Just as the U.S. Department of Homeland Security Cybersecurity and Infrastructure Agency issued a “SHIELDS UP” advisory to help protect critical parts of U.S. critical infrastructure from potential cyberattacks, the billion-dollar cybercrime industry realigned its scope. With heavy interference by law enforcement, there has been an anticipated shift from critical infrastructure cyberattacks to corporate enterprise companies.
The enterprise attack surface, which is the sum of all entry and exit points, is massive. The use of video and audio conferencing and other digital tools, such as IoT, open-source code, cloud applications, and social media, increased tenfold during the COVID-19 pandemic. Enterprises ramped up technology infrastructure to accommodate the surge. The amount of data has increased in tandem with interconnectivity. According to a 2021 World Bank report, in 2022, the annual total internet traffic will increase by 50% from 2020 levels, reaching 4.8 zettabytes. This digital ecosystem will make corporations vulnerable to cyber threats and attacks that will create a torrential ripple effect.
Identity and access management (IAM) infrastructure and credential misuse are also primary attack vectors. And zero-day exploits are fueled by the emergence of hacking-as-a-service and new open-source tools that dramatically lower the barriers to creating new malware variants. This combination of malicious intent and ease of development have accelerated the scale of deployed malware, with more than 376,000 threats created per day. Most threats are now polymorphic (self-mutating) in nature and are contributing to the rise of low-cost, single-use attacks that circumvent signatures, file reputation, and rigid heuristics.
In response to the unprecedented increase in malicious cyber activity, the World Economic Forum’s Centre for Cybersecurity published the Global Cybersecurity Outlook 2022, which outlines the perceptions, concerns, and predictions of more than 120 renowned cyber leaders across the globe. Not surprisingly, the report indicated that ransomware attacks increased significantly in the first six months of 2021, with global attack volume increasing by 151%. The U.S. Federal Bureau of Investigation (FBI) has warned that there are now 100 different strains of ransomware in circulation globally. An escalation in the number of cyberthreats is expected in 2022, among them distributed denial-of-service, ransomware, and phishing attacks.
The costs of cybercrime and protection against it are astronomical. Deloitte, the multinational professional services network, reports that 50% of all large enterprises, those with 10,000 employees and more, are spending $1 million or more annually on cybersecurity. Cyber warrior General Keith B. Alexander (former commander of the U.S. Cyber Command and director of the National Security Agency/Chief, Central Security Service) calls the loss of industrial information and intellectual property through cyber espionage “the greatest transfer of economic wealth in history,” surpassing damages from natural disasters in a year.
The only way for enterprises to protect themselves, their data, and their people against the storm ahead is prioritize proactive cyber risk responses. Specifically, there are five key tactics they can implement to counter cyberattacks:
- Make cyber resilience and protection a business priority. Cyber resilient companies enable technologies that can detect and mitigate problems and maintain continuity in a reliable and trusted way.
- Educate and prepare all personnel. Phishing, spear phishing, and smishing attacks, which use email and text messages, are the most common ways to hack into a company’s system. Untrained or unaware employees are open invitations to attacks.
- Bundle your physical security infrastructure. Physical security and cybersecurity can be targeted and compromised separately or simultaneously to take down a company, yet they are often treated as separate divisions or entities.
- Conduct regular security audits. To mitigate internal biases, which can lead to cut corners or overlooked issues, companies should work with third-party vendors for security audits. They provide insights into how specific technologies are performing and can identify security gaps.
- Adopt AI-powered cybersecurity solutions. Bad actors, including hacktivist groups, lone wolf hackers, and state-sponsored cyber warfare units, are becoming more sophisticated in their endeavors, continuously devising new forms of cyberattacks like crypto-jacking, malware attacks on the Internet of Things, or smartphones, and cross-site scripting. By leveraging machine learning (ML), companies benefit from real-time monitoring and security threat detection, which can prompt quick action. Low-profile, cognitive endpoint agents learn the common behavioral patterns of devices so they can be analyzed to detect anomalies without impacting user experiences. These AI technologies prevent zero-day and polymorphic malware attacks, such as the malicious computer worm Stuxnet, the banking Trojan called Ursnif (also known as Gozi), Vobfus Windows worm virus; and Bagle, an email worm; as well as advance masking techniques like weaponized documents, scripts, macros, and memory injection attacks.
As long as cybercrime remains profitable, it will continue. Today, extortionists, as well as those who engage in phony auctions, identity theft, and the sale of PII (personal identifiable information) such as credit card numbers, social security numbers, and account passwords are netting $1.5T annually. By maintaining vigilance in countering it, enterprise companies will protect their data, time, money, and infrastructure.