Malware, Ransomware, IoT Pose Major IT Security Challenges
More than 4 billion malware attempts were recorded globally so far in 2022, while year-to-date ransomware attempts have already exceeded full-year totals from four of the last five years.
These were among the findings of a recent SonicWall threat report that also found ransomware tactics are shifting and diversifying, adding more pressure to already overloaded IT security professionals.
Growing Need for IoT Security
The report also noted it is easier than ever to perform ransomware attacks, thanks to a growing number of ransomware-as-a-service (RaaS) offerings. And as more smart devices enter the digital space, there is a growing need for internet-of-things (IoT) security.
The report pointed out that IoT devices have multiple ways to connect to a network, offering multiple attack vectors to exploit—IoT malware climbed 92% globally, according to the study.
Bud Broomhead, CEO at Viakoo, a provider of automated IoT cybersecurity hygiene, said organizations must focus on automation and simplification.
“In an environment where there are limited resources, this will be the most effective way to limit the growth of the attack surface,” he said.
It will also be important to coordinate at an industry level, as malware and ransomware strains are becoming more industry-specific.
“Therefore, industry-wide collaboration will be most effective in preventing attacks,” Broomhead said. ” Bring together the IT and lines of business who manage and operate IoT/OT/ICS devices—silos do not work in preventing attacks.”
Craig Burland, CISO of Inversion6, said when looking at cybersecurity from a 50,000-foot view, there’s equal cause for optimism and concern. “Cybercriminals have succeeded in digitizing their operations to attack at scale,” he explained. “They’ve also shown tremendous adaptability to focus their resources where the likelihood of success is higher.”
On the positive side, Burland noted, organizations of all sizes are starting to recognize the importance and value of proactive investments in cybersecurity.
“Tech startups are building new platforms to identify and remediate threats quicker, boards of directors are asking better questions and insurers and regulators are demanding foundational practices,” he said.
He pointed out that governments, too, are collaborating with the private sector to build a collective defense.
“In 2023, we will continue to see successes and failures as each side upgrades their tactics,” Burland said.
Cybersecurity as a Differentiator
He said to start, organizations need to understand that cybersecurity can be a differentiator in what they provide and how they provide it.
Second, they need to embrace ideas like secure-from-the-start to build in threat prevention and resiliency, avoiding costly errors down the road.
Finally, they need to incorporate cybersecurity risk management in their decision-making processes alongside other major business risks like financial, supply chain and safety.
“Like water pressing against a dam, breaches will happen where organizations have cracks,” Burland said. “Today, those weaknesses appear in the cloud, operational technology and software development spaces.”
He warned that organizations are moving too fast to gain mindshare or market share and spending too little time considering the risks and embedding the right controls up front.
“Adversaries will continue to innovate their malware packages and platforms to broaden their reach, gain footholds, remain persistent and leverage their assets,” he said. “Defenders must double down on best practices like vulnerability management, device protections and universal visibility, especially in newer areas like IoT.”
Broomhead said among the most dangerous shifts in the cybersecurity battlefield are threat actors targeting vulnerabilities in open source software.
“They know that to remediate those vulnerabilities requires multiple manufacturers to provide patches,” he explained.
He added that the trend of exploiting IoT/OT/ICS environments (which have both a digital and a physical presence) will lead to more physically devastating attacks (explosions, life-critical failures and/or chemical attacks).
Mike Parkin, senior technical engineer at Vulcan Cyber, a provider of SaaS for enterprise cybersecurity risk remediation, added that while state and state-sponsored threat actors have always been a factor, the geopolitical situation in 2022 raised the stakes.
“The usual cybercriminal gangs won’t stop, but it’s likely that well-resourced state-level players will become a broader problem going into 2023,” he explained.
He said beyond bringing their environments up to industry standard baselines, a lot of organizations can benefit from taking a more risk-based approach to deploying their resources and addressing vulnerabilities.
Parkin also expected malware itself will continue to evolve, as attackers find new ways to hide, maintain persistence and get what they came for.
“What attack vectors they use to get the foothold and drop their malware will also evolve, taking advantage of new vulnerabilities, leveraging variations of old ones and continuing to go after users as a soft target,” he said.
