2021: A Year in Review for Enterprise Cyber-security
The general awareness on cyber crime and data breaches has significantly increased in 2021 among government agencies, corporate sector and individual user. However high volume and nature of making it a global concern. Yes, with the onset of the pandemic in 2020 and the situation extending to 2021, there was a significant rise in threat actors targeting vulnerabilities exposed by the global crisis. New attack vectors were discovered and used in the process.
With work-from-home gaining traction due to social distancing, the devices used for remote working were targeted by cyber-criminals to steal data or infiltrate networks.
Mobile devices that became the new workplace as well as entertainment zone were increasingly targeted as individual users most of the time stayed connected to digital networks. Organisations ran the risk of employees downloading malicious mobile applications that could impact other digital resources as well.
1.Increase in adoption of public cloud services
With remote working necessitating cloud-based services, due to its several benefits, such as efficiency, scalability and cost-efficiency, also gave rise to cloud security concerns. Threat actors started to shift their focus to cloud resources. The different aspects of cloud challenges were frequent data breaches, oversight to meet regulatory compliance, insider threats and cloud migration among others. Lack of in-house IT expertise for cloud security was evident too. Increase in the number of IT security professionals opting for cloud-based security solutions led to the rise of security infrastructure investments in cloud.
It became crucial for IT experts to develop the cloud security architecture and strategy with the objectives of the threat actors in mind.
2. Connectivity Supply Chain was under heavy attack
As cyber criminals focused their activities on key components of internet operations, such as DNS servers and VPN concentrators and services,the global connectivity supply chain increasingly was under attack. Cyber criminals identified the vulnerabilities due to poor security practices among vendors across the supply chain and targeted them. As sensitive data was accessed by vendors for integrating with various organisations’IT infrastructure and systems, the attack resulted in both large-scale data and intellectual property breaches. Successful attempts on services and infrastructure caused severe collateral damages and impacted several industry verticals, such as banks, wired and wireless service providers, retailers, individual users and more.
It is crucial to apply all security best practices to mitigate supply chain attacks.
3. High volume of Distributed Denial and Service (DDoS) attacks
DDoS attacks, which are malicious attempts made by cyber-criminals to overwhelm networks and servers with huge flood of traffic, were more prevalent in the recent past. This was challenging for legitimate users to access the systems and networks. The techniques used in these attacks were such that the breaches could easily evade the traditional defenses. DDoS was being used for smokescreen attack to stealthily gain otherwise privileged access to critical data on the network and ex filtrate it.
DDoS threat landscape had a high number of botnets contributing to it. ISPs faced DDoS extortion attacks too. DDoS mitigation measures have to leverage advanced methods to address evolving and sophisticated threats, along with providing ongoing protection.
4. Significant rise in ransomware attacks
Digital Transformation and remote working drove ransomware attacks, which grew in volume and size and included high-profile ones too. Extortion increased in number significantly. Phishing attacks got sophisticated with Machine Learning technology being leveraged in the process, by cyber criminals. Threat actors threatened to abuse ex filtrated data or credentials, if the ransom was not paid.
Ransomware attackers increasingly became more organised and targeted. Zero-day attacks became common. In fact, Indian organisations were among the most hit by ransomware attacks, across the globe. Cyber-currency, being linked to ransomware, led to the increase in cryptojacking attacks.
Zero-Trust Network Access is emerging as a more secure option to address ransomware attacks, phasing out VPNs. It was noted Firewalls and VPNs guard only the perimeter and not the entire threat landscape.
5. Weaving Cyber-security into the organization’s culture became critical
The C-Suite and business leaders have begun to realize the importance of cyber security measures. It is imperative for Security teams to configure robust incident response plan and ensure its implementation along with ongoing protection as cyber threat has today evolved into a business risk. To strengthen data protection processes, it is important to create a culture in the organisation on cyber-security awareness by providing necessary education and training for employees. The workforce should be able to recognize the threat as to when and where it occurs and be equipped to address it on time, thereby following a layered approach to mitigate cyber-risk.
Cyber criminals are constantly attempting to enter secure networks by weaponizing new attack vectors, leveraging mobile hotspots and targeting compromised IoT devices. In addition to the traditional KPIs, such as reliability, performance and availability for IT and Network infrastructures, security also has become an important business aspect for organisations. Organisations have to address the cyber-threat innovation on an ongoing basis with powerful risk mitigation techniques on an ongoing basis. They should have a granular level visibility and understanding of the threat landscape and strategically address them by leveraging Security Intelligence.
Furthermore, the growing digital infrastructure requires collaboration between network and security teams at enterprises. This co-ordination will reduce overall risks, resolve security incidents at speed and bring about cost and operational efficiencies.
As threat actors are not only targeting businesses and government agencies but individuals as well, cyber security has become a collective responsibility. Cyber hygiene and cyber resilience cannot be overlooked if the organisation wants better operational excellence and business growth.
( The author Vinay Sharma is Regional Director, India and SAARC, NETSCOUT and the views expressed in the article are his own)