The past few years have witnessed a surge in cyber threats, including data breaches, ransomware attacks, and DDoS attacks.
As CIOs navigate the challenges of remote work, the pandemic, and geopolitical issues, it’s more important than ever to stay vigilant against these threats.
By examining the current threat landscape and considering recent statistics and predictions, we can get a clear understanding of where the majority of attacks are occurring and take steps to protect the enterprises.
In this blog, we’ll discuss the top highlights of 2022 and what we can expect in 2023, along with relevant cybersecurity statistics.
2022 At a Glance
Cybersecurity remains a top priority for CIOs across the globe as threat actors find new ways to infiltrate a network and exploit sensitive information. Here are some of the top highlights from 2022:
- Investment fraud was the most expensive form of cybercrime, with an average of $70,811 lost per victim.
- Top attack vectors, according to IBM, were compromised credentials (19% of all breaches), phishing (16%), and cloud misconfiguration (15%).
- Statista predicts cybercrime costs to skyrocket from $8.44 trillion in 2022 to $23.84 trillion by 2027.
- The average data breach cost is rising, the average cost of a data breach has increased from $4.24 million in 2021 to $4.35 million in 2022. This represents a 12.7% increase from the 2020 average cost of $3.86 million.
- Kaspersky’s DDoS Intelligence system noticed 57,116 DDoS attacks in Q3, 2022.
This is only the tip of the iceberg. 2022 has seen a massive surge in cybercrimes, which are expected to grow in the coming years. So let’s see what the future of cybersecurity holds.
Cybercrimes Are Increasing at an Alarming Rate Globally
Cybercrimes have been at an all-time high. According to Cybersecurity Ventures: “Cybercrime costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.”
- Global cybercrime cost is expected to rise by 15% YoY over the next five years, reaching USD 10.5 trillion annually by 2025, up from USD 3 trillion in 2015.
- Data breaches are at an all-time high, with roughly 15 million data being exposed during the third quarter of 2022.
- Education/research, government/military, and healthcare sectors are the top 3 sectors hurt by the increasing attacks of cybercriminals, as noted by CPR with 2,148, 1,564, and 1,426 average weekly attacks, respectively.
Ransomware Continues to Escalate
Ransomware has repeatedly broken the news headlines, yet it remains one of the biggest threats to organizations.
Not only is the number of ransomware crimes increasing, but it is also becoming more complex. Earlier hackers encrypted the data and demanded ransom to release it, but now they’re threatening companies to pay the ransom, or the hackers will sell their data.
- Cybereason surveyed 1,400 global cybersecurity professionals and noted that:
- 73% of organizations suffered at least one ransomware attack in 2022.
- Supply chains are being exploited for infiltrating target networks, as 64% of companies believe ransomware gang made their way into their network via one of their business partners or suppliers.
- 35% of companies had to face C-level resignations following a ransomware attack.
- According to FortiGuard Labs, ransomware incidents have increased by nearly 1100% over the last year.
Crypto Hacking Is Becoming an Increasing Threat
DeFi (decentralized finance), the primary protocol used in cryptocurrency for investors to lend, borrow, and trade without a central mediator, is being largely exploited by hackers.
Rug pull is one of the major crimes conducted by hackers to exploit DeFi. It is a malicious act where hackers lure investors to invest their money, then either run off with it or sell off their pre-mined holdings. According to The Chainalysis 2022 Crypto Crime Report:
- The overall revenue from crypto scams rose 82% in 2021 to $7.8 billion, of which $2.8 billion came from rug pulls.
- Over $3 billion were stolen in 2021 due to increased Defi (decentralized finance) thefts.
- Nearly $3.2 billion in cryptocurrency was stolen in 2021.
Zero Trust Is Getting Embraced
The zero-trust security model has gained significant traction in recent years, especially after the onset of remote working. This mode prioritizes verifying users and devices before granting access to network resources.
- Gartner predicts that by 2025, 60% of organizations will have implemented Zero Trust as their primary security model.
- IBM says that the share of organizations embracing zero-trust grew from 35% in 2021 to 41% in 2022. And organizations not deploying zero-trust will incur an average of USD 1 million greater breach cost compared to those with the technology deployed.
- 80% of respondents in a Statista survey plan to adopt zero trust in the future or have already adopted it.
- Healthcare is starting to embrace zero-trust, with 37% of companies implementing it in 2021 and 58% in 2022.
Operational Technology Will Need to Be Secured
With the increased adoption of technology comes the responsibility of safeguarding it. The threats to OT infrastructure not only cause damage to the organization but also hurt human beings and the environment.
- Sectrio’s The IoT and OT CISO Peer Survey 2022 notes that nearly 90% of CIOs reported one major incident in the past year. Most respondents say their operations were halted for over four days, incurring a loss of over $2.5 million.
- 3% of organizations find technical integration of legacy and aging OT with modern systems the most challenging, according to The State of ICS/OT Cybersecurity in 2022 and Beyond.
Conclusion: How to Prepare for the Future
Cybercrimes are at an all-time high. With threat actors constantly finding new methods to infiltrate and exploit organizations, CIOs globally have to take preventive measures to safeguard their organizations.
Some of the most common, yet overseen methods, are using complex passwords, regularly updating patches and upgrading software, giving cybersecurity training, using anti-ransomware solutions, and more go a long way in keeping organizations safe.
Not only this but employing security solutions that fit best for your enterprise is essential.
To know how Array can help you protect your enterprise from malicious threat actors, reach out to our sales team today.
(The author is Mr. Shibu Paul, Vice President – International Sales at Array Networks and the views expressed in this article are his own)