Computerworld.pl 7 hot trends in cybersecurity (and 2 that are becoming a thing of the past)

After two years of a pandemic, it is no exaggeration to say that COVID-19 has affected every aspect of our personal and professional lives. When it comes to corporate security trends, the pandemic has changed the rules of the game.

Millions of employees now access corporate networks or cloud-based resources over home Wi-Fi networks. IT employees troubleshoot mission-critical systems through remote access. Supply chains are bursting under pressure. And bad people don't waste time exploiting these potential weaknesses.

Also check:

Here are the hot and less hot security trends for 2022 - a year in which unfortunately the scope and sophistication of attacks will only get worse.

9 hot (and not) cybersecurity trends:

Hot - Ransomware

Hot - Cryptomining / Cryptojacking

Hot - deep fakes deep fake

Hot - attacks on videoconferencing

Cold - VPNs

Hot - IoT and OT attacks

Hot - Supply Chain Attacks

Hot - XDR

Cold - Passwords

Hot: Ransomware won't go away

Ransomware attacks are on the rise and show no signs of slowing down, according to cybersecurity executive Shira Rubinoff. “These attacks have risen sharply and will continue to grow - largely due to the pandemic, as we see tremendous online growth and an increasing number of digital environments. The move to work from home made organizations work hard to strengthen their position in cybersecurity. " Now, organizations need to deal with multitasking employees both professionally and personally, using multiple devices in an environment that may or may not be safe. Rubinoff also recommends that organizations focus on implementing cyber-hygiene, including training and education for the entire organization, to help reduce phishing attacks. He adds that organizations should be proactive in securing data and should consider implementing a zero-trust security model.

Key numbers: The threat of new ransomware models is a major concern among executives, according to Gartner's latest Emerging Risks Monitor report. According to the Verizon Data Breach Investigations Report, the incidence of ransomware doubled in 2021. About 37% of global organizations said they fell victim to some form of ransomware attack in 2021, according to IDC's 2021 Ransomware Study.

Computerworld.pl 7 gorących trendów w cyberbezpieczeństwie (i 2, które odchodzą do lamusa)

Hot: intensification of cryptomining / cryptojacking

Cryptojacking, the less flashy cousin of ransomware, occurs when attackers use ransomware-style phishing attacks to break into an organization to mine cryptocurrency using the organization's computing resources. One of the benefits for an attacker is that he can go undetected for a long time. Since no ransom was requested and no personally identifiable information was stolen, companies do not need to disclose that they have been hacked. This makes it difficult to quantify the cost of a break-in, as the damage can include loss of computing power, slowness in performance, and higher electricity bills. However, as cryptocurrencies gain value, there is a greater incentive for attackers to commit cryptojacking. The final payout consists of a reward (in cryptocurrency) for being the first to approve a new block of transactions. "I don't know if organizations focus so much on it because it's less noticeable than ransomware," says Frank Dickson, an IDC analyst. He points out that cryptojacking is a growing and serious security threat as it "is basically a backdoor to an organization" that can be sold to other people wishing to launch ransomware or other types of attacks.

Key Figures: Sonic Wall reported a 21% increase in cryptojacking attacks in Q3 2021, with a whopping 461% jump across Europe.

Hot: deepfakes become a weapon

Deepfakes (Photoshop on steroids) will become a hot security issue this year and beyond, says cybersecurity consultant Dr. Magda Chelly. Until now, deepfakes have mainly been seen in the entertainment realm, with crafted videos showing the face morphing of one actor into another. Or politicians who say things on video that they never clearly said. Chelly predicts the attackers will use deepfake technology to break biometric access controls by counterfeiting someone's face. The use of AI-based deepfakes has many other sinister possibilities in the corporate sphere. There has already been a case in which fraudsters impersonated the CEO and tricked their subordinate into transferring a large sum of money to a fake account. In addition to the scam, the attacker could create a video of the CEO or other board member doing something compromising or illegal and use deepfake for blackmail purposes.

Key Figures: "Based on the hacker chat we tracked on the darknet, we noticed that deepfake traffic has increased 43% from 2019," says Alon Arvatz, senior director of product management at IntSights, Rapid7 Company.

Hot: Attacks against conference software

As the pandemic shows no signs of slowing down, many workers stay at home communicating with co-workers via teleconferencing and videoconferencing software. James Globe, vice president of operations for the Center for Internet Security (CIS), says attacks against these services will continue to be a problem. He believes that organizations must adopt formal corporate policies and procedures that employees will follow to counter threats that attempt to eavesdrop on conversations and view presentations that may contain confidential information. Globe also recommends that organizations take steps such as clearing invite lists, securing password, sending passwords in a separate message from the invitation to the meeting, manual admission of participants by the moderator and blocking the meeting after its start.

Key Figures: Over 30% of companies reported an attack on their videoconferencing systems in 2021, according to the Acronis Cyber ​​Readiness Report.

Cold: VPNs are a thing of the past

The pandemic has placed an emphasis on secure remote access for home workers, exposing the shortcomings of traditional VPNs. It is not as secure, is complex to manage, does not provide a good user experience, and is part of the old perimeter security model. "It's not that we're throwing VPNs away," says Dickson, "but when we think about ways to secure remote workers, VPNs aren't what we want. We prefer a zero-trust remote access solution. ”

VPNs provide a secure tunnel between the remote user and enterprise resources, but VPN technology cannot tell if the connecting device is already infected or if someone is using stolen credentials; it does not provide application layer security and cannot provide role-based access control when the user connects to the network. Zero trust solves all these problems.

Key Figures: Gartner predicts that by 2023, 60% of enterprises will be gradually shifting away from remote VPN access to zero trust network access.

Hot topic: Attacks on IoT and OT

Chelly says attacks on Internet of Things (IoT) and Operational Technology (OT) infrastructure will flare up in 2022 and will target a variety of targets including critical infrastructure, traditional manufacturing facilities and even smart home networks.

Attackers will target industrial sensors to cause physical damage that could stop assembly lines or disrupt service provision, Chelly said. The pandemic has increased the prevalence of employees managing these systems via remote access, which is "a very good entry point for cybercriminals".

Chelly predicts the attackers will also launch ransomware attacks that will lock the smart door lock or the homeowner's smart thermostat. In this scenario, the attacker is likely to target the vendor who supplies the smart home technology.

Key Figures: According to one experiment in which testers created a home network and monitored it for attacks, more than 12,000 intrusion attempts were recorded in one week.

Hot: Supply Chain Attacks

The supply chain is only as strong as its weakest link, and this is how hackers attack valuable targets. The most infamous hack in recent times was the SolarWinds attack, a supply chain attack in which hackers used a flaw in SolarWinds network monitoring software to break into hundreds of companies.

The Globe says attacks against supply chains will remain a hot topic. It recommends that organizations pay special attention to third parties, partners, contractors, managed service providers, and cloud service providers. You should insist that these entities demonstrate that their security practices are sound and make sure that they continuously check that these organizations adhere to their security policies.

Key Figures: According to Forrester, 55% of security professionals reported that their organization had experienced a supply chain or external vendor incident or breach in the past 12 months.

Hot: Extended Detection and Response (XDR)

Extended Detection and Response (XDR) is a relatively new approach to threat detection and response that tries to break through security silos and provide a cloud-based service that spans multiple security-related data streams. XDR uses the power of cloud-based big data analytics to make sense of data coming from endpoint protection agents, email security, identity and access management, network management, cloud security, threat intelligence, threat hunting, etc.

Dickson argues that XDR is less product specific and more about building a platform that can integrate the capabilities of multiple security tools to analyze a potential security threat in context.

Key Figures: According to Gartner, up to 40% of end-user organizations will use CDRs by the end of 2027.

Cold: Passwords

It has long been known that passwords are a weak form of security, but the industry has been slowly introducing alternatives - until now. Thanks to the FIDO Alliance, Microsoft Hello, and strong pressure from industry tycoons like Apple and Google, biometric-based authentication (fingerprints or facial recognition) without passwords is growing in popularity. Dickson recommends that organizations "eliminate passwords whenever possible". It adds that completely passwordless solutions are preferred over two-factor authentication schemes that rely on passwords for one factor.

Key Figures: According to the latest Verizon Data Breach Report, 80% of data breaches are the result of wrong or reused passwords.

Source: CSO