31 Aug Cyber security trends and patterns in 2022. The effects on businesses and governmental organisations.
2022 Cyber security Trends and Patterns
Cyber security continues to be a hot topic on the global business landscape and a key focus area for business leaders, irrespective of their area of specialisation. In general, a boost in the digital defence budgets and activities has been seen in 2022 so far. The adoption of a zero trust model seems to be the order of the day.
Spike in Ransomware
Ransomware, undoubtedly, is still one of the top cybersecurity trends. Lately a 150% increase in ransomware attacks was estimated by the EU Agency for Cyber security. Ransomware usually paralyses organisations since they are left victim, unable to access sensitive data in their own systems. Ransom funds (usually in crypto) are asked for in exchange for keys that can unfreeze the files held at ransom.
These attacks end up costing an arm and a leg, in interruptions to day-to-day operations, reputational damage and lost work and in certain cases vital data. In addition, malicious actors usually operate secondary monetisation channels, selling stolen data via the dark web.
A trend which picked up momentum in the first months of this year, is the launch and increased use of Ransomware as a Service (aka RaaS). Malware scripts and creations are ‘rented out’ through the RaaS platforms, making it relatively easier for attackers to carry out ransomware attacks. This RaaS business model has had a multiplier effect on the number of launched ransomware attacks.
RaaS flourished in 2022, because of its lucrative nature and the difficulty encountered by authorities to clamp down and prosecute these platforms’ operators.
Supply Chain focused attacks are on the rise
Supply chains are crucial for the successful operation of an organisation. Knowing the importance of this business element, attackers are targeting software supply chains, resulting in huge business disruptions that have a domino effect on so many parts of the organisation and players in the market.
In a recent study conducted by a leading cyber security company based in Texas, USA, a staggering 80% of IT professionals believe that supply chain attacks are the biggest existing cyberthreat. So it is not surprising that supply chain attacks are constantly placed among the key trends affecting world-wide cyber security. An example of this, which dominated news portals a few months ago, was the Solar Winds breach, whereby Russia-based hackers compromised software systems (injecting malicious code to them) affecting thousands of organisations including the US government.
Nationwide infrastructure threats
Hacker groups from around the world have placed Critical National Infrastructure (CNI) at the centre of their attacks. From defence organisations, to hospitals, universities, financial services bodies, rail companies and oil and gas organisations – attackers create critical and catastrophic results by impacting these core functions of a country. In certain instances, lives end up at risk. This is part of a bigger trend to attack control systems and operational technology (by hacker groups).
Intelligent Email Phishing
Social engineering is increasingly becoming more sophisticated by the day. Attackers use thematic topics that are trending, to make their scam emails more realistic and therefore (potentially) more gullible. A common occurrence this year was e-mail scams faking fundraising for those hit by the Russia-Ukraine conflict. The volume of phishing emails did increase and noteworthy is the change in malware types and delivery mechanisms used by hackers. Lightweight and AI-powered malware is the trend in this day and age.
A compliance-based approach in Cyber Security is often not enough
Ticking all the boxes to be compliant with a standard framework or to be in adherence to the regulations set forth by a regulatory body, is often not enough to secure an organisation. The Zero Trust Model is gaining popularity. The Zero-trust model is in vogue as a long-term solution to data breaches. Trust from an organisation’s systems architecture is radically removed. It is solely authorised individuals that are given access authority to selected applications or parts thereof.
Google was one of the first to roll-out such a model and it took them around 60 months to adopt a zero-trust architecture throughout their organisation. In the US there is a project, backed by a roadmap, to have all government agencies deploy a zero trust policy by the end of 2024.