Cyber security 101: Surviving attacks in 2022 

Christopher Rogers at Zerto sets out the challenges facing businesses at a time of rising cyber attacks

 

The rise of phenomena such as automotive hacking, double-extortion ransomware, and AI-driven attacks mean it has never been harder to keep UK businesses secure from threat actors. And, with IDC reporting that approximately 50% of organisations have suffered unrecoverable data loss in the last three years, and cyber attacks surged 238% between February and April 2020, it’s not hard to see this decade as the golden age of cyber crime.

 

A successful attack can be paralysing, costing organisations in lost revenue, the ransom itself perhaps, data, customer trust, brand reputation, or worse - some companies simply never recover. The key to combating this is to stay one step ahead of threat actors. This means keeping up with, and understanding, the latest trends in cyber, the most common types of attacks and how they manifest themselves.

 

Developing in-depth knowledge of the dangers faced allows organisations to subsequently implement robust protection strategies that can counter today’s threat levels.

 

Challenges of complex infrastructure

The rise of “work from anywhere” has prompted more disparate and complex corporate networks, with many new IoT devices creating an explosion in potential attack surfaces. Digital transition and a soaring demand for data in the last few years has accelerated investment in the cloud, but this has also brought with it the associated challenges of securing data between applications and cloud services.

 

Amidst this new tech landscape, many organisations are ignorant of weaknesses in their technology ecosystems and threats can easily lie undetected. To ensure they are adequately protecting their data and networks, tech leaders should be aware of five types of cyber attacks which can commonly lead to successful breaches and some strategies for protection:

 

Credential stuffing

User authentication is really nothing new to most organisations and the workers within them. Although users are discouraged from re-using passwords, many organisations have become complacent since the initial education sessions of the early pandemic. Taking advantage of this, credential reuse or ‘stuffing’ is when a cybercriminal gains access to valid credentials and accesses the network and steals data or compromises the system. Akamai reported 193 billion credential stuffing attacks globally in 2020, and the sudden shift to remote work, creation of new online accounts and increased reliance on e-commerce has increased opportunities for hackers.

 

Insider threats

The risk presented by insider threats, which are individuals connected to organisations that intend to steal data or cause system issues for an organisation, remains very real. This could be a current or former employee, contractor, or even a partner. These threats can take the guise of employees stealing information for personal use or a disgruntled employee sabotaging data or systems. The 2022 Cost of Insider Threats: Global Report reveals that insider threat incidents have risen 44% over the past two years.

 

Phishing attacks

Phishing emails are the biggest vehicle for ransomware attacks. Years ago, these spoofed emails were easy to detect but since cyber criminals have become more skilled at imitating the look and feel of valid branding of their imitated organisations, they are becoming increasingly successful as a threat conduit. The UK National Cyber Security Centre co-developed the Suspicious Email Reporting Service with the City of London Police in 2020 and has since removed over 80,000 scams from the Internet.

 

Man-in-the-middle attacks (MiTM)

An MiTM attack is a clever ruse, where the attacker mimics communicating parties and intercepts the communication by posing as each party, to then gain control from within.” TechTarget defines a MiTM attack as “a type of cyber attack in which the attacker secretly intercepts and relays messages between two parties who believe they are communicating directly with each other. Prevention methods such as multi-factor authentication and continual monitoring are more effective than trying to remediate after an attack, and traditional security appliances don’t easily detect them.

 

Double-extortion ransomware

Of the recent trending new types of attacks, such as Denial-of-service (DDoS) and SQL injections, one particularly devastating attack is the double-extortion ransomware attack. Starting out as a traditional ransomware cyber-attack, instead of simply encrypting data and demanding a ransom, these attackers will threaten to leak or dispose of critical data. Depending on the nature of an organisation, this can bring an organisation to its knees, with data arguably an organisation’s most critical asset.

 

Minimising risk with Continuous Data Protection

As the balance of power lies with cyber attackers, CIOs, CISOs and business leaders must ensure data protection strategies are proactive and that the entire network is protected. But to cover themselves in the case of any potential gaps in defence, organisations are turning to continuous data protection (CDP) to enable an ongoing backup of data.

 

CDP has always-on replication and journaling technology which ensures the protection of every change that’s made to an application in real time, while keeping content current. A CDP solution can enable recovery of an organisation’s entire site and applications within a few minutes with only several seconds of data loss - and no downtime.

 

Embracing collaboration while outsmarting cyber criminals means understanding current trends and knowing your vulnerabilities within the tech ecosystem. Since being targeted is not a case of ‘if’ but ‘when’, a robust and future-proof security strategy must incorporate a recovery strategy to isolate and minimise the impact of an attack should the worst occur.

 

---

 

Christopher Rogers is a Technology Evangelist at Zerto

 

Main image courtesy of iStockPhoto.com