While we took in compelling talks from the likes of Oracle on how its technology powers Red Bull Racing, we attended with our cyber hats firmly on. The constantly shifting nature of the cyber landscape presents a particular challenge for comms professionals, so hearing the latest insights from industry leaders is invaluable.
One of these was Bharat Mistry from Trend Micro, who truly hit home on the professionalism of modern cyber gangs with the growth of ransomware-as-a-service. Many of these groups, such as the Conti ransomware family that seemingly retired recently, are run in much the same way as a legitimate corporation might be. They have their own C-Suite, pay their hackers a monthly salary, and even offer performance reviews, career progression and bonuses.
Cybercriminals are increasingly working together too, and ransomware-as-a-service runs on an affiliate model that may be more reminiscent of a traditional enterprise. One affiliate will write the core software, another will handle distribution, others will carry out the attack itself, and the rewards are distributed amongst the network. We’ve even seen examples of mergers and acquisitions amongst gangs, with Conti paying for ownership of the TrickBot software after being long-time partners in crime.
Combine this with the cutting-edge artificial intelligence and machine learning tools at their disposal, and it’s clear that cyber security professionals and intelligence agencies are dealing with a complex and organised adversary.
In cyber security, hackers and the entities that try to thwart them are often painted with a broad ‘good vs. evil’ brush, but in a world with white hat hackers and bug bounties, the story is often more complex. Mistry touched on how the low risk/high reward nature of cybercrime is luring in impressionable young people. This means there is a clear role for comms in positioning a cyber security career as a more attractive choice to those with talent.
The potential implications of this complex threat landscape were expanded upon by another speaker, Simon Chassar from Claroty, a company specialising in industrial cyber security. As Simon explained, much critical infrastructure still runs on firmware and operating systems that are several versions old, which increases the risk of attackers exploiting known vulnerabilities.
In fact, many industrial systems were built long before so much of our daily lives became connected to the Internet, and this made them incredibly secure, barring a physical attack. Still, as facilities were brought into the 21st century and connected via networks, this introduced an attractive new attack surface for would-be cyber attackers.
The strategic importance of critical infrastructure and industrial systems also places them squarely in the crosshairs of bad actors looking to disrupt for geopolitical gain, as we saw with attacks on Ukraine’s power grid several years ago. Government agencies worldwide are investing vast amounts of time and money into ensuring that their country isn’t next.
At Brands2Life, we’re lucky enough to work with some of the most pioneering cyber security gurus from the UK and further afield; companies at the forefront of keeping organisations and critical infrastructure secure.
As PRWeek’s Number 1 Tech Agency in the UK, we’re acutely conscious of the important role this sector plays and will play over the coming years. The challenge and its importance must be communicated correctly and compellingly to the business world and the wider public. If you’d like to talk to us about how we can put our BETTER STORIES BIGGER IMPACT approach to work for you, get in touch!