Why companies are still falling victim to an eight-year-old computer virus
Many businesses are fighting years-old malware.
The vast majority of even the most significant cyberattacks and intrusions by nation states could be stopped if only organisations followed the most basic cybersecurity practices, the director of UK's national Computer Emergency Response Team (CERT-UK) has warned.
Speaking at the Security and Counter Terror Expo in London, Chris Gibson said the biggest security threat remains malware. Many companies are still fighting malware infections which were first released as long as eight years ago -- a fact he described as "enormously depressing".
"We saw 530,000 incidents involving Conficker last year. Conficker is an eight year old virus -- this it not new stuff. It changes, but at the end of the day, as someone who's spent 20 years in information security, this is the point where I hold my head in my hands and think I've failed dismally. This is stuff we should've nailed years ago -- this is not stuff we should still be facing day in, day out," he said.
Gibson described how CERT-UK sees the same pattern of malware infection repeating "time after time, after time, after time". He said almost all security incidents could be eliminated -- or at least their impact reduced -- if basic cybersecurity hygiene techniques were applied.
"80 percent of all attacks -- and that's a conservative estimate -- are preventable through simple mitigation. We look at things like the Cyber Essentials scheme run by the UK government, the ten steps, or all the other fairly simple information security stuff that we see. Many of these problems would be solved by these," he said.
Even the most series incidents reported to CERT-UK, Gibson claimed, "could've been seriously mitigated or it wouldn't have happened with ordinary, proper cyber hygiene [which] we should have been doing 20 years ago".
Gibson said that the damage from some major incidents could've been much less severe if basic cybersecurity procedure had been followed.
"While we talk about a lot of it being very simple, there is bad stuff out there. We work these cases a lot and they're truly difficult to hunt down and to solve," he said.
"But mitigation -- passwords, antivirus, segmenting your network -- things like that would solve a lot of problems, even in these nation state attacks. Because once they get onto the system, they can run riot across the whole network, rather than being stuck in one small bit in a segmented network," he said.