2021 has been a rewarding year for cybercriminals. In Singapore alone, Frost & Sullivan found that two-thirds of organisations experienced at least one cybersecurity incident in the past year, with one in three also reporting a moderate to major increase in supply chain attacks.
Attacks have also become bolder, fuelling a more lucrative market and creating a bigger challenge for organisations everywhere. Just recently, one of the most concerning flaws ever found in enterprise and open-source software has been widely exploited by attackers. More than 840,000 attacks leveraging the Log4j vulnerability have been launched against companies globally.
As Singapore commits to a proactive stance against cybercriminals, business leaders cannot afford to exclude cybersecurity from board-level priorities. If we are to make headway against the growing sophistication of threats, it must be recognised as a business challenge and not just an “IT problem”.
Playing catch up with cybercriminals
Innovation is the name of the game and many organisations have activated a digital-first response to the pandemic over the past 24 months. This has allowed cybercriminals to prosper as they, too, evolved their operations, sharing resources and expertise to beef up their attack tactics and strategies. Adopting an “as-a-service” model, ransomware providers, such as BlackMatter, have been consolidating the best attributes of previous successful attacks to offer just about anyone an affordable option to deploy ransomware against a target.
Threat actors have also altered their modus operandi to leverage the impacts of COVID-19 and inflict maximum damage. Cybercriminals adopted new tactics such as double extortion, where data is exfiltrated and systems are encrypted, counting on the threat of hefty regulator fines and reputation damage as a bargaining chip for a larger ransom. Some even deploy triple extortion, which cripples an organisation’s entire network (including portions not under the criminal’s control) through distributed denial-of-service (DDoS) attacks, applying immense pressure on compromised organisations to cough up the ransom.
Detect and respond only wins half the battle
Cyberattacks have become more consequential and costly, and the threat will continue to intensify. In response, organisations are doubling down on existing cybersecurity systems with updates and upgrades which offer defences to the latest malware strains. Additionally, they can count on endpoint detection and response solutions to mitigate the damage after breaches have occurred.
However, the world is currently experiencing a ransomware attack every 11 seconds. That’s almost 8,000 in a day. A detect-and-respond approach to cybersecurity will leave organisations susceptible to the 450,000 new malware variants created every day. Traditional antivirus solutions with their signature-based approach cannot keep up with the sheer volume of malware variants that are created.
To truly strengthen their cybersecurity posture, it is important for organisations and their leaders to partner with their cybersecurity teams to balance their detect-and-respond approach with predictive and preventive security.
Tech and People: Keys to Securing and Protecting Organisations
First, artificial intelligence (AI) and machine learning can empower cybersecurity teams to stay ahead in their fight against cyberthreats. Algorithmic models can and have been trained with a mix of known-good and known-bad files, enabling them to discern the features and behaviours of malicious software. In addition to actively analysing, identifying, and preventing malware from executing attacks, these algorithms are capable of predicting how malware behaviour could evolve, intelligently defending organisations against never-before-seen variants.
Furthermore, preventive security education should continue to be a pillar in an organisation’s cybersecurity strategy. Human error accounts for most cybersecurity incidents, making people, not technology, the weakest link in cybersecurity. Thus, organisations that are serious about strengthening their cybersecurity defences must continue doubling down on cyber education programmes, strengthening security awareness, and incorporating innovative training methods like gamification. Only by building up cyber fitness amongst their employees can organisations prevent cyberattacks more effectively.
Stay ahead of cybercriminals with proactive cybersecurity
2022 will see cyberthreat mitigation continue to be a top priority for organisations – a task that cannot be left to IT departments to manage alone. Cyberattacks have clear business impact, both reputational and financial, and cybersecurity cannot be left as an afterthought. The fight against cybercriminals is won with a holistic cybersecurity defence — one that not only remedies an intrusion after it happens, but is also capable of evolving and preventing new threats. Faced with the relentless threat of cyberattacks, organisations must appreciate cybersecurity as a business problem going into the new year, and embrace a proactive cybersecurity posture to defend themselves reliably and sustainably.