The world we work and live in changed dramatically in 2021. The pandemic has continued to present cybercriminals with the perfect opportunity to exploit vulnerabilities in networks and unprotected devices. They’ve made the most of it with some very high-profile attacks that made headlines around the world. The Solarwinds attack in the US was very wide-reaching and went undetected for months. It was described as one of the most sophisticated cyberattacks of all time. Millions of Microsoft clients were affected by an attack that exploited vulnerabilities in Microsoft’s Exchange Server. At home, the attack on the HSE had a devastating impact on the nation’s health care, at its most vulnerable time, and a recent report revealed that it too sat undetected on their network for weeks.
As remote working and the growth in digitalisation continues into 2022 the risk of cyber-attack remains high. This is why businesses, organisations and individuals must become aware of the various avenues for attack and how to protect themselves.
So, what might be the trends in cyber security as we move into a new year.
The Continued Threat of Ransomware
Ransomware attacks are not a new type of attack but in 2021, a few key trends emerged. Supply chain attacks extended the attack radius and double extortion presented an even greater threat as criminals not only demand a ransom for the return of stolen data but also threaten to leak information if the payment is not received. Throughout 2022 ransomware attacks are expected to prevail and develop even further. Ransomware attacks typically start with a phishing email as was the case with the HSE attack. Email Security Solutions that can detect and protect against spam, phishing, email compromise and account takeover will assist your cyber security posture and help prevent an attack like this. Equally important is Cyber Security Awareness Training for your staff so they know how to recognise email scams and phishing attempts including social engineering.
An Expanding Attack Surface
The number of connected devices, the Internet of Things is forecast to reach 18 billion by 2022. The result is a vast increase in the number of potential access points for cybercriminals. The threat is further compounded by the vast increase in remote workers accessing networks from both work and personal devices from many locations. In essence, the perimeter has become blurred and the perimeter-based system of protection of latter years is no longer sufficient to protect business data.
Rapid Cloud Adoption
Cloud services exploded in 2021 as business went virtual and remote working became the norm. This trend will likely continue throughout 2022 and move from siloed cloud tools and platforms that address a specific need such as video calling to enterprise-wide cloud migration. Although cloud providers can include a basic level of security, the responsibility of securing the cloud infrastructure and the data ultimately lies with the organization putting that data in the cloud and not the cloud provider. As a multi-cloud environment develops with several cloud platforms deployed, security gaps widen, and increased risks emerge. We recommend working with a cloud-agnostic security vendor to ensure security and peace of mind around cloud adoption.
Attacks on Critical Infrastructure and Government Departments
A growing target for ransomware attacks is critical infrastructure as was borne out in the US when a water treatment facility was breached in 2021 and sadly here in Ireland with the attack on the HSE. The vulnerability of aged systems and the increase in connected devices accessing them is creating a perfect storm for cybercriminals to exploit. Attacks on organisations that provide energy, transport, public sector services and water treatment are far-reaching as they directly impact the lives of the citizens in the country in which they reside, making them attractive targets for opportunistic criminals.
Going Beyond Multi-Factor Authentication
It was realised a long time ago that password logins were never going to last in isolation as a defence against cybercrime. Multi-factor authentication took it a step further and is the very basic verification method that a business or organisation should utilise. However, now a new approach to trust is becoming more prevalent. One that sets an overarching methodology across all access points, connected devices, individuals, and perimeters.
The Zero Trust Model
Zero Trust is a new term in the cybercrime dictionary. And it comes in various guises, Zero Trust, Zero Trust Access and Zero Trust Network Access (ZTNA). But what exactly does it mean? In short Zero Trust means just what it says on the tin – trust nothing and no one. It is a strategy that governs how you implement the wide variety of security solutions that are available nowadays. It combines them under the one overriding objective which is to not trust any device or individual that is attempting to access anything connected to your network.
It may sound simple, but it is not that easy to get right. Zero Trust requires that no one gets access to their data until their identity is continually authenticated and that they can only access the information that they need. With limited access, the likelihood of data breaches decreases as it lessens what is known as insider attacks.
Insider attacks are not always malicious. An innocent staff member who unwittingly clicks on a malicious link in an email for example or leaves a device exposed would come under the umbrella term of an inside attack. As would an imposter who steals a staff members identity and gains access to a network.
How to Implement a Zero Trust Strategy
A zero-trust approach involves a lot of configuration based on a company’s risk tolerance. In practice, this means users cannot connect to a network unless they meet the parameters set by the organisation. For example, the network is automatically checked to see which devices have access, should they have access, and do they have the basic security that is required, including some level of anti-virus and it is up to date and patched. This involves specific configuration across devices both those owned by the business and personal devices and also the cloud which holds a lot of company, often sensitive, data.
A Zero Trust Model gives the ultimate level of control to the organisation. It is not one solution but a strategy that is adhered to across the entire enterprise and one that affords the best protection that can be offered against cyber-crime. But it is complex and multi-faceted. The best approach for long-term protection is to engage with the experts. They will understand the nuances of the wide variety of cyber security solutions on offer and will be able to combine them to create a complementary environment that respects the zero-trust approach.
Every business and organisation will have different aspects to their Zero Trust model depending on their risk tolerance. And what is settled on as being the best fit may involve solutions from different suppliers such as a combination of Microsoft and Fortinet. Pick an IT Partner to help you determine what your business needs that will deliver on Zero Trust. An IT Company that partners with several mainstream suppliers will have the skills and the experience across technologies to guide and advise you on the best Zero Trust approach for your business.