What trends are worth watching in the ever-changing cybersecurity landscape? What types of threats are likely to emerge? What is worth paying attention to? Read the list of threats from Łukasz Wójcik, Head of CyberRisk.

• Supply Chain Threats and Attacks

A continuing, if not increasing, the trend of attacks using the supply chain is to be expected. These attacks are likely to oscillate around two scenarios. The first is – in straightforward terms – the injection of malicious code by attackers into trusted application programs, the systems on which many services in companies around the world are based. The second is the unconscious use of smaller companies or even people who cooperate with a given entity as contractors, suppliers or employees. Attackers will not go to the trouble of breaking through reasonably robust security measures since they can potentially open doors by attacking the IT resources of a poorly secured contractor, subcontractor or employee and, by doing so, gain access to a larger institution quite quickly.

• Cloud Threats

The move of services to the cloud, the already emerging returns from cloud services and the hybrid nature of working from anywhere in the world will pose significant security challenges for cloud providers, key operators, companies, and institutions alike. All processes associated with multi-cloud architectures will require appropriate data security and business continuity, technical, organisational and legislative solutions.

• IoT, OT, drones and autonomous vehicles attacks

The market for smart devices, IoT, is growing. At the same time, there is still insufficient investment in securing these devices, which can provide an easy, almost open door for intruders into home networks or corporate infrastructure.

In addition to treating IoT as a security hole, it should be borne in mind that in some instances, the device itself, especially if it comes from an untrusted manufacturer, will pose a severe threat or cause losses, e.g. faulty implementation of an alarm panel, heating or watering control, etc.

The activities in the field of attacks on autonomous vehicles seem, for the time being, in the main, due to the scale, to be instead treated as PoC. However, the producers of these vehicles must not sleep over the point when the oversights in the security of their technology will start to bear fruit in the form of fatalities or other serious incidents.

• Critical Infrastructure

Critical infrastructure in many economic sectors and areas are still not adequately secured. And yet the security of Critical Infrastructure is essential not only for the functioning of states and many elements of the global economy but also because it constitutes a tempting morsel for hostile states and criminal groups. When one adds to this the updates to the interpretation of the law on the protection of critical infrastructure (e.g. the European Parliament’s NIS 2 directive), which some entities have not had time to prepare for, a reality emerges that leaves much to be desired in terms of security, and now is the last call before it is too late.

• Phishing, SMSishing, petty cyber gangsters and crypto wallet attacks, Ransomware

The still low awareness of users, the relatively low effectiveness of law enforcement agencies, the emergence of new, organised cybercrime groups, and the high quick turnaround factor will cause an increase in these types of attacks. At the same time, these will not be uniform actions but waves, based on current trends, problems, etc., which will form the basis for sociotechnical and manipulative interpretation by the attackers. The growing market for cryptocurrencies and the anonymity of their acquisition and trading, as well as the scarcity of regulations, on the one hand, gives great freedom of action and good profits, but on the other hand, will still be a convenience for criminals, for example in the field of ransomware.

• Deep fake, frauds, disinformation

The development of Deepfake threats and a relatively low level of their detection and inadequate control mechanisms will tempt criminal groups and hostile forces to realise fraud and sow disinformation.

• Cyberattacks in the military area

It is to be expected that some of the ongoing hybrid operations of states, militaries and even intrastate games will be oriented towards malicious activities in cyberspace. Critical infrastructure, the financial industry and the medical sector may be affected, and ultimately citizens will suffer.

And a few more…

 Data breaches and business continuity disruption

A complex and uncertain global situation will tempt potential bad actors to steal intellectual property, breach corporate secrets, act as bribed insider threat/bad actor. Irresponsible behaviour of users in cyberspace, still low level of awareness and frustration, will violate business continuity by causing unavailability of systems, access to information, or unavailability of staff on a given position. It is worth noting another risk factor, namely the growing market for hiring employees – especially in the IT sector.

CISOs, ZeroTrust, PasswordLess and MFA challenges

Sophisticated and distributed attacks affecting cyber, physical security, organisational elements and legislative pitfalls alike will require cyber and information security professionals to take a holistic approach and increase the level of collaboration between teams responsible for each aspect of security. The PasswordLess trend, without proper education and efficient implementation of MFA and integrated security systems, could undermine ZeroTrust. Today, spending on security is not a necessary evil or an unnecessary cost. It is an investment. Companies that do not treat security as an investment will sooner or later suffer the consequences. It was similar in the case of the industrial revolution and, 100 years later, the computerisation of enterprises.

wearenavirisk.com