Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, released its predictions for the cybersecurity trends that will shape the digital landscape for the year ahead.
In 2021, we saw the sustained acceleration of innovation and digital transformation as organizations continued to navigate the effects of the global pandemic. As a result, cyber attackers also grew in sophistication. The impact of ransomware attacks also reached an unprecedented scale, threatening thousands of organizations worldwide and holding critical infrastructure hostage.
With the pandemic-induced shift in digital behavior and adoption here to stay, looking ahead, organizations should remain vigilant of the emerging trends listed below to ensure they have the appropriate solutions in place to stay ahead of threats.
The meteoric rise of bitcoin will create a well-funded adversary
Cybercriminals are getting richer than ever
Over the past year, the APAC region has seen a prominent increase in ransomware attacks. The 2021 Unit 42 Ransomware Threat Report revealed that the average ransom paid by an organization in the first half of 2021 was US$570,000 – an 82% increase from the year before. This demonstrates how cybercriminals continue to profit and dominate the cyber threat landscape.
It’s no secret that cryptocurrency fuels the ransomware economy. Due to the rising value of cryptocurrency and anonymity in ransomware payments, cybercriminals will have more funds and resources to launch bigger attacks on critical infrastructure. Beyond monetary loss for businesses, the systems, and services that entire populations depend on could be crippled.
We can also expect cybercriminals to take data exploitation to the next level with “shameware” attacks – double extortion in ransomware campaigns – to inflict lasting reputational damage on targets who do not accede to their ransom demands. We will also see quadruple extortion tactics rising to the forefront, as threat attackers add pressure points to coerce their victims into paying up.
Safeguarding what really matters
As a first step, organizations can improve their cybersecurity posture by undertaking a Ransomware Readiness Assessment to determine their level of preparedness for an attack or run tabletop exercises to identify any security gaps.
With cyberattacks getting more sophisticated, organizations can further protect themselves with AI and other new technologies as part of their arsenals. Correlation capabilities that provide continuous validation of authorized use and accurate detection of anomalous activities will also help.
Cybersecurity is a team sport where everyone—individuals, businesses, and the authorities—needs to work together to safeguard the data and integrity of assets belonging or connecting to any organization’s network. Close collaboration between cybersecurity providers and cloud and telecommunications operators is critical to disrupting successful ransomware attacks and imposing real costs on adversaries.
As physical and digital lines blur, who or what we trust will impact our security even more
Cyberattackers now have a bigger playing field
As we enter the era of Web 3.0, we will be interacting with smart devices that have intuitive and sensory triggers such as geolocation, computer vision, and biometric or commands.
The ubiquity of IoT devices in our everyday lives has further blurred the lines between our physical and online worlds. Web 3.0 will make data breaches and other cyberattacks a lot more impactful, as these attacks are on cars, buildings, and physical lives and could lead to far-reaching consequences in the real world.
Navigating a mixed reality
The good news is that organizations are making progress in shoring up their cybersecurity defense in the Web 3.0 era. According to the IoT Security Report 2021 by Palo Alto Networks, 41% of Hong Kong respondents said their IoT devices are segmented on a separate network, and 51% adopted micro-segmentation – an industry best practice where organizations create tightly controlled security zones on their networks to isolate IoT devices and keep them separate from IT devices to avoid hackers from moving laterally on a network.
Given the hyper-connectedness of our networks today, organizations will also need an ironclad strategy that offers complete visibility of all devices connected to their networks. AI is a powerful tool that can help to accurately profile, correlate, and contextualize every digital entity. The combination of these capabilities will help organizations validate, authenticate, and apply threat prevention technologies across their entire infrastructure.
The API economy will usher in a new era of digital fraud and exploits
Greater reliance on digital services presents more opportunities for cybercriminals to carry out identity theft, fraud, and unauthorized data collection
While digital banking brings greater convenience and accessibility, it is not without potential risks. Especially with the rise of open banking and solid fintech growth in the region, poor programming done at the API level can have serious repercussions as they are the glue that holds most digital apps and software together. New services like Buy Now Pay Later are no exception.
Any security misconfigurations in APIs could be exploited as an entryway for cybercriminals to gain access to personal data, manipulate a transaction, or shut down a key service. Such data is of great value to attackers, who can not only sell the information on the dark web but can also use it to carry out spear-phishing, account takeover attacks, or business email system compromise.
Shoring up defenses against online fraud
Financial institutions can build customer trust and enhance anti-fraud measures by including customer education as part of their security strategy. Special care should be given to groups like the elderly, who may be more susceptible to fraud as new users of digital banking platforms.
On the backend, financial institutions need to integrate security into all stages of the software delivery process and ensure that they have visibility on their entire API ecosystem. This approach, also known as DevSecOps or “shift left” security, ensures that software is tested for security problems before it goes public, allowing IT teams to plan for any security issues that might appear after deployment.
Attackers will set their eyes on countries’ critical digital infrastructure
Expect bigger and bolder attacks in the coming years
Critical infrastructure, with its confidential and lucrative data, is a key target for cybercriminals. We have witnessed several high-profile attacks in the region, including attacks that have shut down New Zealand’s Stock Exchange and disrupted the operations of Taiwan’s state-owned energy company.
These attacks exposed a damaging weakness on critical infrastructure: the rate at which cybersecurity protocols are implemented is significantly slower than the rate of digitalization. Time-sensitive and highly lucrative critical infrastructure will see more attacks from cybercriminals that can easily exploit weaknesses within their digital systems.
The interconnectedness of supply chain and business applications creates further complications as cyber attackers can infiltrate critical infrastructure from the periphery. In other words, organizations that have taken the necessary precautions to secure themselves might still be exposed to threats through third-party vendors and partners.
Examining the cyberthreats embedded within our systems and supply chains
We’ve seen some of the most damaging cyberattacks amid the acceleration of digital transformation efforts in recent years, and the situation may continuebut the worst is yet to come. Moving forward, governments will continue to expect best-in-class supply chain security practices among ICT companies that supply critical infrastructures.
Better global collaboration among governments around the world on policy and regulation is needed to navigate these complex challenges, especially those targeting critical infrastructure via supply chain weaknesses.
Cyber attackers are likely to have already infiltrated numerous organizations and are lying dormant just waiting for the opportune time to strike. As such, strong threat prevention and response strategy is indispensable for all critical infrastructure, organizations should adopt a multipronged approach. Correlating endpoint threat data helps to better identify the source and spread of advanced attacks. Technologies like behavioral analytics and SOAR can alleviate the burden on time-strapped security teams.
A borderless workforce needs a borderless solution
The ‘work-from-anywhere’ genie is out of the bottle, and we can’t put it back
With our homes now evolving into our workplaces, threat actors have switched their focus from targeting corporate headquarters or branches to attacking individual homes. As more people settle into their home offices, the number of corporate-issued devices increases correspondingly, these can include video conferencing equipment, IP phones, printers, and more. All of these devices can be points of vulnerability if they are not adequately configured and secured.
Keeping safe while working from home
As remote work becomes a critical long-term strategy for most organizations, they need to extend their corporate networks and bring unified security policy management to their work-from-home employees.
This should include the deployment of new integrated solutions like secure access service edge (SASE) that combine security, networking, and digital experience management. The best of SASE solutions brings about not just security but also operational efficiency. Organizations can enjoy operational efficiency as SASE centralizes the security of remote sites and users to the cloud where it can be managed holistically.
A Zero Trust mindset will also have to become an important part of this new security paradigm where organizations will need to “trust nothing and validate everyting”. It will be essential to continuously validate every stage of a digital interaction across multiple locations to give organizations the peace of mind and assurance they need in today’s digital workforce.
We can also expect a lot more harmonization, or application rationalization, around the all-remote-access technologies that people use, such as VPNs, which can be complex to work out. Conversely, with a home environment, there will be more expectations from both organizations and employees for remote work solutions to be simple to both deploy and manage.