The Cyber Pandemic Continues

The COVID-19 pandemic drove a dramatic shift in how business was done. Instead of employees primarily working from the corporate office, a much greater percentage of the workforce is working remotely and is likely to continue to do so for the foreseeable future.

The pandemic kicked off a cyber pandemic as cyber threat actors adapted to and took advantage of changes in corporate IT operations. The rise of remote work made employees’ computers – often personal devices – a company’s first line of defense, and the surge in cloud adoption to support the remote workforce and meet digital transformation goals created new attack vectors for cyber threat actors.

Two years into the pandemic, little has changed. Many companies are still supporting a mostly or wholly remote workforce, and cloud adoption continues to grow. As cybercriminals continue to take advantage of the vulnerabilities and secure gaps caused by this rapid IT transformation, companies struggle to secure their systems and protect corporate and customer data.

Supply Chain Attacks Are on the Rise

Supply chain attacks rose to prominence in late 2020, grew through 2021, and are likely to continue to be a major threat in 2022. In December 2020, the discovery of the SolarWinds hack led this trend.

The high-profile supply chain attacks of 2021 have demonstrated that it is a viable and potentially profitable attack vector for cyber threat actors. Going into 2022, cyber threat actors are likely to expand their use of supply chain attacks to amplify the reach and impact of their attacks.

Cloud Services Are A Primary Target

With the pandemic-inspired shift to remote work came a rapid adoption of cloud-based infrastructure and services. Software as a Service (SaaS) solutions closed crucial gaps – such as the need for online meetings and file sharing – and cloud-based infrastructure was more accessible and easier to manage by a remote workforce.

Since the rapid shift to remote and the cloud in 2020, companies have had the opportunity to close many of the biggest security issues caused by a rapid transition with little or no advance planning. However, some cloud security gaps still remain, and cyber threat actors continue to work to outpace security personnel at taking advantage of the newly vital role that cloud computing holds in the modern business.

Many of these attacks target vulnerabilities in the cloud infrastructure itself, allowing an attacker to exploit many targets with a single vulnerability. In September 2021, the OMIGOD vulnerability was discovered. Exploitation of Microsoft’s Open Management Infrastructure (OMI) software agents embedded within Azure VMs could have enabled attacks against up to 65% of Azure customers until it was patched.

With increased cloud adoption comes increased scrutiny, both by ethical hackers and cyber threat actors. 2021’s example shows that it is likely that more cloud security issues will be discovered in 2022 and beyond.

Mobile Devices Introduce New Security Risks

Another impact of the shift to remote work was the widespread adoption of Bring-Your-Own-Device (BYOD) policies. By allowing employees to work from personal devices, companies may have improved productivity and employee retention but also lost vital security visibility and the ability to respond to infections that threaten corporate systems and solutions.

The upswing in mobile device usage has also made cyberespionage tools like Pegasus more effective and dangerous. Developed by the NSO Group, the malware uses several zero-click exploits to gain access to target devices before taking them over and collecting data from various sources (texts, phone, email, etc.). Pegasus is officially available only to governments, law enforcement, etc. but has a history of being abused to target journalists, activists, government officials, and business executives. Inspired by Pegasus’s success, Cytrox, a North Macedonian country, now offers a similar tool called Predator, and this threat is likely to spread to common cyber threat actors as well.

In 2021, cybercriminals adapted their tactics to take advantage of growing mobile adoption. Several mobile malware Trojans have emerged, including the FlyTrap, Triada, and MasterFred malware. These mobile Trojans take advantage of social media, weak app store security controls, and similar techniques to gain access and the necessary permissions on target devices.

Mobile malware and cyber threat actors have also adopted Smishing tactics, sending phishing content over SMS messages rather than email. The FluBot Android botnet is notorious for this, even using a text message about a fake FluBot infection to spread itself. Smishing attacks have caught on because they require few technical skills and are relatively inexpensive with phishing kits selling for $50-100 US.

Mobile devices have become a new front in the fight against cybercrime. For the modern business, mobile security is a key part of a corporate cybersecurity strategy.

Ransomware Attacks Are on the Rise 

Ransomware rose to prominence with the WannaCry outbreak in 2017. Since then, many ransomware groups have emerged, making it a top-of-mind and expensive threat for all businesses.

In 2021, ransomware groups demonstrated their ability and willingness to impact organizations beyond their direct targets. The Colonial Pipeline hack is the most obvious example of this as the Dark Side ransomware group caused a weeklong shutdown of one of the main pipelines servicing the US East Coast.

Beyond these high-profile attacks, ransomware groups also heavily targeted the education and healthcare sectors. These attacks caused school closures, loss of sensitive educational and healthcare information, and the delay of elective and non-emergency medical procedures. Multiple attacks by hacktivists caused public disruption in Iran by targeting railways and gas stations.

Ransomware attacks have proven to be effective and profitable for attackers. Unless this changes, they will continue to be a leading cyber threat for organizations.

 

Hire Professionals To Protect Your Organization
Public and private organizations are especially at risk of cyberattacks. Managing the cyber security for your organization internally can become tedious and expensive, so consider hiring cybersecurity services to do it for you.
Letting an agency handle your cyber security will guarantee the most safety, and they can also help you recover quickly from a cyberattack if one does happen. Focus on the day to day operations of your organization and leave cyber security to the professionals to make sure you’re guarded on all fronts.

Stay Safe Online
While cyberattacks are happening more and more often, that doesn’t mean we shouldn’t use all of the advanced technology available to us. Simply take steps to protect yourself using the different types of cyber security, and when necessary, bring in the CB Tech Group experts to help.