As we enter the second year of the pandemic, it is no exaggeration to say that COVID-19 has affected every aspect of our personal and professional lives. When it comes to corporate security trends, the pandemic has changed the rules of the game.
Millions of employees now have access to corporate networks or cloud resources via home Wi-Fi. IT professionals troubleshoot mission-critical systems using remote access. Supply chains are cracking under the pressure. And attackers waste no time exploiting these potential vulnerabilities.
The CSO publication presented hot and not-so-hot security trends for 2022 - a year in which, unfortunately, it is expected that the scale and sophistication of attacks will only get worse.
Hot trend:Ransomware isn't going anywhere
According to Shira Rubinoff, head of cybersecurity, author and consultant, the number of ransomware attacks is growing and is not going to slow down. "These attacks have grown exponentially and will continue to grow-mainly due to the pandemic, as we see huge growth online and the expansion of the digital environment. The shift to work-from-home has left organizations struggling to strengthen their cybersecurity posture. Organizations now have to deal with their employees multitasking both professionally and personally from multiple devices in an environment that may or may not be secure," she noted.
Rubinoff recommends that organizations focus on implementing cyber hygiene, including training and training for the entire organization, to help mitigate the effects of phishing attacks. She adds that organizations should be proactive in protecting data and should consider implementing a zero-trust security model.
Key figures:According to the latest Gartner Emerging Risks Monitor report, the threat of "new ransomware models" is a major concern for CEOs. According to Verizon's data breach investigation report, the frequency of ransomware doubled in 2021. According to the IDC 2021 Ransomware Study, approximately 37% of global organizations said they were victims of some form of ransomware attack in 2021.
Hot Trend:Cryptomining / Cryptojacking Gains Momentum
Cryptojacking, a less prominent relative of ransomware, occurs when attackers use ransomware-style phishing attacks to hack into an organization and mine cryptocurrency using the organization's computing resources. One of the advantages for an attacker is that they can remain undetected for a long time. Since no ransom was demanded and no personal information was stolen, companies do not need to disclose that they were hacked. This makes it difficult to quantify the cost of an intrusion, as the damage is attributed to things like loss of computing power, reduced productivity, and higher energy bills. However, as cryptocurrencies grow in value, attackers have more incentive to commit cryptojacking. The final payout consists of a reward (in cryptocurrency) for being the first to confirm a new block of transactions.
"I do not know if organizations pay as much attention to it, because it is less intrusive than ransomware," says IDC analyst Frank Dixon. He notes that cryptojacking is a growing and serious security threat because "it is essentially a backdoor into your organization" that can be sold to others who want to launch ransomware or other types of attacks.
Key numbers: Sonic Wall reported a 21% increase in cryptojacking in the third quarter of 2021, and a 461% increase in Europe.
Hot trend: Deepfakes become weapons
Deepfakes (like Photoshop on steroids) will be a major security issue this year and beyond, says cybersecurity consultant Dr. Magda Celli. So far, deepfakes have been seen mostly in the entertainment industry, with fake videos showing one actor's face turning into another. Or when politicians are spoofed on video saying things they clearly never said.
Chelli predicts that attackers will use deepfake technology to compromise biometric access controls by spoofing someone's face. The use of AI-based deepfakes has many other sinister opportunities in the corporate sphere. There was already a case when scammers faked the CEO's voice and tricked a subordinate into transferring a large amount of money to a fake account. In addition to fraud, an attacker can create a video in which the CEO or other business manager does something shameful or illegal, and use the deepfake for blackmail purposes.
Key figures:"Based on the hacker chatter that we track on the darknet, we see that traffic around deepfake attacks has increased by 43% since 2019," says Alon Arvats, senior director of product management at IntSights, a Rapid7 company.
Hot Trend: Attacks on conference call software
With the pandemic showing no signs of slowing down, many employees are staying home, communicating with colleagues using teleconferencing and video conferencing software. James Globe, vice president of operations at the Center for Internet Security (CIS), says attacks on these services will continue to be a concern.
He says organizations need to adopt formal corporate policies and procedures that employees must follow to counter malicious actors who try to spy on conference attendees, eavesdrop on conversations, and view presentations that may contain sensitive information.
Globe recommends that organizations take steps such as clearing guest lists, password-protecting video conferences, sending passwords in a message separate from the meeting invitation, manually admitting participants by the moderator, and blocking the meeting after it starts.
Key figures:According to the Acronis Cyber Readiness Report, more than 30% of companies reported attacks on their video conferencing systems in 2021.
Cold trend: VPNs are disappearing
The pandemic has drawn attention to secure remote access for home-based employees, exposing the shortcomings of traditional VPNs. This technology is not so secure, it is difficult to manage, it does not provide a good user experience, and it is part of the old perimeter security model.
"It's not that we're giving up VPNs," says Dixon, " but when we're looking at ways to protect remote employees, VPNs aren't what we need. We would prefer to make a zero-trust remote access solution."
VPNs provide a secure tunnel between a remote user and corporate resources, but VPN technology cannot detect whether an already connecting device is infected or someone is using stolen credentials; it does not provide application-level security and cannot provide role-based access control after the user connects to the network. Zero trust solves all these problems.
Key figures: Gartner predicts that by 2023, 60% of businesses will phase out remote access VPNs in favor of zero-trust network access.
Hot trend: Attacks on IoT and OT
Chelli says that in 2022, attacks on the Internet of Things (IoT) and operational technology (OT) infrastructure will intensify across a range of targets, including mission-critical infrastructure, traditional manufacturing facilities, and even smart home networks.
According to Celli, attackers will target industrial sensors to cause physical damage that can cause assembly lines to shut down or services to be interrupted. The pandemic has increased the number of employees managing these systems via remote access, which provides "a very good entry point for cybercriminals."
Chelli predicts that attackers will also launch ransomware-type attacks that block a homeowner's smart door lock or smart thermostat. In this scenario, the attacker is likely targeting a vendor that supplies smart home technology.
Key figures:According to one experiment in which testers set up a home network and checked it for attacks, more than 12,000 hacking attempts were made in one week.
Hot Trend: Supply Chain attacks
The supply chain is as strong as its weakest link, and this is how hackers pursue important goals. The most infamous hack in recent memory was the SolarWinds attack, a supply chain attack in which hackers exploited a vulnerability in SolarWinds ' network monitoring software to hack hundreds of companies.
The Globe believes that attacks on supply chains will remain a hot topic. It recommends that organizations pay special attention to third parties, partners, contractors, managed service providers, and cloud service providers. Insist that these organizations demonstrate that their security practices are sound, and make sure that they constantly check that these organizations adhere to their security policies.
Key figures:Forrester data shows that 55 % of security professionals reported that their organization experienced security incidents or breaches related to the supply chain or third-party vendors in the past 12 months.
Hot Trend: Advanced Detection and Response (XDR)
Advanced Detection and Response (XDR) is a relatively new approach to threat detection and response that attempts to break down security silos and provide a cloud — based service that spans multiple security-related data streams. XDR leverages the power of cloud-based big data analytics to analyze data from endpoint protection agents, email security, identity and access management, network management, cloud security, threat analytics, threat detection, and more.
Dixon says XDR isn't so much about a specific product as it is about creating a platform that can integrate the capabilities of multiple security tools to analyze a potential security threat in context.
Key figures:According to Gartner, up to 40% of end-user organizations will use CDR by the end of 2027.
Cold Trend: Passwords
Passwords have long been known to be a weak form of security, but the industry is in no hurry to introduce alternatives. Thanks to the FIDO Alliance, Microsoft Hello, and the strong promotion of industry heavyweights like Apple and Google, password-less authentication based on biometrics (fingerprints or facial recognition) is gaining momentum.
Dixon recommends that organizations "eliminate passwords whenever possible." He adds that completely password-less solutions are preferable to two-factor authentication schemes that rely on passwords as one of the factors.
Key Numbers:According to Verizon's latest data leak report, 80% of data leaks are due to incorrect or reused passwords.
Author: Neal Weinberg
Millions of employees now have access to corporate networks or cloud resources via home Wi-Fi. IT professionals troubleshoot mission-critical systems using remote access. Supply chains are cracking under the pressure. And attackers waste no time exploiting these potential vulnerabilities.
The CSO publication presented hot and not-so-hot security trends for 2022 - a year in which, unfortunately, it is expected that the scale and sophistication of attacks will only get worse.
Hot trend:Ransomware isn't going anywhere
According to Shira Rubinoff, head of cybersecurity, author and consultant, the number of ransomware attacks is growing and is not going to slow down. "These attacks have grown exponentially and will continue to grow-mainly due to the pandemic, as we see huge growth online and the expansion of the digital environment. The shift to work-from-home has left organizations struggling to strengthen their cybersecurity posture. Organizations now have to deal with their employees multitasking both professionally and personally from multiple devices in an environment that may or may not be secure," she noted.
Rubinoff recommends that organizations focus on implementing cyber hygiene, including training and training for the entire organization, to help mitigate the effects of phishing attacks. She adds that organizations should be proactive in protecting data and should consider implementing a zero-trust security model.
Key figures:According to the latest Gartner Emerging Risks Monitor report, the threat of "new ransomware models" is a major concern for CEOs. According to Verizon's data breach investigation report, the frequency of ransomware doubled in 2021. According to the IDC 2021 Ransomware Study, approximately 37% of global organizations said they were victims of some form of ransomware attack in 2021.
Hot Trend:Cryptomining / Cryptojacking Gains Momentum
Cryptojacking, a less prominent relative of ransomware, occurs when attackers use ransomware-style phishing attacks to hack into an organization and mine cryptocurrency using the organization's computing resources. One of the advantages for an attacker is that they can remain undetected for a long time. Since no ransom was demanded and no personal information was stolen, companies do not need to disclose that they were hacked. This makes it difficult to quantify the cost of an intrusion, as the damage is attributed to things like loss of computing power, reduced productivity, and higher energy bills. However, as cryptocurrencies grow in value, attackers have more incentive to commit cryptojacking. The final payout consists of a reward (in cryptocurrency) for being the first to confirm a new block of transactions.
"I do not know if organizations pay as much attention to it, because it is less intrusive than ransomware," says IDC analyst Frank Dixon. He notes that cryptojacking is a growing and serious security threat because "it is essentially a backdoor into your organization" that can be sold to others who want to launch ransomware or other types of attacks.
Key numbers: Sonic Wall reported a 21% increase in cryptojacking in the third quarter of 2021, and a 461% increase in Europe.
Hot trend: Deepfakes become weapons
Deepfakes (like Photoshop on steroids) will be a major security issue this year and beyond, says cybersecurity consultant Dr. Magda Celli. So far, deepfakes have been seen mostly in the entertainment industry, with fake videos showing one actor's face turning into another. Or when politicians are spoofed on video saying things they clearly never said.
Chelli predicts that attackers will use deepfake technology to compromise biometric access controls by spoofing someone's face. The use of AI-based deepfakes has many other sinister opportunities in the corporate sphere. There was already a case when scammers faked the CEO's voice and tricked a subordinate into transferring a large amount of money to a fake account. In addition to fraud, an attacker can create a video in which the CEO or other business manager does something shameful or illegal, and use the deepfake for blackmail purposes.
Key figures:"Based on the hacker chatter that we track on the darknet, we see that traffic around deepfake attacks has increased by 43% since 2019," says Alon Arvats, senior director of product management at IntSights, a Rapid7 company.
Hot Trend: Attacks on conference call software
With the pandemic showing no signs of slowing down, many employees are staying home, communicating with colleagues using teleconferencing and video conferencing software. James Globe, vice president of operations at the Center for Internet Security (CIS), says attacks on these services will continue to be a concern.
He says organizations need to adopt formal corporate policies and procedures that employees must follow to counter malicious actors who try to spy on conference attendees, eavesdrop on conversations, and view presentations that may contain sensitive information.
Globe recommends that organizations take steps such as clearing guest lists, password-protecting video conferences, sending passwords in a message separate from the meeting invitation, manually admitting participants by the moderator, and blocking the meeting after it starts.
Key figures:According to the Acronis Cyber Readiness Report, more than 30% of companies reported attacks on their video conferencing systems in 2021.
Cold trend: VPNs are disappearing
The pandemic has drawn attention to secure remote access for home-based employees, exposing the shortcomings of traditional VPNs. This technology is not so secure, it is difficult to manage, it does not provide a good user experience, and it is part of the old perimeter security model.
"It's not that we're giving up VPNs," says Dixon, " but when we're looking at ways to protect remote employees, VPNs aren't what we need. We would prefer to make a zero-trust remote access solution."
VPNs provide a secure tunnel between a remote user and corporate resources, but VPN technology cannot detect whether an already connecting device is infected or someone is using stolen credentials; it does not provide application-level security and cannot provide role-based access control after the user connects to the network. Zero trust solves all these problems.
Key figures: Gartner predicts that by 2023, 60% of businesses will phase out remote access VPNs in favor of zero-trust network access.
Hot trend: Attacks on IoT and OT
Chelli says that in 2022, attacks on the Internet of Things (IoT) and operational technology (OT) infrastructure will intensify across a range of targets, including mission-critical infrastructure, traditional manufacturing facilities, and even smart home networks.
According to Celli, attackers will target industrial sensors to cause physical damage that can cause assembly lines to shut down or services to be interrupted. The pandemic has increased the number of employees managing these systems via remote access, which provides "a very good entry point for cybercriminals."
Chelli predicts that attackers will also launch ransomware-type attacks that block a homeowner's smart door lock or smart thermostat. In this scenario, the attacker is likely targeting a vendor that supplies smart home technology.
Key figures:According to one experiment in which testers set up a home network and checked it for attacks, more than 12,000 hacking attempts were made in one week.
Hot Trend: Supply Chain attacks
The supply chain is as strong as its weakest link, and this is how hackers pursue important goals. The most infamous hack in recent memory was the SolarWinds attack, a supply chain attack in which hackers exploited a vulnerability in SolarWinds ' network monitoring software to hack hundreds of companies.
The Globe believes that attacks on supply chains will remain a hot topic. It recommends that organizations pay special attention to third parties, partners, contractors, managed service providers, and cloud service providers. Insist that these organizations demonstrate that their security practices are sound, and make sure that they constantly check that these organizations adhere to their security policies.
Key figures:Forrester data shows that 55 % of security professionals reported that their organization experienced security incidents or breaches related to the supply chain or third-party vendors in the past 12 months.
Hot Trend: Advanced Detection and Response (XDR)
Advanced Detection and Response (XDR) is a relatively new approach to threat detection and response that attempts to break down security silos and provide a cloud — based service that spans multiple security-related data streams. XDR leverages the power of cloud-based big data analytics to analyze data from endpoint protection agents, email security, identity and access management, network management, cloud security, threat analytics, threat detection, and more.
Dixon says XDR isn't so much about a specific product as it is about creating a platform that can integrate the capabilities of multiple security tools to analyze a potential security threat in context.
Key figures:According to Gartner, up to 40% of end-user organizations will use CDR by the end of 2027.
Cold Trend: Passwords
Passwords have long been known to be a weak form of security, but the industry is in no hurry to introduce alternatives. Thanks to the FIDO Alliance, Microsoft Hello, and the strong promotion of industry heavyweights like Apple and Google, password-less authentication based on biometrics (fingerprints or facial recognition) is gaining momentum.
Dixon recommends that organizations "eliminate passwords whenever possible." He adds that completely password-less solutions are preferable to two-factor authentication schemes that rely on passwords as one of the factors.
Key Numbers:According to Verizon's latest data leak report, 80% of data leaks are due to incorrect or reused passwords.
Author: Neal Weinberg
