What to watch for and how to help protect yourself…
By Dennis Shelly
2021 saw an increase in the number and complexity of cyberattacks, including HAFNIUM’s attack on Microsoft Exchange servers to the Colonial Pipeline ransomware attack. When you take in the challenges of protecting a remote workforce, it’s become more difficult than ever for businesses to protect data and assure service availability. In the coming year, the threat landscape will continue to grow and spread at a rapid rate. We can anticipate ransomware groups to continue putting people’s lives in danger, as well as the weaponization of firmware vulnerabilities and much more. In this article, we will discuss some major cybersecurity trends that businesses should be aware of in 2022 and how you can protect yourself.
We’ve compiled a list of five cybersecurity threats that organizations should be aware of in 2022.
- Stuffing Credentials
Credential stuffing is a cyber-attack in which credentials obtained from one service’s data breach are used to log in to another unrelated service. Due to more sophisticated bots that try several logins at the same time and pretend to come from various IP addresses, such attacks are on the rise. The fact that many users employ the same username/password combination across several sites makes credential stuffing attacks highly successful. Credential stuffing will remain a severe issue if this practice continues.
- Ransomware Attacks with Double Extortion
The classic ransomware scenario involved malicious programs encrypting data with public-key RSA encryption and then destroying them if the victim did not pay the ransom. Threat actors steal data from organizations in addition to encrypting files in the ‘Double Extortion Ransomware Attack,’ also known as ‘pay-now-or-get-breached.’ This implies that, in addition to demanding a ransom to decrypt data, attackers might threaten to release the stolen data if a second payment is not made.
- Attacks on Remote Workforce
Within an organization, typical cybersecurity threats can be mitigated by a firewall, employee training, strict regulations, and so on. When individuals work remotely; implementing cybersecurity measures becomes more complex. According to a recent poll conducted by Tessian, 56 percent of senior IT experts feel their staff have picked up negative cyber-security behaviors while working from home. Some of the most serious cybersecurity threats connected with remote work include unsafe networks, the usage of personal devices, human error, and so on. Implementing security measures like VPNs, anti-phishing software, anti-virus, and continuous employee training can assist to decrease the risk significantly.
- Cloud, AI, and IoT Vulnerabilities
Organizations are increasingly turning to the cloud to accelerate their digital transformation. Despite the growing popularity of cloud computing, data security remains a major worry for many businesses. Improper RDP (Remote Desktop Protocol) administration, misconfigurations, inadequate authentication are some of the leading sources of cloud vulnerabilities. Similarly, IoT devices are vulnerable mostly due to a lack of security mechanisms built-in to protect against attacks. Some security measures have yet to be prioritized as IoT devices continue to make their way into workplaces and homes. In 2022, technology like AI and ML will continue to expand their reach—and, unfortunately, some businesses will overlook the basics of security. When implementing new technology, it is critical to ensure the security of your business, network, and products.
- Supply Chain Attacks
2021 Solar Winds attack taught us about the numerous weaknesses that exist beneath the surface of the supply chain. Because of the widespread usage of open source software and mass-market applications, a large portion of the supply chain is vulnerable, making it an easy target in 2022.
How to Protect Yourself
So, how can you lower your chances of falling for a cyber attack? Let’s start with the fundamentals of “cybersecurity” which are simple and common-sense techniques to be safe online.
Multiple Factor Authentication
Multifactor Authentication means choosing to take an additional step when trustworthy websites and applications ask you to prove you’re who you claim you are. Instead of asking for a password, which can be reused, cracked, or stolen, they can verify it’s you by asking for some information, such as a PIN or your sister’s middle name, as well as Something you have…. such as an authentication application or a confirmation text on your phone, or a fingerprint or FaceID. This step is far more difficult for a hacker to fabricate. Simply opt-in whenever you receive a prompt for multifactor authentication.
Update and backup regularly
To keep malware at bay, be sure to maintain your operating system and anti-malware tools up to date. Regular patch updates ensure that any vulnerabilities in your system are addressed and resolved. It’s also a good idea to back up your system every couple of months to be ready for any attacks. The data, being kept in a different location, also helps to avoid the ransom demand. Before returning to work, you must check that the malware has been eradicated.
Active Firewall
An efficient firewall configuration that operates as a barrier between your system and external networks is an intuitive option to have installed in your system. The firewall protects your sensitive information by defending against malware that enters over an external network.
Strengthen Endpoint Defense
Anti-virus software alone isn’t enough to keep cyber threats at bay. As a result, enterprises must use an Endpoint Discovery and Response (EDR) solution and other solutions to guarantee that adequate security is activated at endpoint devices.
Configure the ‘Zero Trust’ security
Zero Trust is a cutting-edge security system that requires all business users to be verified and approved before they can change security settings. The application is built to address today’s security problems, including ransomware. By securing remote employees, continuously developing hybrid cloud environments, and ransomware threats, Zero Trust is a critical foundation for securing infrastructure and data with the continual digital transformation.
Attack Surface Management
As a company undergoes a fast digital transformation, its attack surface expands significantly. As skilled hackers target enterprises’ critical infrastructure, businesses must assess their defense capabilities proactively and use a strong attack surface management tool to identify possible risks to their sensitive assets. Additionally, businesses must reorganize their cybersecurity ecosystems to mitigate possible risks and ensure that their operations do not come to a halt.
Preparedness is one of the most difficult aspects of cybersecurity. Cyberattacks appear to be an endless onslaught, with technology, user behaviors, and attack techniques evolving over the years and showing no signs of slowing down. Organizations must do their best and prepare for future incidents. An excellent place to begin is by auditing and reviewing the strength of their internal security systems, technologies, and methods. A cyber risk insurance plan is essential for organizations to avoid the catastrophic consequences of a cyber attack. Recovery from the effects of a cyberattack, such as business interruption, revenue loss, and reputational damage, may be expensive and time-consuming without a dedicated cyber policy. In addition to establishing and testing the continuity of operations and incident response strategy, organizations should build a complete cybersecurity roadmap.
Main thing to know is you don’t need to tackle these ongoing cyber threats by yourself! Our Cyber Security Eggsperts are here and available to help and for advice. Get started by calling (760) 205-0105 or emailing us at tech@eggheadit.com with your questions, service requests, or technology upgrade advice.
IT | Networks | Security | Phones | A/V | Integration