertain cybersecurity landscape. The start of negotiations could lead to a rise in hacktivism and political phishing, and there are natural concerns around the continued open sharing of threat intelligence. Right now, too many businesses are burying their heads in the sand about the potential implications of this political shift. Here’s how they can stay in control.
1. Rise in hacktivism
The internet is well-known as a place to vent frustration and take revenge. Now, with greater animosity from across Europe post-Brexit, it’s possible that UK firms will face a higher number of cyber-attacks. It’s an issue on the rise, with Gemalto’s latest Breach Level Index showing the number of hacktivist breaches increasing by 31 per cent in 2016.
Government, media, critical infrastructure, and any business which has been vocal about Brexit, whether for or against, should be on particularly high alert; it only takes one individual with a strong political or ideological agenda to cause huge damage. Companies can stay one step ahead of socially minded hackers by managing access to corporate social media accounts and protecting privileged credentials which allow attackers to quietly extend beyond their initial foothold within an organisation.
2. Political phishing
There is a huge amount of confusion around Article 50, including what it means and how we – as consumers and as businesses – need to respond. Cybercriminals prey on uncertainty and Brexit presents a golden opportunity for them to scare us into thinking we must take action. In the month after the EU referendum result, Symantec’s threat intelligence researchers identified a 392 per cent increase in spam emails that used Brexit in the subject line to target people and organisations. Clearly, companies need to be diligent and have appropriate security measures in place.
Article 50 phishing attempts could lead to a successful ransomware attack or allow a cybercriminal to penetrate perimeter defences and set up a base of operation inside the network. The start of Brexit negotiations should therefore act as a timely reminder to educate the workforce on good email practice, such as not opening attachments from people they don’t know, and making sure they have the right security in place to stop attacks from escalating.
3. Open sharing of threat intelligence
Last year, UK businesses reported cybercrime losses of more than £1bn, according to Action Fraud. That was a huge 22 per cent year-on-year increase. Cybercrime is one of the biggest threats we face and international governments, businesses, and the cybersecurity industry must act collectively to stand any chance of combatting it. Theresa May referenced the UK’s security capability as a Brexit negotiating card, while the government’s post-Brexit digital strategy included a strand on cybersecurity.
Both of these serve to highlight the importance of UK intelligence agencies working in coordination with international partner agencies to identify, anticipate and disrupt hostile activities by foreign actors. However, we still need more specific details on how we will make sure we don’t become isolated from Europe post-Brexit. One of the best ways for companies to stay in control is to collaborate across industries, encouraging leaders to share best practice and threat intelligence.
It’s unlikely that cybercrime will skyrocket in the weeks after Article 50 is triggered. However, in the mid to long term there will be some significant security implications, not least in terms of how it will affect our ability to trade with the EU. We have already seen conflicting opinions and concern over whether the UK will abandon general data protection regulation (GDPR) standards post-Brexit. The fact is that, in order to do business with the EU, we will have to adhere to GDPR’s standards and principles.
In this, and in many other areas, adapting to a changing risk landscape must form an important part of all companies’ post-Brexit plans.