The new year is in full swing – with all its opportunities and goals. What are the trends and innovations that cybersecurity experts predict for 2022? Let’s look at both sides: the black hacker and the white hacker side. What will be the prevailing means and methods of attacks? And on the other side, what tools and solutions should you use to check, validate and upgrade cyber security? At this point, we are referring to organizational cybersecurity and individual digital entities – your users.
Cybersecurity at risk – attack trends and innovations
Cyber security in 2021 was marked mainly by ransomware, end-user vulnerabilities, and remote work. Organizations have adapted to the Covid-19 situation by moving work from offices to homes. Connecting private and business infrastructure has simplified access to professional networks, and exposed companies to successful attacks, e.g., social engineering. There is an additional risk of connecting companies in one large network on the next level, which is the case with supply chains. This particular category of companies suffered from a large number of attacks over the past year.
Social engineering attacks
The user remains the main target of attacks and the most vulnerable link in the cyber security chain. Attackers are primarily no longer focused on security devices as such. Their security protocols are much harder to hack than convincing users to click a malicious link or open an infected attachment.
Therefore, hackers prefer to spend more time carefully preparing phishing attacks or other forms of social engineering. To this end, they first observe their target – the organization – for a long time: they monitor users’ online habits, traffic, and the physical environment. All these give them a good enough picture of what the relationships are like within the organization and what content will be the easiest way to fool the users.
The primary weapon of the attackers has become the data they use to manipulate potential victims. At this point, social engineering brings us to the next stage of the attack – ransomware.
Ransomware has already started hitting the headlines in 2022. The goal of a ransomware attack is to gain financial assets. Since employees are often the tools hackers use to penetrate the network, the first stage of a ransomware attack is usually social engineering. Attackers gain access to the network. Once they are in, they use lateral movements and try to exploit the vulnerabilities of connected devices. Upon successful intrusion into the system, they gain access to business-critical data. They use them as a means of manipulation and obtaining high compensation.
Advanced persistent threats (APT)
The purpose of APTs is to obtain or steal data over a long period. When attackers enter the network, they remain hidden. They retrieve data, make lateral movements, and wait for the opportunity to break in. In the case of supply chains, an attacker can enter the network of the weakest link in the chain and eventually break through to more prominent players. The biggest “nightmare” is that even with the APT discovered and seemingly removed, some back-doors may remain open, and the attackers may return. Mobile devices are an ideal battleground for ATP attacks. Numerous installed applications provide many potential entry points into the device and, consequently, into the network.
Cybersecurity enhanced – trends in defence
How should an organization best protect itself from attacks and disable attackers? Is being unbreachable feasible at all? We often encounter a discrepancy between the number of security devices installed and the actual state of cyber security. Advanced security devices can certainly help you protect your network and data to some extent. However, it is essential to regularly monitor the configuration of devices and the recorded security risks which you should rank and eliminate.
Regular penetration tests
A very efficient way of managing vulnerabilities is active penetration testing. With penetration testing, you verify the steadfast resilience of an information system or application. A couple of years ago, it was excellent to test your system once per year. But nowadays, the attacks and threats are so frequent that annual penetration tests do not suffice anymore.
We recommend you perform manual penetration tests at least twice a year, and it is crucial to test the system or application after each major change or upgrade. Furthermore, regular validation on a daily or weekly basis is highly recommended. Automated security validation tools have proven to be a great support. One of them is Pentera*, which recognizes vulnerabilities, checks if they are exploitable, ranks them, and makes recommendations for remediation.
With such a security verification and validation system, you can ensure an unbreachable layer of your perimeter. At the same time, do not forget to regularly build employee awareness. Remind them why cybersecurity is essential and offer them security training. Use controlled platform environments to expose employees to various attacks with social engineering and strengthen their resilience.
Security awareness training
Imagine the organization’s information system as Earth and information system users as its surface. The outer layer is exposed to various environmental factors, making it the most vulnerable. If the buildings are poorly built, they can crush in an earthquake. A tree with rotten roots will fall in a strong wind, and an avalanche can destroy an entire village.
Your users are similarly vulnerable. Some are more resilient to threats from the outside cyber-world, others less so. Some adapt quickly to innovations and accept changes in the cyber-landscape, while others struggle with every change they have to make. If you want to provide a cyber-secure business environment, regularly expose your employees to simulated attacks.
Advanced security awareness training, such as KnowBe4 **, allows you to improve the resilience of your users to social engineering attacks by as much as 50% in just three months. The training content reflects the latest trends in attacks with social engineering: fishing attacks, SMS or phone calls, fake online ads, etc. Users receive a message at unannounced times, and they have to recognize the attack. As an administrator, you have insight into the statistics, and you can always customize the program. Simply check which type of attacks are your users most prone to and send them another “attack”.
Cybersecurity at home and in the office
Cyber-aware employees will act responsibly regardless of the network or information environments they are connected to. They will interiorize that online behaviors in their home network affect the situation in the business network and vice versa. What’s in it for you? You will sleep peacefully, even if the office device is connected to the employee’s home network.
Taken from the cyber-security point of view, regarding the threats mentioned by global organizations, the most reasonable investments in IT will be focused on two segments: regular security checks and validation, and security awareness training for the first line of defense.
*More on security validation platform by Pentera.
**More on KnowBe4 security awareness training.