Ransomware is the word of 2021 for the cybersecurity industry, according to AwareGO expert team’s cybersecurity analysis for 2022.
This year was characterized by news about record-breaking successful ransomware attacks. They directly impacted the world economy and the supply chain. Moreover, these attacks are on a scale that we have not seen before, asking for more money than ever.
Not only have we seen a 150% increase in ransomware attacks between the years. Ransomware groups have also become even bolder in their demands, asking for tens of millions of dollars in ransom. This results from “Ransomware as Service” hacking groups. They provide their services to malicious actors and are allowed to operate openly, causing international tension.
AwareGO’s cybersecurity analysis for 2022 was made by our expert team: Ragnar Sigurdsson, Maria Bada, Ph.D, and Asta Gudrun Helgadottir, with contributions from other AwareGO colleagues. It explores what the next steps for creating a cyber-secure world in 2022 are.
How do companies become victims of ransomware attacks?
Ransomware is a critical threat in the years to come. Not only because of potential monetary loss for paying the ransom and the potential harm to reputation, but because of the disruption it can cause to society at large. For example, the Colonial Pipeline ransomware attack affected fuel prices and the market in general. Likewise, the Kaseya ransomware attack initiated a chain reaction that affected sales services worldwide. Thus, ransomware attacks are affecting people’s everyday lives more directly than ever before. Unless there is strategic international cooperation against organized ransomware gangs, it will not go away.
There are three primary attack vectors for ransomware attacks:
- Password hacking either by brute-force attacks or leaked password lists.
- Software flaws
Other methods can be used, but these three attack vectors are by far the most common. Password hacking and phishing are the most common, accounting for around 80% of all ransomware attacks. Other security breaches, such as data leaks and spyware, follow the same trend: The human factor is directly involved in over 80% of all cybersecurity breaches. Essentially, the human factor is the single most critical vulnerability vector in cybersecurity attacks.
Cybersecurity Analysis and Predictions for 2022
- Phishing is becoming ever more sophisticated and targeted geographically. With better machine translations, it is possible to target more language areas successfully. As a result, phishing and social engineering are the major risk factors for organizations and at all levels. From the ground up and the top-down, everyone can fall for a phish that can, in turn, have devastating consequences.
- Better password management where multifactor-authentication is the new norm. Prominent actors, such as Google, are making two-step verification the default for accessing accounts. This will not only increase Google users’ account security. It also means that millions of users will have to learn how to use multi-factor authentication and do so regularly. Additionally, the widespread use of multi-factor authentication for most accounts will decrease the risk of password hacking by malicious actors. It will create a more secure cyberspace. Still, like any system, 2FA/MFA is only as strong as the weakest link. Two-factor authentication systems can still be vulnerable. Therefore, organizations need to use the right combination of factors.
- Smartphones and smart devices are becoming a bigger target than ever before. Smartphones are often the only device that a large part of the population has. They have access to information ranging from social media accounts and e-Wallets to one’s work email. As a result, smartphone operational security needs to be taken to the next level. There are various security features that can enhance the device’s resilience if it gets hacked or stolen. That information needs to be made common knowledge.
How to mitigate cyber risk in 2022?
The existing firewalls and technical security measures will continue to play an essential role in mitigating cybersecurity risk. However, according to our cybersecurity analysis for 2022, the emerging attack methodologies target human behavior and lack of cybersecurity awareness and knowledge. The next step in digital protection must be made accordingly.
Employee training and awareness-raising must be the front and center of next-level cybersecurity. For example, training employees to use tools such as password managers sometimes needs to be more hands-on. In contrast, awareness-raising about identifying phishing or operational security about important devices or data needs to be more continuous.
Cybersecurity culture in the organizational structure means not only that there is adequate training for employees. It also means that there are procedures in place for reporting phishing attacks or other security failures. In addition, there must be utmost trust between the security leadership and the rest of the organization. The security leadership must be able to rely on employees to report if they fall for phishing attacks, including wire-transfer scams. As soon as the employees realize they might have fallen for a phishing attack they need to report it.
Creating a cybersecurity-centered culture means that employees should not be afraid of reporting a possible security breach. For the cybersecurity leadership, every minute counts. Creating a no-blame environment, where reporting such incidents as soon as possible, can make a difference. In addition, having established protocols where reporting such incidents as quickly as possible is incentivized and encouraged creates a safer workplace. It also makes for better compliance with existing data protection laws and regulations.
The Human Factor and Cybersecurity
Our cybersecurity analysis for 2022 foretells that organizations will need to focus on human-centric solutions. This means improving education, training, and implementation of security measures rigorously. Although the human factor is behind around 80% of security breaches, traditional cybersecurity countermeasures have focused on securing it on the infrastructure level. This means that a significant part of the defense budget is spent on defensive technologies defending threat areas with no visibility of the human risk.
Similarly, when it comes to following various data protection regulations, organizations have hitherto focused on fulfilling and funding the role of a data protection officer. That does indeed serve its purpose. However, that does not protect the organization from data leaks or misuse of personal data by employees. There, the question of the human factor is just as relevant as it is in the case of ransomware. Knowledge about handling sensitive data is multifaceted and coincides with general best practices applicable for preventing ransomware or other security breaches.
Defensive walls are already in place, or will be purchased, but they protect against an adversary from a different time. These defenses are still required, but the new attack methodologies have changed to human weakness or human-centric attacks. The digital defensive protection must change accordingly.