The biggest cyber security threats in 2022

cyber security.jpg
August 2022

Remote working, the ongoing digitalisation of society, and the increasingly online nature of our lives mean there are so many opportunities for phishers, hackers and scammers.  With no sign of this letting up, it is essential for individuals and businesses to be aware of the ever-growing avenues of attack as well as what can be done to mitigate the risks!

So, let’s take a look at the most important and significant trends affecting our online security:

 

 

Ransomware attacks are increasing

The global pandemic brought with it many changes to our personal and business lives and, as companies learned to adapt to the ‘new normal’, so too did cyber criminals, meaning the new work-from-home digital economy has quickly become the target of these malicious individuals. Of all of the malware attacks out there, ransomware has become the biggest risk. According to the UK National Cyber Security Centre, there were three times as many ransomware attacks in the first quarter of 2021 as there were in the whole of 2019.

A Ransomware attack can paralyse an organisation.  It typically involves infecting devices with a virus that locks files away behind unbreakable cryptography and threatens to destroy them unless a ransom is paid, usually in the form of untraceable cryptocurrency. Alternatively, the software virus may threaten to publish the data publicly, leaving the organisation liable to enormous fines.

Ransomware is largely deployed through phishing attacks – where employees of an organisation are tricked into providing details or clicking a link that downloads the ransomware software onto a computer. There has been an alarming increase in Ransomware-as-a-Service (RaaS) attacks and silent ransomware, which can stay dormant and undetected before wreaking havoc. The threat of your data being used as a bargaining tool for your money has become so pervasive that the UK National Cyber Security Centre (NCSC) has warned targets across the board - from educational institutions to sports teams to everyday individuals - to remain vigilant.

Education is the most effective method of tackling this threat, with research showing that employees who are aware of the dangers of this type of attack are eight times less likely to fall victim.

 

 

Social engineering attacks are getting smarter

Social engineering attacks like phishing are not new threats but in recent years have become the biggest, most damaging and most widespread threat facing small businesses.  In 2021, 83% of cyber breaches or attacks on businesses were phishing attacks - where an attacker pretends to be a trusted contact and entices a user to click a malicious link, download a malicious file, or give them access to sensitive information, account details or credentials.

Part of what makes phishing attacks so damaging is that they’re very difficult to combat. They target humans within a business, rather than targeting technological weaknesses.

The five most common types of phishing attack are as follows:

  1. Email phishing

Most phishing attacks are sent by email. An attacker sending out thousands of fraudulent messages can net significant information and sums of money, even if only a small percentage of recipients fall for the scam.  They will go to great lengths designing phishing messages to mimic actual emails from a spoofed organisation.  Using the same phrasing, typefaces, logos and signatures makes the messages appear legitimate.  In addition, attackers will usually try to push users into action by creating a sense of urgency.

   2. Spear phishing

Unlike conventional phishing, which targets a large volume of users with a fairly transparent attempt at stealing credentials and passwords, spear phishing is a much more targeted effort. In many cases, the attackers will create an email which is almost indistinguishable from a genuine one, even going so far as to use an email address in the “From” field which resembles the real one – at least at a glance.

Spear phishing is designed to trick users into clicking a link and willingly giving away their login credentials. 

 

   3. Whaling

Whaling attacks are even more targeted.  They use deceptive email messages targeting high-level decision makers within an organization, such as CEOs, CFOs, and other executives. Such individuals have access to highly valuable information, including trade secrets and passwords to administrative company accounts.

The attacker sends emails on issues of critical business importance, masquerading as an individual or organization with legitimate authority. For example, an attacker may send an email to a CEO requesting payment, pretending to be a client of the company. Whaling attacks always personally address targeted individuals, often using their title, position and phone number, which are obtained using company websites, social media or the press.

 

   4. Smishing & vishing

With both smishing and vishing, telephones replace emails as the method of communication.  Smishing involves criminals sending text messages (the content of which is much the same as with email phishing), and vishing involves a telephone conversation.  One of the most common smishing texts are messages supposedly from your bank alerting you to suspicious activity – ‘follow this link to prevent further damage’. However, the link directs the recipient to a website controlled by the fraudster and designed to capture your banking details.

 

   5. Angler phishing

With the huge rise in the popularity of social media, it’s no surprise that cyber attackers are taking full advantage.  The “angler phishing” attack takes place on social media platforms like Facebook and Twitter, and relies on the open nature of these platforms. Here’s how it works: the attackers monitor social feeds and wait for someone to @tag a particular company with a complaint or question about their account. From there, attackers can use a fake social media account to pose as the company’s customer support team. A quick response and a few DMs later and you can see how some people might willingly hand over their passwords and other sensitive data.

 

The Internet of Things (IoT) evolving

The Internet of Things (IoT) has been one of the fastest developing technology trends in recent years.  With our homes ever more connected, the opportunities for hackers to interfere with our lives and cause harm is increasing.

The Internet of Things refers to physical devices other than computers, phones and servers which connect to the internet and share data.  Examples of IoT devices include wearable fitness trackers, smart refrigerators, smart watches and voice assistants like Amazon Echo.  Five surprisingly hackable items that you may have in your home are:

  1. Smart TV

  2. Video doorbell and smart security system

  3. Robot Vacuum cleaner

  4. Smart garage door opener

  5. Smart baby monitor

 

They all share the same vulnerabilities – they are not only connected to the internet of things (IoT) but they are often part of your home Wi-Fi network.  With great convenience comes great responsibility; to keep your smart home safe, you should consider a router with built-in security.

 

Patch Management

Many attacks start with outdated software. For this reason, not staying up-to-date with software patches leaves companies vulnerable to any number of information security breaches. As soon as attackers learn of a software vulnerability, they can exploit it to launch a cyber attack.

 

Zero-Day Exposure

Even some of the most reliable software products can have an Achilles’ heel. Hackers look to exploit vulnerabilities referred to as “zero-day” weaknesses, as developers will have zero days to fix such a weakness if cybercriminals discover it first. Zero-day vulnerabilities have been found in some of the most commonly used operating systems, web browsers, office applications, hardware and firmware, and connected devices.

 

Cloud Vulnerabilities

The more we rely on the cloud for data storage, the higher the risk of a major data breach. Cloud services are vulnerable to a wide range of cyber attacks. This includes account hijacking and Denial of Service (DoS) attacks, which prevent companies from being able to access their data. Many businesses believe they are secure because they use cloud security technology. In reality, technology is only part of the solution. Because no technology can completely eliminate vulnerabilities, a holistic approach is needed for robust protection.

Lack of Employee Training

The most common cyber security threat employees fall for is phishing attacks. With attacks growing more advanced, many employees don’t have the skills to identify a phishing email. Additionally, many employees engage in poor cyber security discipline, using the same password for work and home computers. The solution for this is employee training. Any cyber risk management plan needs to account for human vulnerabilities, and take measures to ensure everyone is following correct protocols. Only this, in conjunction with a robust system of controls, can begin to provide adequate protection against cyber threats.

 

Third Party Exposure

With most organisations relying on outsourcing to handle at least some aspects of their day-to-day operations, third-party risk should be front of mind. This is especially true given the rising number of security breaches that are arising from third-party relationships.  While an organization may have strong cybersecurity measures in place and a solid remediation plan, outside parties may not uphold the same standards. These third-party relationships can increase vulnerabilities by providing an easier way for potential threats to attack even the most sophisticated of security systems.

 

Outdated Hardware

Not all threats to cyber security come from software. The pace at which software updates are released can make it difficult for the hardware to keep up. This, in turn, creates exposures that can put companies’ data at risk. As hardware becomes obsolete, many outdated devices will not allow updates with the latest patches and security measures. Devices that rely on older software are more susceptible to cyber attacks, creating a major potential vulnerability. It is important to monitor this and respond quickly when devices become out of date. Just like you should keep your software up-to-date, you should do the same with hardware.

 

 

So, what can you do to reduce the risk of a cyber attack?

As an organisation, you can’t afford to leave your data security to chance.  The business impact could be astronomical; it could result in lost revenue, operational disruption and stolen customer data.  Data breaches also cause reputational damage that, in some cases, could take you out of business.  So, with everything that’s at risk, here are a few practical strategies you should implement:

 

  • Encrypt your data and create backups

 

Make sure all your sensitive data is encrypted. Saving your data in normal-text format only makes it easy for hackers to access. Data encryption, on the other hand, limits data access to parties that have the encryption key. It also ensures that even when unauthorised parties gain access to the data, they can't read it. Some data encryption software even lets you know when other people try to alter or tamper with the information.

You should also conduct regular backups for your important information. At RuralTech, we recommend backing up your data to an external hard drive on a daily, weekly and monthly cycle and also, if possible, off-site, to a Cloud provider. 

 

  • Keep your systems and software updated

 

Software and system updates highly impact your cyber security and digital safety. This is because they not only add new features but also fix bugs and help patch security flaws and vulnerabilities that can be exploited.

 

  • Install Firewalls

 

You should defend your networks from cyber attacks by installing firewalls. A reliable system will effectively protect you from brute attacks or prevent security incidents from causing irreversible damage.

In addition to this, firewalls monitor your network traffic to identify any suspicious activity that could compromise your data integrity. They also prevent complex spyware from gaining access to your systems and promote data privacy.

 

  • Use strong passwords

 

Over 80% of organisational data breaches result from weak passwords. Hackers don't need much to gain access to your systems. They only require a small gap, and they'll exploit it fully.

Password cracking technology has greatly advanced, and simple passwords don't cut it anymore. Instead, you need to use complex passwords and deploy multi-factor authentication strategies to discourage cybercrime in your organisation. You should also discourage password sharing among employees so that even if one desktop is hacked, the rest remain secure.

Some of the security risk mitigation strategies you should implement when it comes to passwords include:

  • All passwords should contain at least 8 characters.

  • They should contain alphanumeric characters.

  • They shouldn't contain any personal information.

  • They should be unique and never used before.

  • They should ideally not have any correctly spelled words.

 

  • Reduce your attack surface

 

Your attack surfaces are the vulnerabilities or entry points that malicious hackers can use to access sensitive data. They could be anything like IoT, software, web application systems, and even employees that are often susceptible to social engineering attacks.

There are three main types of attack surfaces:

  1. Physical attack surface: this includes organisational assets that a hacker can get if they have physical access to your premises.

  2. Digital attack surface: these are assets that are accessible through the internet and live outside a firewall. Digital attack surfaces include known assets such as your corporate servers/operating system, unknown assets such as a forgotten website, and rogue assets such as apps that impersonate your company.

  3. Social engineering attack surface: this is one of the most critical yet often overlooked attack surfaces. In this case, the hackers exploit human psychology and manipulate your employees into divulging sensitive information.

 

  • Conduct regular employee training

It is vital to conduct cybersecurity awareness training. Let your employees know of the main forms of cybersecurity attacks and the best ways to prevent them.

You should also emphasise the importance of checking email addresses before replying to them and checking links before clicking on them. Finally, don't forget to highlight the organisational policy when it comes to sharing sensitive information, even on social media.

 

If you need to help with your cyber security, please get in touch with us to discuss the options available to you.