The CTO at Bugcrowd, Casey Ellis, speaks about how international relations have devolved into a new type of Cold War, with espionage played out in cyberspace.
The most alarming macro-trend today is the fact that attackers don’t seem to care about getting caught anymore. Attacks by nation-states have increased in temerity, as with the Russian attack on Solar Winds, and we have seen their attack tactics shift from targeted, stealthy operations into opportunistic hacks with potential future uses, as with the Hafnium attacks.
On the international stage, we should consider China a growing cyber security threat. In terms of their economic, defense, and military posture, that has been the case for some time, but 2021 has shown that the relationship has deteriorated into a kind of Cold War, with espionage taking place in cyberspace.
Time to head back to work?
Global synchronization of the shift to work from home has been hugely impactful from a security attack surface standpoint, but we were all working toward the same goals. There is a new threat emerging as the dust settles after the pandemic: technological disruption caused by the transition to hybrid work, where the goals are more diverse and generally less well defined. Therefore, the home is now viewed as part of the attack surface, and this introduces a vast number of new variables that we have no idea how they work.
In today’s world, it is so easy to determine the address of a potential target, which makes the employee’s home yet another vulnerable attack surface.
In a similar vein, what security measures should Zoom use to protect video calls? Each organization approaches hybrid work differently, so there is no simple solution to these problems. Whenever complexity increases, attack surfaces also increase.
The number of zero-day exploits for consumer internet of things (IoT) and home routers has increased, followed by attacks. In the past, sophisticated nation-state attackers or cybercriminals rarely used the home as an attack vector. But in the coming year, we should see more of this type of activity.
How to deal with the ransomware elephant?
Despite being used by criminals for quite some time now, ransomware only became a highly effective and lucrative business model in 2021. It is normal for things that work to accelerate, receive investment, and evolve, and we should expect to see an increase in the adoption of ransomware tools by attackers, including criminal enterprises funded (or shielded) by nations.
Healthcare is particularly vulnerable to ransomware. The shutdown of hospitals and clinics’ computer networks can quickly become a matter of life and death for patients, and the growing awareness of healthcare’s critical nature makes it an attractive target for ransomware. Hopefully, this predicament will force security providers to develop a new category of security products to disrupt the economics of ransomware.
The insurance firm Lloyd’s of London withdrew its insurance for ransomware payments in France in Q2 of 2021, a promising development. Lloyd’s changed their policies so that they don’t cover ransom costs anymore, likely because their actuaries argued it was irrational to cover this risk – we’re just not very good at preventing it yet. In the years to come and beyond, that step is likely to signal big changes for the insurance, fintech, and security industries.
Priority #1: Getting our heads out of the sand when it comes to security
The disruption of indifference to the security problem that we have witnessed from executives of businesses across all industries and geographies may be the most positive trend of all.In the case of 2021, the cyber boogie-man has very clearly shown that he is active and real.
Many companies are still practising “ostrich risk management,” in which they hope that burying their heads in the sand and ignoring the problem will make it go away.
However, the continual increase in attacker activity through 2021 is eroding this as a feasible method, the cybersecurity problem is worsening, and breaches can happen to anyone at any time.
Consumers are also becoming involved, becoming more concerned about security breaches and hacking.
As a result of this increased awareness, buyers are more likely to seek products that prioritise security as a key feature and market differentiation.