The need for cybersecurity has existed ever since the emergence of the first computer virus. The ‘creeper virus’ was created in 1971 and could duplicate itself across computers. Also, the threat landscape is emerging with the evolution of new technologies such as AI, Immersive Experience, Voice Economy, Cloud computing, and others. Threat actors upgrade their tools and tactics by designing new strategies to perpetrate their nefarious aims.
Cyberthreats are growing in both scale and complexity, and the need to secure critical infrastructure by businesses and public organizations has never been as urgent as now.
This article examined how cyberattacks have evolved in the past 12 months, the big lessons, what threats will look like in the future, and strategies companies can deploy to secure their endpoints and data against cyberattacks.
Key Cyberattacks in the Last 12 Months
1. Phishing Attack in the Era of COVID-19
Threat actors send a message to deceive people into downloading or clicking a malicious link. During the Great Lockdown of 2020, many people were working from home. Cybercriminals leverage this opportunity as businesses and communication entirely depend on the internet. A report by the FBI revealed phishing to be the most popular form of cybercrime in 2020, and the incident reported nearly doubled ( 241,324) what was recorded in 2019, which was 114,702.
2. The Notorious Ransomware Attack
The ransomware attack was profitable for threat actors in the last 12 months. Ransomware locks files on the victims’ system and redirects them to a page to pay a ransom to have their files returned. A notable example was the Cyrat ransomware which was masked as software for fixing corrupted DLL files on a computer system. According to Reuters, over 1500 businesses have been affected so far.
3. Attacks on IoT and IIoT
The adoption of the Internet of Things(IoT) and the Industrial Internet of Things at both the individual and industrial levels also leads to concerns around cybersecurity. These connected devices make our lives easier, and when not properly configured and secured, they could also leak our sensitive data to the bad guys.
In 2020, an IoT botnet employed vulnerable access control systems in office buildings. As a result, someone accessing the building by swiping a keycard may be ignorant that the system has been infected.
4. Password Compromise
A security survey conducted by Google revealed that about 52 percent of people reuse passwords across different sites. It means a cybercriminal can successfully access all accounts by breaching a single account. As a result, password attacks remain a top attack vector for most organizations. In the same survey, 42 percent of the people ticked security breaches due to a password compromise.
A notable example was a list of leaked passwords found on a hacker forum. It was said to be the most extensive collection of all time. About 100GB text file which includes 8.4 billion passwords collated from past data breaches.
You can type your details in https://haveibeenpwned.com/ to know if your email or password has been breached.
5. Identity Theft
Cases of Theft doubled from 2019 to 2020 based on a report by the Federal Trade Commission of the United States. The commission received around 1.400.000 cases. Most cases include threat actors targeting individuals affected by the pandemic financially. Cybercriminals also leveraged the unemployment benefits reserved for those affected by the pandemic. The fraudsters claimed these benefits using information stolen from thousands of people. Suppose we merge this with what recently occurred on Facebook and Linkedin, where users’ data were scraped off public APIs by malicious actors. In that case, one could imagine how privacy is becoming a subject of concern for both individuals and companies.
6. Insider Threat
Insider Threat is a form of attack that is not as popular as others yet affects both small and big businesses. Anyone familiar with a company’s internal operations and structure can be a suspect. A Verizon report of 2019 revealed about 57 percent of database breaches are caused by insiders.
One of the best approaches to limiting the impact of this threat is restricting the privileges of staff to critical areas.
What Are the Lessons From the Biggest Cyberattack?
The attacks mentioned above and others have consequences and lessons to avoid a repeat. Let’s explore some of them:
1. There’s Nothing New About the Threats
There was a similar attack like Wannacry, which affected Sony in 2014. With regular patching and firewall, organizations can still prevent infiltration or exploitation. Interestingly, the actual patch of the vulnerability exploited by Wannacry was released two months before the event, but many organizations failed to patch it. Those who did not patch had their critical infrastructures impacted by the attacks.
2. Several Organizations Are Unbelievably Vulnerable
NotPetya cyberthreat exploited Microsoft vulnerability (SMB-1) by targeting businesses that failed to patch. As a result, organizations have to develop cyber-resilience against attacks by constantly downloading and installing patches across their systems.
3. Prioritize Data Backup
Even if you lose your critical data to a ransomware attack, a backup will help you keep your operations running. Therefore, organizations must back up their data outside of the network.
4. Develop an Incident Response Plan
Proactive response to incidents and reporting enabled most companies to halt the spread of Wannacry even before the incident. Regulators expect companies to issue warnings within 72 hours or get penalized.
5. Paying Ransom Only Create an Opportunity for More Attacks
While it is easier to pay the ransom with the expectation of having your files restored, as long as the communication link is maintained, the threat actors will always come back. Also, it is like empowering them to continue the chain of attacks.
What Would Cyberattacks Look Like in the Future?
Cybersecurity experts predicted the financial damages caused by cyber threats to reach $6 trillion by the end of 2021. Cyber Attack incidents are also expected to occur every 11 seconds in 2021. It was 19 seconds in 2019 and 40 seconds in 2016. In the future, we would have cyberattacks possibly happening every second. As a result, we would see a surge in frequency and significant financial damages to victims.
Deepfake and Synthetic Voices
Deepfake trended in 2019 as threat actors innovate means of improving their tools and technologies for malicious and entertaining purposes such as illegal pornography featuring. In the future, cybercriminals will call into customer call centers leveraging synthetic voices to decipher whether organizations have the tools and technologies to detect their operations. One of the major sectors that will be targeted will be the banking sector.
Conversational Economy Breach
As companies begin to deploy voice technology and individuals adopt digital assistant technologies like Alexa and Siri, fraudsters will also not relent in discovering the potential opportunities locked up in the voice economy. According to Pin Drop Statistics, 90 voice attacks took place each minute in the United States. 1 out of 796 calls to the call center was malicious. Now that we are all migrating to Clubhouse, we should also expect voice data breaches around voice-based applications.
Some challenges companies would have to deal with include protecting voice interaction, privacy concerns, and supporting call centers with tools and solutions for detecting and preventing fraud.
Security Cam Video Data Breach
In March 2021, Bloomberg reported a breach of surveillance camera data. The breach gave the hackers access to live feeds of over 150,000 security cameras located in companies, hospitals, prisons, police departments, and schools. Major companies that were affected include Cloudflare Inc. and Tesla Inc. Not only that, the hackers were able to view live feeds from psychiatric hospitals, women’s health clinics, and offices of Verkada. These Silicon Valley Startup sourcing data led to the breach.
This scenario paints a vivid picture of what a security cam video data breach looks like and the consequences- privacy breach.
Apple/Google Pay Fraud
Cybercriminals are utilizing stolen credit cards to purchase via Google and Apple pay. Recently, over 500, 000 former Google+ users had their data leaked to external developers. Google offered to pay US$7.5m in a settlement to address a class-action lawsuit against it.
3 Things to Do to Stay Protected
If you are concerned about the growing rates at which these cyber-attacks occur, here are three important things you can do:
Secure Your Hardware
While it is exciting to acquire the latest equipment, securing them with the best cyber threat prevention measures is also essential. For instance, you can use a complex password and reset the default passwords established by the hardware manufacturers. After setting up a password, it is also essential to set up two-factor authentication as an additional security layer. You can also use strong endpoint security tools to secure your systems and network.
Encrypt and Backup Your Data
A formidable cyberthreat prevention measure incorporates two elements: Blocking access to confidential data and rendering the data useless peradventure it falls into the hand of cybercriminals. The latter can be actualized by encrypting the data. Encryption is one of the best solutions to protect against data breaches. Ensure you encrypt your customer information, employee information, and other essential business data.
Educate Your Employees
While banning your staff can be a security measure five years ago, the pandemic and the adoption of remote working have necessitated the “bring your own device(BYOD) approach. And security has to be fashioned in the light of this new development. One best way to achieve this is to plan a simulation on detecting and avoiding phishing links and fake websites.
It is also vital to foster a security culture in the workplace. For example, “If you see something—say something.”
As new technologies continue to emerge, so will the sophistication of cyberattacks be. Trends such as hackers snooping on a conversation with Siri, Alexa will increase significantly. They can manipulate IoT devices and recruit them into an army of weaponized bots to take critical assets down, or shut down smart homes and cities. Threat actors can also leverage deep fake technology and synthetic voices in social engineering and various scams.
Thus, enterprises that want to stay protected always need to prioritize their people’s cybersecurity, data, and infrastructure.
By Deepak Gupta