A cyber detective’s guide to cyberattacks

Jon Blake is the director of cyber investigations and intelligence with platinum3p, a consultancy firm that provides solutions to support organisations in their endeavours to prevent terrorism and crime. In this guide to cyberattacks, he discusses cybersecurity and what boards need to keep in mind when dealing with the clear and present dangers.

Jon Blake has over twenty-eight years of detective experience as an investigator and covert intelligence operative with the Metropolitan Police Service, New Scotland Yard, London. He specialises in Internet and cybercrime investigation, covert investigations and risk. He retired from the police service in 2014 with an exemplary service record.

He has provided cyber and Internet investigation training and consultancy in over 32 countries, representing organisations such as the UN, the Foreign and Commonwealth Office and private sector firms.

Jon is a sought after speaker and trainer, and he lectures in cyber security, risk and investigation at Gloucestershire University and the British University in Egypt.

• Organisations of all sizes face threats from cybercrime. The current biggest threats facing companies today include
• The elements that make an organisation vulnerable to a cyber attack are varied, but the biggest ‘weak spot’ in every organisation is its people.
• If you sit on a board, the questions should you ask the executive team include what’s happening now, what are the risks, what are the risks and what will it take to fight them.
• Ransomware is a widespread form of cyberattack. As a board member, you need to be of the view that a ransomware attack is imminent. You must be prepared and have a policy and strategy to respond to such an attack. Having a clear understanding of the roles people must play is essential. It would help if you had an incident response plan. Preparation and planning are crucial. It doesn’t matter how small or big your business is. The effect of a ransomware attack is the same; you won’t be able to continue doing business.
• Like any sector, the cybercrime industry appears to be getting more robust and more sophisticated. Where all this heading is anyone’s guess, but organisations must recognise that it is a case of when they will be attacked, not if they will be attacked.
• Rogue nations can use giant social media firms to undermine western democracies. What else are they capable of doing? The fact is they are capable of anything. To encourage cybersecurity experts to join your organisation, you need to show them you are valued.
• Criminals are moving into cyber activity because the money to be made is significant, the chances of getting caught are low, and they can easily move across international borders.
• To counter the rise in cybercrime, organisations are learning to operate more securely. Universities are also investing in cybersecurity courses and cybercrime investigation programmes, resulting in more cybersecurity professionals coming onto the market.
• It’s not all bad news. Organisations need to pick up the pace at the board level and focus on effective investment in cybersecurity. Cybersecurity is about education, testing responses, having trigger plans and policies and investing to ensure you can respond when an attack happens. Most cyber-attacks are reversible with proper planning and investment.