news
2022: THE THREE MOST IMPORTANT CYBER SECURITY TRENDS
The pandemic has certainly changed many aspects of our lives.
If on the one hand the greater use of smart working and the spread of digital technology have simplified things, on the other hand they have exposed us more to cybercrime, scams and extortion.
In fact, the last two years there have seen an unprecedented increase in cyber attacks, both in frequency and in criticality.
And there is no hint of change in this trend.
Let’s see what are the three most important and significant trends for Cyber Security in 2022:
Used in only 8.5% of cyber attacks in 2018, they are used in over a third of cases in 2021, a trend that seems to be increasing.
Initially, they were primarily distributed from phishing attacks, but they are becoming an increasingly elaborate threat, often made available to criminals “As A Service“.
As a result, even traditional criminals can profit from cybercrime and are becoming more interested in it.
It is no longer a mystery that for years the cybercrime market has exceeded the proceeds of the drug market.
Furthermore, resorting to the phenomenon of “double extortion” does not help: in addition to the traditional blackmail to decrypt data infected with ransomware, criminals also begin to use a second blackmail in order not to spread the data (stolen before encrypting it), with the risk to circulate highly sensitive information.
The only possibility is to avoid as much as possible that criminals are able to penetrate systems and take possession of data, especially the most sensitive ones.
This result can be achieved in three ways: by equipping itself with appropriate anti-malware solutions, by constantly monitoring the systems in search of anomalies and by mitigating the problems detected periodically.
Considering that every device connected to the network can produce logs (ie event logs), there are certainly no missing sources to identify anomalies.
The real problem, on the contrary, is being able to analyze an ever-increasing number of sources in order to promptly find the problems and be able to intervene in an effective and timely manner.
AI is very useful for this purpose and more and more companies in 2022 will decide to integrate this technology into their solutions.
Unfortunately, cyber criminals who use AI to be able to evade cyber defenses more and more efficiently are doing so too.
The use of Artificial Intelligence remains the only defense to counter AI-based attacks.
These include all the household appliances connected to the network which are increasingly popular.
The consequence is a growing number of potential access points for criminals, who, by easily penetrating these systems, which are normally less protected than ordinary computers, can then reach everything on the same network.
On the other hand, it is difficult to think of installing an antivirus on a smart TV or a refrigerator.
But if our computer is on the same smart TV network, our data is also at risk.
In 2022 we will continue to see attacks against the IoT grow and it is important to start considering all devices capable of connecting to the Internet as computers, putting into practice the same defensive strategies.
As always, awareness proves to be the first and most important strategy.
Happy New Year!
If on the one hand the greater use of smart working and the spread of digital technology have simplified things, on the other hand they have exposed us more to cybercrime, scams and extortion.
In fact, the last two years there have seen an unprecedented increase in cyber attacks, both in frequency and in criticality.
And there is no hint of change in this trend.
Let’s see what are the three most important and significant trends for Cyber Security in 2022:
RANSOMWARE
Ransomware is a growing threat.Used in only 8.5% of cyber attacks in 2018, they are used in over a third of cases in 2021, a trend that seems to be increasing.
Initially, they were primarily distributed from phishing attacks, but they are becoming an increasingly elaborate threat, often made available to criminals “As A Service“.
WHAT DO WE MEAN BY “AS A SERVICE”?
If once the attacker was most likely also the producer of the malware, and therefore a computer systems expert, now the ransomware maker makes them available and is not necessarily the attacker.As a result, even traditional criminals can profit from cybercrime and are becoming more interested in it.
It is no longer a mystery that for years the cybercrime market has exceeded the proceeds of the drug market.
Furthermore, resorting to the phenomenon of “double extortion” does not help: in addition to the traditional blackmail to decrypt data infected with ransomware, criminals also begin to use a second blackmail in order not to spread the data (stolen before encrypting it), with the risk to circulate highly sensitive information.
HOW CAN THE PROBLEM BE MANAGED?
The use of properly configured backup solutions helps to recover data avoiding the trap of traditional blackmail, but, unfortunately, there is no cure for “double extortion”.The only possibility is to avoid as much as possible that criminals are able to penetrate systems and take possession of data, especially the most sensitive ones.
This result can be achieved in three ways: by equipping itself with appropriate anti-malware solutions, by constantly monitoring the systems in search of anomalies and by mitigating the problems detected periodically.
ARTIFICIAL INTELLIGENCE
Just as it is used by financial services to detect fraud, the Artificial Intelligence (AI) in Cyber Security helps identify anomalous behavior patterns, indicators of an attack in progress or already occurred.Considering that every device connected to the network can produce logs (ie event logs), there are certainly no missing sources to identify anomalies.
The real problem, on the contrary, is being able to analyze an ever-increasing number of sources in order to promptly find the problems and be able to intervene in an effective and timely manner.
AI is very useful for this purpose and more and more companies in 2022 will decide to integrate this technology into their solutions.
Unfortunately, cyber criminals who use AI to be able to evade cyber defenses more and more efficiently are doing so too.
The use of Artificial Intelligence remains the only defense to counter AI-based attacks.
IOT
The number of connected devices, known as the “Internet of Things” (IoT), is projected to reach 18 billion by 2022.These include all the household appliances connected to the network which are increasingly popular.
The consequence is a growing number of potential access points for criminals, who, by easily penetrating these systems, which are normally less protected than ordinary computers, can then reach everything on the same network.
On the other hand, it is difficult to think of installing an antivirus on a smart TV or a refrigerator.
But if our computer is on the same smart TV network, our data is also at risk.
In 2022 we will continue to see attacks against the IoT grow and it is important to start considering all devices capable of connecting to the Internet as computers, putting into practice the same defensive strategies.
As always, awareness proves to be the first and most important strategy.
Happy New Year!
Latest news
HACKS OF THE DAY 18-19-20/03/2023
Today's HOTD includes 28 ransomware victims of the notorious Monti, BlackBasta, Medusa, BlackCat/ALPHV, Play, Royal and LockBit 3.0 gangs. The average Cyber Risk Factor of...
Read More
HACKS OF THE DAY 17/03/2023
Today's HOTD includes 35 ransomware victims of the notorious Cl0p, BlackBasta, Medusa, BlackCat/ALPHV and LockBit 3.0 gangs. The average Cyber Risk Factor of the day...
Read More
HACKS OF THE DAY 16/03/2023
Today's HOTD includes 10 ransomware victims of the notorious Monti, Vice Society, Royal, BlackByte and LockBit 3.0 gangs. The average Cyber Risk Factor of the...
Read More