Cyber SecurityBy Gurpreet Thathy | 12 Jan 2022
Cyber Security Concerns
Cyber security concerns 2022:
The cyber security landscape is rapidly evolving, and business leaders must adapt to manage these changes effectively. With 2022 upon us, Gurpreet Thathy, Valkyrie’s director of Cyber Security and Electronic Counter Measures, provides his thoughts on the critical areas of concern for the year ahead.
Throughout 2019/20, most organisations could obtain cyber insurance with relative ease and at a reasonable price, as the insurance market saw intense competition for customers. As cyber incidents have increased and insurers have experienced losses, this dynamic has changed. Insurance firms are not as willing to underwrite the risks associated with cyber security as they once were – and so we can expect premiums to increase as the cyber insurance market continues to harden throughout 2022.
Alongside higher insurance premiums, we anticipate that the increasing frequency of cyber-attacks may result in insurance firms turning to co-insurance models, where the insured and insurer agree to share claims costs. In these cases, some insurers may decide only to cover those costs required to recover from a cyber incident but may not reimburse insureds for ransom payments. Cyber preparedness and prevention will become ever more critical in 2022 as organisations are forced to take more responsibility for their security.
Supply chain attack:
Organisations are increasingly reliant on third-party managed service providers (MSPs) to service their IT requirements. Ransomware is a volume business and, for cybercriminals looking to exert maximal impact with minimal effort, breaching a third-party organisation represents an opportunity to impact the hundreds or even thousands of that victim’s clients – and their client’s clients – all at once.
Organisations that are best-prepared for a supply chain attack will be those that operate on the basis that, regrettably, the risk of breaches through third-party vulnerabilities can never be satisfactorily mitigated – and who, therefore, have robust incident response plans in place to respond when they do occur. However, just having incident response plans in place is not enough, and organisations should rehearse these plans regularly to ensure they know how to deal with any crisis when it occurs.
At least in the short term, we are unlikely to see a return to office working – companies are expecting 50% of their workforces to continue to work from home (WFH) for the next 12 months.
While this shift to hybrid working solutions has triggered most companies to change their cyber incident response plans, either in part or entirely, hybrid working remains a crucial concern for cyber decision-makers.
The Covid-19 pandemic normalised WFH and saw companies and individuals investing in home office equipment and upgraded broadband. While this has been good news for meeting platforms and delivery companies, it has also been great news for criminals, as organisations’ attack potential has extended beyond the office’s confines into many poorly-secured home networks, each supporting dozens of devices bringing their vulnerabilities.
Over 2022, we will likely start to see new technologies and security solutions that assist companies in managing remote working security issues without invading employees’ privacy at home.
Cyber security budgets/investment:
Cyber budgets have declined when the cost of cybercrime and the frequency of attacks are increasing. Approximately half of the organisations either halted or decreased their spending on cyber security during the pandemic. Following this lack of growth in cyber budgets, IT leaders are now planning to increase budgets (Cyber) for this year by approximately 8-10%. However, with inflation running high, it remains to be seen whether this slight increase will be enough to make up for ground already lost.
In addition, many businesses struggle to deploy cyber security investments in the correct places. A better understanding of how to prioritise areas for cyber investment is required and, with cyberattacks becoming more frequent and sophisticated, business leaders need to commit to strategic investment. This is the best way to reliably reduce cyber risk and minimise the financial and reputational damage caused by incidents.
The ongoing threat of ransomware attack:
According to the UK National Cyber Security Centre, there were three times as many ransomware attacks in the first quarter of 2021 as in the whole of 2019. Once again, we can largely blame this on the pandemic, and the growth in the amount of activity carried out online and in digital environments. Ransomware typically involves infecting devices (such as laptops or mobile phones) with a virus that locks files away behind unbreakable cryptography and threatens to destroy them unless a ransom is paid – usually in the form of untraceable cryptocurrency. Alternatively, the software virus may threaten to publish the data publicly, leaving the organisation or individual liable to enormous fines.
Ransomware is typically deployed through phishing attacks – where employees of an organisation are tricked into providing details or clicking a link that downloads the ransomware software (sometimes called malware) onto a computer.
One result of the higher volume of ransomware attacks and their increased impact over the past year is that the US government and law enforcement agencies have become more active in combatting international ransomware groups. In addition to several offensive cyber operations in 2021 targeting known criminal groups, lawmakers around the globe are beginning to grapple with how best to regulate the issue.
One such proposal gathering momentum in the US is a legislative ban on paying ransoms to criminals. It is hoped that this will limit revenue for ransomware gangs and reduce their capabilities and threat. It is also anticipated that more cyber insurance firms will remove coverage of ransom payments from their policies in 2022. This should halt ransomware groups from making payment demands and help the cyber insurance market reduce losses experienced in this area in recent years.
Currently, education is the most effective method of tackling this threat, with research showing that employees who are aware of the dangers of this type of attack are eight times less likely to fall, victim.
The industrial and economic espionage threat continues to grow and evolve:
Industrial and economic espionage levels have been on the rise in recent years with the advent of cheap, readily available equipment (known as ‘bugs’) that can easily be purchased online. With the Covid-19 pandemic hitting organisations and businesses, the temptation for gaining an advantage over competitors has seen the rise in corporate espionage and insider threats. The quest for illicit intelligence is a never-ending threat, whether from criminals trying to obtain information for financial gain or sophisticated, state-sponsored adversaries looking to gain political and military advantage.
Devices such as electronic bugs, listening devices, hidden cameras, mobile phone interception, Bluetooth interception, laser microphones, burst transmitters and other similar eavesdropping devices are all readily available over the Internet to anyone with a credit card. As a result, there is now a more significant threat present than ever before – especially for businesses. The risk for companies is that their sensitive information, such as proprietary product specifications or formulas, business plans, and client data, can all be exploited.
Typically, industrial spies seek any data they can exploit, whether to sell it to third parties or use it to gain a competitive advantage. The security of your building, your information, private conversations, plans and secrets can all be compromised by surveillance devices, from small, inexpensive GSM/UMTS bugs to bespoke devices created by state actors. With many companies continuing to employ a work from home policy, it has left the few employees and other staff working onsite unsupervised, often over long periods. This has created the perfect opportunity for adversaries to breach security.
We believe raising awareness about these threats is key in protecting yourself from security incidents. If in doubt, please give us a call to discuss the threats and how we can mitigate these risks and lower the risk of a security/data breach. firstname.lastname@example.org | +44 (0) 2074 999 323