2021 has marked the 25th anniversary of GlobalSign and what better opportunity is there than now to take a look back at our own journey and some of the changes that have influenced the cybersecurity industry over the past quarter century.
Read about a few of the milestones that have significantly changed the way we navigate and protect ourselves online, and then head over to YouTube to watch our GlobalSign 25th Anniversary video.
Evolution of Threats
Ransomware, deepfakes and malware. Cybersecurity threats come in all shapes and forms and are cause for concern for any organization. While many years ago attacks started off as disruptive and frustrating nuisances, hackers have become more dynamic and aggressive in stealing crucial data and unlawfully gaining access to millions and millions of dollars. Some of the most unforgettable attacks being the widespread CryptoLocker outbreak in 2014 or the attack on Kaseya earlier this year. With attackers taking a more professional approach over the years, the defense front has also gotten more intelligent, and many companies are now learning how to protect themselves from malicious threats. New introductions of cybersecurity standards and regulations, such as eIDAS which was established in 2014 and the NAESB compliance, formed in 2002, have played an important role in tightening the safety net for many organizations.
Since the 1990s, emails had become the common form of wide-spread communication for businesses. While it entirely transformed interactions, it also became an easy gateway for viruses and threats. A spear-phishing campaign in 2015 targeting IT staff from various electricity distribution companies throughout the Ukraine delivered a malicious email attachment and a program called BlackEnergy3 infected their machines and opened a backdoor to the hackers. This attack on the Ukrainian power grid left approximately 225,000 residents in the dark and is still considered one of the worst intrusions ever. While emails have enabled us to efficiently communicate and share information, a simple click of a button can lead to a devastating outcome. Over time the introduction of methods, such as S/MIME to secure emails, which roots back to 2002 and digitally signing emails have helped counter phishing attacks, but these are still a wide-spread intrusion to be looking out for.
Just over 17 years ago, Facebook was introduced followed by Twitter in 2006 and Instagram in 2010. Since serving as platforms to share an insight into our daily lives with family and friends, social media networks have become an easily accessible host for a vast pool of personal data. Hackers that were initially interested in stealing money by accessing networks and devices from organizations, now additionally have found an opportunity to target individuals – all based on the data found on social media. The personal data can be used to create more targeted phishing scams or simply take necessary information to collate them among other entries to be sold online to the highest paying cyber-criminal. Therefore, it is very important to protect yourself by ensuring that your privacy and security settings are up to date and to use Multi-factor authentication (MFA) and strong passwords to add an extra layer of security to account logins.
Data privacy has an impact on all our business procedures, from planning corporate policies to safeguarding employees’ personal information. The 25th of May 2018 will be a day that many of us won’t forget – the day on which GDPR (General Data Protection Regulation) officially became a law. The GDPR regulation outlines the specific data protection requirements that organizations must adhere to, which ultimately gives people the control of how their data is processed and describes the tough measures that businesses will face if they do not comply. The impact of GDPR has been felt around the world and not just in the European Union. Changes are constantly happening to ensure compliance and more than 3 years later it is safe to say that many data protection adjustments are still being implemented.
Covid-19 Pandemic and Remote Working
With the Covid-19 outbreak in early 2020 the entire world went into lockdown and also shifted to mostly remote workforces. This sudden change and response to the Covid crisis became the new way for cybercriminals to get a foothold in sensitive systems. Organizations had to identify areas of weak points in their networks and expand on their existing cybersecurity efforts. Training their staff remotely on cyber threats and working more closely with trained cybersecurity professionals became the new normality. Investing in tools and solutions that keep the organizations safe at all times, became the priority when setting up new business plans. If cybersecurity had not already been on the forefront of operations for businesses around the world, the pandemic certainly helped with setting the tone.
These are just a small portion of the various changes that influenced the cybersecurity industry over the past 25 years, and we hear of new regulations and technologies coming into effect as well as new attacks occurring on a regular basis. Whatever the future holds, one thing is for sure – threats and hackers will continue to adapt to changes, but so will the cybersecurity industry.
To learn more about GlobalSign’s journey in the PKI industry, please have a look at our 25th anniversary infographic.