Network Security amidst Growing Cyber Threats

 

by Dr Baba j Adamu

I Contact  I

July 7, 2021


The challenge is adapting data into a functional and agile risk management strategy to be able to better protect ourselves. The alarming cyber-security statistics for 2021 are a call to take the risk management mission more seriously. The year 2020 broke all records when it came to data lost in breaches and sheer numbers of cyber-attacks on companies, government, and individuals. In addition, the sophistication of threats increased from the application of emerging technologies such as machine learning, artificial intelligence (AI), and 5G, and especially from greater tactical cooperation among hacker groups and state actors. The recent Solar Winds attack, among others, highlighted both the threat and sophistication of those realities. Most business ventures are increasingly relying on lessons learned, from Best Practices, to improve outcomes and follow this heuristic model. The three heuristic trends to focus on include:

  1. Expanding cyber-attack surface (remote work, IoT supply chain);

  2. Ransomware as a cyber-weapon of choice;

  3. Threats to critical infrastructure via ICS, OT/IT cyber-threat convergence.

 

Expanding Cyber-Attack Surface (Remote Work, IoT, Supply Chain)

According to Cyber Security Ventures (cybersecurityventures.com), the World will store 200 zettabytes of data by 2025. This includes data stored on private and public IT infrastructures, on utility infrastructures, on private and public cloud data centers, on personal computing devices. 

Several factors have led to the Malthusian expansion of the global cyber-attack surface. These influences include digital transformation and the commercial model of more people doing business over the internet. We have moved into the early stages of the Fourth Industrial Revolution that are highlighted by digital interactions and the meshing of machines and humans. Our way of life is increasingly online especially with the coming of the Covid-19 pandemic.


The digital transformation was rapidly pushed by Covid-19 and the need to move individuals working in offices to working remotely from their homes. That led to essentially millions of connected offices. It is estimated that nearly half the U.S. labour force is working from home and that it is greater in Europe, Asia and in many other countries due to lockdowns.  Home offices are not as protected as the fortified office sites that have more secure firewalls, routers, and access management run by their security teams. Remote work has created new opportunities for hackers to exploit vulnerable employee devices and networks. Dorit Dor, Vice President of Products, Check Point Software elaborated on how the digital transformation. “Businesses globally surprised themselves with the speed of their digital initiatives in 2020: it’s estimated that digital transformation was advanced by up to seven years. But at the same time, threat actors and cyber-criminals also changed their tactics so that they could take advantage of these changes, and the pandemic’s disruption, with surges in attacks across all sectors.” Also, the reality of the Internet of Things has completely changed the dynamics and the size of the expanding cyber-attack surface. With an estimated 50 billion connected devices and trillions of sensors working among those devices, hackers have a multitude of options to breach cyber-defence and exfiltrate data.  “By 2025, it is expected that there will be more than 30 billion IoT connections, almost 4 IoT devices per person on average and that also amounts to trillions of sensors connecting and interacting on these devices. State of the IoT 2020: 12 billion IoT connections (iot-analytics.com). According to The McKinsey Global Institute, 127 new devices connect to the internet every second.


The 2021 Director of National Intelligence (DNI) report estimates that IoT will reach 64 billion objects all monitored in real-time.  ” Looking forward, a hyper-connected world could support up to 1 million devices per square kilometre with next-generation cell phone systems (5G), compared with the 60,000 devices currently possible with current cell networks, with even faster networks on the horizon.” Office of the Director of National Intelligence - Global Trends (dni.gov) The Internet of Things (IoT) is related to supply chain vulnerabilities. IoT’s exponential connectivity is an ever-expanding mesh of networks and devices. Supply chain cyber-attacks can be perpetrated by nation-state adversaries, espionage operators, criminals, or hacktivists. Their goals are to breach contractors, systems, companies, and suppliers via the weakest links in the chain. This is often done through taking advantage of poor security practices of suppliers, embedding compromised (or counterfeit) hardware and software, or from insider threats within networks.


Protecting such an enormous attack surface is no easy task, especially when there are so many varying types and security standards on the devices.  One way to address the expanding attack surface is to use an automation tool chest that can now utilize horizon scanning technologies, analytics, audits, incident alert tools, diagnostics, and even self-repairing software. Artificial intelligence (AI) and machine learning technologies can also provide for more efficient decision-making by prioritizing and acting on threats, especially across larger networks with many users and variables.


Ransomware as a Cyber Weapon of Choice

Ransomware has been around for almost two decades and has grown in popularity because it can more easily bring financial rewards to hackers. It is estimated that there are now 124 separate families of ransomware and hackers have become very adept at hiding malicious code. Success for hackers does not always depend on using the newest and most sophisticated malware. It is relatively easy for a hacker to do. In most cases, they rely on the most opportune target of vulnerability, especially with the ease of online attacks.


Last year, ransomware made up nearly a quarter of the incident-response engagements for IBM Security's X-Force threat intelligence group. Fifty-nine percent of the ransomware incidents involved cybercriminals exfiltrating, before encrypting, the data - so-called "double-extortion" attacks. Ransomware, Phishing Will Remain Primary Risks in 2021 (darkreading.com)


The reason is that ransomware became a weapon of choice for hackers in the Covid-19 induced digital landscape. The transformation of so many companies operating in a mostly digital mode had created more targets for extortion. According to a research study by Deep Instinct, ransomware increased by 435% in 2020 as compared with 2019, and the average ransomware payout has grown to nearly $234,000 per event, according to cyber-security firm Coveware.  Malware increased by 358% in 2020 - Help Net Security


The trend in 2021 is that criminal hacker groups are becoming more sophisticated in their phishing exploits with the use of machine learning and more coordinated sharing on the dark web and dark web forums. Hackers are also able to get paid via crypto-currencies that can be difficult to trace making ransomware more of a priority in their exploit. With the advent of crypto-currencies in ransomware, it became a profit motive for a lot of criminal enterprises. They replaced brick-and-mortar crime with digital crime.


The estimated cost of ransomware was $20 billion in 2020, a rise from $11.5 billion in 2019 and $8 billion in 2018. That trend will continue to grow.   The likely impact for the near-term future is that there will be more ransomware attacks against institutions, corporations and governments who are less cyber secure and cannot afford to have operations impeded such as health care, State & local governments, and educational institutions, etc. Preventing ransomware requires cyber-security awareness and preparation based on anti-malware programs, secure passwords, updating patches and having secure routers, VPNs, and Wi-Fi. Most important of all do not fall for the Phish and be sure to back up sensitive data.

 

Threats against Critical Infrastructure; ICS, OT/IT Cyber-Threat Convergence

The 2020 World Economic Forum (WEF)’s Global Risks Report listed cyber-attacks on critical infrastructure (CI) as a top concern. WEF noted that “attacks on critical infrastructure have become the new normal across sectors such as energy, healthcare, and transportation.” 

Dragos Inc. "Year in Review 2020" report of industrial control systems (ICS) and operational technology (OT) cyber threats, vulnerabilities, assessments and incident response insights determined that threats have increased threefold in the past year. The threats are growing along with the attack surfaces associated with CI. The types of cyber threats include phishing scams, bots, ransomware, and malware and exploiting software holes. The global threat actors are many including terrorists, criminals, hackers, organized crime, malicious individuals, and, in some cases, adversarial nation-states. Hackers often seek out unsecured ports and systems on industrial systems connected to the internet. IT/OT/ICS supply chains in CI can be particularly vulnerable as they cross-pollinate and offer attackers many points of entry and older Legacy OT systems were not designed to protect against cyber-attacks.


In the U.S. for instance, most of their critical infrastructure, including defence, oil and gas, electric power grids, health care, utilities, communications, transportation, education, banking, and finance, is owned by the private sector (about 85 percent) and regulated by the public sector. The energy sector stands out as being particularly vulnerable. This ecosystem of insecurity includes power plants, utilities, nuclear plants, and The Grid.

 

The solution to the Growing Cyber Threats

Organizations and Governments must increasingly rely on new and disruptive technologies to help them grow and differentiate themselves in the evolving ecosystem. Next-generation security operations and response services along with a deep portfolio of consulting, recommendation and managed services, can help organizations and Governments build a transformation strategy and roadmap to implement the next generation of security operations.

 

 


Copyright © 2004 - Present: DEDICATED WEBSITE FOR DR BABA J ADAMU. All Rights Reserved Powered by iNetworks Canada