The cyberattack landscape is continually evolving. Here’s our list of six key factors CISOs need to be aware of in today’s cybercrime environment — and how they can prepare themselves.
The evolution of cyberattacks — in size, severity, and sophistication — is alarming
A landscape that once consisted of disorganized groups and small-time solo hackers has given way to established state actors, mafia units of cybercrime, with bot-tools and automated techniques to match. What we used to refer to as “computer viruses” have grown into significant global and commercial attacks with serious financial and reputational consequences.
As 2022 evolves, we’ve identified six important elements in our current hacking landscape to keep an eye on, and how chief information security officers (CISOs) can ensure and trust that their networks are protected:
Ransomware-as-a-service means franchise cyberattacks
Eighty-four percent of organizations in the United States experienced either a phishing or ransomware attack in the last year, and the average ransomware payment was over $500,000 (Stone, 2022).
These days, bad actors don’t need to develop their own malware, or be technically savvy — they can simply purchase a ransomware-as-a-service (RaaS) kit. These kits make it possible for hackers to launch their own ransomware attacks with someone else’s software, earning money through commissions on ransom payments.
Targeting critical infrastructure will continue to increase
Ransomware-as-a-service has made it easy for hackers to infiltrate the systems essential in our day-to-day lives: financial systems, utilities, healthcare systems, emergency services, and food supply chains.
Recent ransomware attacks on the Colonial Pipeline, the Oldsmar Water Plant, and JBS Foods show the fragility of our critical infrastructure. When these systems were disrupted, devastating consequences on the lives of everyday people took place.
Triple extortion techniques, the new normal
Ransomware attacks used to be singular events. Security hackers would target a company or victim and demand a ransom to unlock their network and data. That technique expanded to double extortion ransomware — attackers lock down a company’s network and withdraw data from that network, threatening to publish sensitive data online unless another ransom is paid.
Recently, triple extortion – where security hackers lock a network, steal data, and target a victim’s clients or suppliers — has grown in popularity. REvil, the ransomware-as-a-service group responsible for the JBS and Kaseya attacks, has moved beyond double extortion ransomware to multi-layer extortion activity.
Lax cybersecurity due to remote work and “The Great Resignation”
Remote-hybrid work is here to stay, and bad actors will continue to exploit the unsecured personal networks and cloud-based software employees use at home to gain access to their employer’s network and data.
In addition, “The Great Resignation” — the higher-than-normal quit rate of American workers we’ve ever seen — will create additional cybersecurity risks. As employees resign, hired replacements may not be aware of the correct cybersecurity protocols. Similarly, as American workers experience record levels of disengagement and burnout, they might be less vigilant regarding data security measures.
Log4j is here to stay
Even though patch management software for the Log4j vulnerability has been released and many companies have done their due diligence in protecting themselves, we’re not safe yet. Threat actors are exploiting and leveraging this Log4j weakness they’ve discovered. The CC/B1 recognized this vulnerability several years prior, and in doing so, protected our clients from it.
Cybersecurity insurance will have a watershed moment
The price of cybersecurity insurance coverage in the United States grew by 130% in the fourth quarter of 2021 alone (Ralph, 2022). As cyberattacks continue to grow in scope and severity, and ransomware payouts increase dramatically, cyber insurance will become even more expensive and unreliable. The cyber insurance industry is experiencing the most difficult underwriting accuracy because of the absence of actuarial data. Little to no data translates into ineffective policies with sky-high premiums.
How can CISOs prepare?
In our conversations with CISOs, they’re looking for better network security: a simple, reliable, and effective cybersecurity technology platform that’s easy to implement and doesn’t require human management. CloudCover’s CyberSafety CC/B1 Platform™ is the way forward.
The CC/B1 delivers real-time extended network detection response (X-NDR) through math-based deep-learning and a security, orchestration, automated risk-response (SOAR) platform. We focus on three core risk tenets: 1) awareness of network risk through math-based learning, 2) control of network endpoints and stopping threats in real time, and 3) underwriting to transfer that risk through insurance.
Concerned about this hacking landscape? Give the CC/B1 a try — we’ll install it for 40 days, free of charge. To request a demo, visit cloudcover.cc/request-a-demo.
References
Ralph, Oliver (February 4, 2022). “Companies face soaring prices for cyber insurance.” Financial Times. https://www.ft.com/content/60ddc050-a846-461a-aa10-5aaabf6b35a5
Stone, Mark (January 3, 2022). “Everything You Need to Know About Ransomware Attacks and Gangs In 2022.” Security Intelligence. https://securityintelligence.com/articles/ransomware-attacks-gangs-2022/
