Cyber Attack Alert: The Invisible Enemy Could be Sitting Next to YouIT Risk & Cyber Risk | 3 Min Read |25 May 22|by Richard Rivett
While cyber attacks remain the plague of the modern corporate world, there are historical similarities that date back to a pre-computer era.
In 1988, Cornell University graduate Robert Morris was the first person to be successfully charged under the Computer Fraud and Abuse Act. It could however be argued that the first actual cyber-attack was launched over 150 years earlier by French brothers François and Joseph Blanc.
In the 1830’s the equivalent of the internet was the telegraph. This used semaphore to deliver vital government communications as well as share prices from the Paris Stock Exchange.
The brothers hatched a plan to ‘front run’ the markets by hiring an agent in Paris to deliver coded messages disguised as packages to the telegraph operators. If the paper wrapping was white, the market had gone up, if the wrapping was grey then the market had moved down. They bribed telegraph operators to send messages based on the colour of the wrapping. The messages were disguised as deliberate errors that would be disregarded by operators. The brothers hired an agent who understood what an ‘error’ signal looked like. He sat on an adjacent hill and read the signals as they came in revealing the market news.
The brothers exploited the markets for 2 years and made a significant sum of money. When the scam was exposed, they were arrested for bribery. Back then, France had no laws against the misuse of a telegraph system, and they were only forced to pay court costs. This meant they got to keep their ill-gotten gains.
I know what you’re thinking…but, I can confirm that this loophole was rapidly closed!
We are still faced with the same issue even with modern advances in technology. There are still those who are willing to exploit others for their own gain. Organizations and legislature are lagging the curve and stuck in a constant battle of catch-up.
In 2021, Gartner forecasted that spending on Security and Risk Management would exceed US$150 billion. This is a drop in the ocean considering the cost of cyber-crime is estimated to have breached the US$1 trillion mark. Yet despite this, technology phishing attacks remain the most common hacking technique.
Building Cyber Resilience with CyberGRC
Ensuring organizations stay ahead requires proactive risk assessment, mitigation, and monitoring of IT and cyber risks, threats, and vulnerabilities, across various IT compliance requirements. MetricStream’s CyberGRC solution can streamline cybersecurity efforts to actively manage cyber risk and support cyber resilience.
Built as an intelligent, intuitive, and interconnected program, CyberGRC enables your organization to:
- Harmonise controls across multiple IT regulations and frameworks, improving compliance and saving effort and costs
- Quantify your cyber risk in monetary terms to analyse and communicate risk and better prioritise cyber investments
- Automate continuous control monitoring, enabling you to collect evidence of security control effectiveness
- Collate data from across the enterprise, including third and fourth-party vendors, which can then be transformed into actionable business intelligence to support data-driven decision-making
- Correlate vulnerabilities with IT assets, and prioritize remediation efforts based on the highest levels of threats leading to improved efficiency and increased assurance from your tech partners
Although your cyber risk and security tools may be sophisticated, phishing requires one simple lever - the ignorance of human beings. There are many different risk factors to manage, minimize, and protect against. It does make you think - could the invisible enemy be sitting next to you?
Want to learn more on how you can build your organization’s cyber resilience? Request a demo now.
Check out more resources related to cybersecurity: