Saga Cibernética

The hype surrounding generative AI tools is understandable. However, there's another, potentially even more seismic technological shift taking shape: the rise of quantum computing.  

For many of us, quantum computing sounds like something from science fiction. In this week’s Cyber Series, Martin Nikel, Director of eDiscovery and Litigation Support, explains that what was once an impossible future is already here, and it’s time to start preparing for both the advantages quantum computing will bring and the risks it will pose to our digital security.

This week, we present some of the stories our cyber experts were willing and able to share about their experiences. And these stories have everything – from pre-dawn flights to undisclosed locations and a CTO who had the worst-ever first day back at work after a holiday. (Spoiler alert – he was arrested.) 

An early alarm, coffee, gardening, a good book, then more coffee and gardening. In between, our cyber governance, risk and compliance director also finds time to get a lot of work done. Follow him down the garden path for a closer look at his typical workday (and to see how the spring bulbs are doing). 

The big news in cyber security in March was all about China, as the UK took the extraordinary step of explicitly naming Chinese state-affiliated organisations and individuals that it alleges are responsible for malicious cyber campaigns against a group of its MPs.

In his review of the key cyber events of the last month, Stephen Green, Threat Intelligence Lead, explains why the UK is not alone in its concerns about Chinese interference and looks at what else kept cyber security experts busy.

Is one of your trusted colleagues a threat to your organisation? For that matter, are you?

There are many reasons why someone with legitimate access to an organisation’s networks and data could become a threat and trigger an ‘insider event’. Perhaps they unwittingly fall for the latest AI-powered phishing scam. Maybe they’re an opportunist looking for career advancement or financial gain. They may even simply make a mistake and deliver information into the wrong hands.

Alistair Purdy explores recent cases of inside actors – both malicious and well-intentioned – and how organisations can prepare for dealing with insider threats and events.

As a group, “hackers” don’t have a great reputation. But there is another kind of hacker – a penetration tester. These security experts work to help organisations improve their defences by identifying weak spots so they can be fixed before threat actors find them. Our resident pen tester describes a typical day in the life of “a hacker who helps.”

The damage caused by cyber crime is often financial or operational in nature. Now, alarmingly, we also know that, by targeting critical infrastructure, threat actors can have a devastating impact on our environment, and our health and wellbeing.

Wastewater and water supply plants are a new focus for cyber attacks, with a reported shift from insider threats to external adversaries. James Thoburn and Alistair Purdy explain the various reasons for why that is, and what wider lessons can be learned by providers of other critical infrastructure services. 

Threat actors never let us have a quiet month, but February was even wilder than usual.

Operation Cronos, a joint effort by the UK’s National Crime Agency and the US FBI, scored a rare and significant victory against the LockBit gang. The celebrations did not last long, as LockBit were back on a different site within days, but even so it has damaged the group’s reputation and will have sparked panic in the ranks.

The other February cyber headlines were dominated by the supply chain breach of Bank of America, and the ALPHV (aka BlackCat, aka Noberus) attack on Prudential Financial.

But which one of these stories is beginning to look like fake news? 

Air Canada recently lost the argument that its website’s chatbot was a “separate legal entity.” The chatbot gave a passenger misleading details about refunds, despite the correct information being available elsewhere on the site.

This got Martin Nikel, our director of eDiscovery and legal disclosure, thinking about what organisations need to be aware of before rushing to embrace AI in the workplace. Of course, many organisations are using it already, whether they know it or not...

Do you know what your people are using their work devices to experiment with?

As more of the world’s economies adopt digitalisation, the hunting grounds for threat actors grow larger and the number of cyber attacks increases. The difficulty lies in trying to quantify the amount of damage that these attacks cause.

The first report from Thomas Murray's Analytics Lab that seeks to do just that. Calculating the cost of cyber attacks: An economic analysis of the worldwide impact represents the first step in overcoming a frustrating lack of data when it comes to the economic impact of cyber crime.

This article provides an overview of the team’s groundbreaking approach and a summary of its fascinating initial findings. Discover more about their innovative approach to measuring one of the greatest challenges to global economic growth.