Cybercrime is on the rise, over the 2020–21 financial year, the Australian Cyber Security Center (ACSC) received over 67,500 cybercrime reports, an increase of nearly 13 per cent from the previous financial year. Cyber attacks and data breaches can leave businesses, large or small, devastated with overwhelming financial, reputational and legal consequences. According to the ‘Cost Of A Data Breach’ report by IBM and the Ponemon Institute data breach costs in 2021 rose from USD 3.86 million to USD 4.24 million, the highest average total cost in the past 17 years of the report.
The threat landscape is getting more complex with cybercriminals adopting new tactics and techniques to target organisations and individuals. With many organisations lacking a robust cybersecurity strategy, many are falling prey to these malicious actors. So what do businesses need to be on the lookout for?
Below are eight of the latest cybersecurity trends we believe businesses need to take into account and plan for in the upcoming years:
1. Staying secure while remote working
COVID-19 changed many things about how we go about our lives, one of the biggest impacts it had is on businesses and how they operate. Due to lockdowns across the world, many businesses were forced to adopt remote working solutions to continue operating. Although COVID-19 regulations died down and lockdowns eventually ended, many businesses chose to either adopt a hybrid model of working or have allowed their employees to continue working remotely, due to reasons like an increase in productivity, convenience and cost efficiency. However, along with these benefits arrived the challenge of managing information security while remote working.
The security risks posed by remote working has become a key topic in cybersecurity, with organisations becoming more vulnerable as more employees work remotely, for example, a home office compared to a centralised office network, does not have protective measures such as, firewalls, routers and continuous monitoring and access management by a dedicated information security team. Employees have had to also depend on the use of personal devices to stay connected and even authenticate logins, this has increased the overall vulnerability of businesses, as adequate security controls have not been put in place to account for the challenge brought by a scattered workforce.
With how abruptly organisations had to resort to remote working solutions to continue operating, security may have been overlooked, allowing cybercriminals to seize the opportunity to heighten their attack efforts. According to IBM’s ‘Cost Of A Data Breach’ report, the average cost was USD 1.07 million higher in breaches where remote work was a factor in causing the breach, compared to those where remote work was not a factor.
Hence, organisations need to recognise remote working as a cybersecurity trend that needs to be addressed immediately. Information security teams need to identify and patch the vulnerabilities associated with a distributed workforce, implement appropriate security controls and measures, increase monitoring capabilities and ensure employees are made aware of the ever evolving cyber threat landscape.
2. The evolution of ransomware
Ransomware by no means is a new threat, however the rate at which it is growing in profile and impact has made it one of the most significant threats to organisations in Australia and around the world. According to the ACSC’s Annual Cyber Threat Report 2020-21, the ACSC recorded a 15 per cent increase in ransomware cybercrime reports in the 2020-21 financial year.
The ACSC have attributed this increase in ransomware to the increase in the willingness of cybercriminals to extort money from elements of society that they have deemed vulnerable and critical. Extortion attacks involve criminals stealing and encrypting valuable data so businesses cannot access it, they then threaten the business to either pay an exorbitant amount or end up having their sensitive information released to the public.
Factors like an ease of access to dark web tools and services have also increased their capability, with cybercriminals getting more adept at hiding and delivering malicious code. In addition, the accessibility of cybercrime services – such as ransomware-as-a-service (RaaS) – via the dark web increasingly opens the market to a growing number of malicious actors without significant technical expertise and without significant financial investment. Another factor contributing to this is the existence of over 120 ransomware families, which has made it increasingly difficult for organisations to identify and prevent ransomware attacks. Cybercriminals have also started incorporating cryptocurrency into their schemes, forcing their ransoms to be paid in crypto has made it harder to trace and track.
During the last few years, ransomware incidents have been seen across a variety of sectors, including professional, scientific and technical organisations, and those in health care and social assistance. The ransomware attack on JBS foods and the Colonial Pipeline and it’s associated widespread impact are great examples of why ransomware is a critical cybersecurity trend that organisations need to address and combat.
3. Social engineering becoming more sophisticated
Phishing, business email compromise and other forms of social engineering have been around for more than a decade, but have increased in prevalence due to the COVID-19 pandemic, remote working and other factors. Cybercriminals have taken advantage of circumstance and increased their phishing attempts against vulnerable individuals who are stuck at home, hungry for information and disconnected from their organisations. According to the ACSC, in the 2020–21 financial year, the average loss per successful Business Email Compromise increased to more than $50,600 (AUD) – over one-and-a-half times higher than the previous financial year.
Different forms of phishing have gained prominence, for example, phishing via SMS, commonly referred to as ‘smishing’, has seen an uptick due to the increase in the use of communication applications like Whatsapp, Skype, and Zoom, WeChat etc. People during the pandemic were desperate for information, criminals took advantage of this to disguise their malicious links behind the promise of resources and information. There has also been an increase in phishing through voice, otherwise known as ‘vishing’, with criminals pretending to be IT support or third-party vendors seeking sensitive information from unaware employees, who due to the disconnected nature of the workplace, fall for their trap.
Organisations need to recognise the destructive nature of a successful social engineering attack, and prioritise better training and awareness for their employees as criminals are always innovating to stay one step ahead.
4. IoT attacks by cybercriminals
IoT or the Internet of Things refers to the network of physical objects or devices—“things”—that are embedded with sensors, software, and other technologies for the purpose of connecting and exchanging data with other devices and systems over the internet. According to Oracle, there are more than 7 billion connected IoT devices today, with experts expecting this number to grow to 22 billion by 2025. This rapid expansion of the Internet of Things has increased the opportunities for criminals to carry out their cyber attacks and data breaches.
This is because, with the number of devices connected to the internet increasing, the attack or threat surface is also becoming harder to manage due to how large it is. The way IoT devices are designed, their storage and processing ability is significantly lower than your average laptop or mobile phone, making it harder for security teams to protect them with measures like firewall, antivirus and other security controls. This means that the number of possible vulnerabilities and weaknesses that malicious actors can exploit to gain entry to a business’s critical infrastructure is going to increase with the number of devices connected to the internet. Therefore organisations need to prepare and plan for this cybersecurity trend that is going to be more prevalent in the following years.
5. The increasing need for cloud security
Like many trends brought about by the shift to remote working, there has been a greater dependence on cloud solutions, with many organisations choosing to establish themselves on the cloud. Although cloud services mean greater scalability, operational and cost efficiency, it continues to be heavily targetted by cybercriminals. Due to the existence of security risks and vulnerabilities with cloud services, for example, misconfigured settings, unauthorised remote access, and weak login credentials are amongst the main causes of cloud-related data breaches within organisations.
6. Increase in supply chain attacks
As noted by the ACSC in their annual cyber threat report, the threat from supply chain compromises remains high. Supply chain attacks are cyberattacks that target trusted third-party vendors who offer services or software vital to the supply chain. There are two main types of supply chain attacks, software and hardware, with the first variant injecting malicious code into an application in order to infect all its users, with the second variant compromising physical components in order to achieve the same result.
Software supply chain attacks are especially hard to combat as it is difficult for both vendors and their customers to protect their networks against well-resourced actors with the ability to compromise widely used software products. For instance, the average software project has 203 dependencies, if a popular application has even a single compromised dependency this means that anyone who downloads it is now compromised, resulting in exponential growth of victims.
Supply chain attacks are increasingly becoming a business-critical issue that’s impacting crucial relationships with partners and suppliers, organisations need to know how to get ahead of cybercriminals, through the use of threat intelligence and analysis.
7. Increased focus on mobile cybersecurity
The growth in mobile technology and capability has evolved rapidly, with mobile devices becoming capable of storing large amounts of valuable data and completing a wide range of tasks remotely. With the transition to remote working, employees are more reliant on their mobile devices as a means to connect and communicate with each other. Cybercriminals have recognised this and increased their targeting of mobile devices, therefore organisations need to ensure that their information security teams add additional layers of security to safeguard mobile devices. Due to the current period of accelerated digital transformation cybercriminals are getting more ingenious in their methods of attack, therefore it is essential that organisations are aware of trends like the need for mobile cybersecurity.
8. The impact of AI and machine learning on cybersecurity
With the staggering amount of cyber threats facing organisations, many have turned to artificial intelligence and machine learning to boost their security infrastructure. AI has been extremely useful in automating several aspects of cybersecurity such as threat detection. For example, large amounts of risk data can now be analysed with the help of AI and machine learning, this is especially useful to smaller businesses who may not have the human resources to handle information security.
This technology can also help predict the behaviour of cybercriminals, security teams through the use of algorithms to build models of behaviours, can use these models to make predictions about cyber attacks as new data emerges. Although these technologies are helping bolster an organisations cybersecurity defences, it is important to note that AI is also being used by criminals to automate their own cyber attacks. The use of AI and machine learning in cybersecurity is expected to grow in the coming years, therefore it is an important cybersecurity trend for businesses to plan for.
How can StickmanCyber help?
Take charge of your cybersecurity and design powerful strategies - with technology, processes, and people - to safeguard your business. Learn more and contact us today.