The past two years have been great for business — if you’re in the cybercrime business. Economists say cybercrime now generates at least $1.5 trillion in revenues every year, roughly equal to the annual GDP of Russia. It is now more profitable than the global trade of all major illegal drugs combined.
Here are some of the factors likely to define the cybersecurity landscape in the months ahead:
Ransomware evolves. The rise of ransomware-as-a-service (RaaS) will drive more frequent attacks. Subscription-based RaaS exploits are available on the Dark Web for about $50 a month, a price point that will allow threat actors with limited skills to cash in on the ransomware economy. Meanwhile, more sophisticated players are likely to step up their attacks targeting healthcare organizations and other critical infrastructure. These are enticing targets because there is greater urgency to pay a ransom in order to minimize the impact on large swaths of the civilian population.
The log4j flaw will keep everyone busy. The recently discovered flaw in the open-source logging library for Java applications makes hundreds of millions of devices vulnerable to attack. In early December, it was discovered that attackers can trick log4j into storing log entries that contain a string of malicious code. It can be as easy as typing a line of bad code into the public chat box of a multiplayer online video game or changing the device name of a smartphone to an exploit string. With the ability to write malicious code directly into the logging library, attackers can bypass antivirus, antimalware and other standard defenses. Researchers expect attackers to use the flaw to establish backdoors into corporate networks that can later be sold to ransomware operators.
Supply chain attacks will become more frequent. The notorious SolarWinds and Kaseya hacks are noteworthy examples of attacks in which criminals compromise a single weak link in a supply chain to spread malware to hundreds or thousands of victims. This attack scenario has become a particular favorite for cybercrime groups by nation-states such as Russia, China, North Korea and other adversarial governments. These threat actors are well-funded, sophisticated and have access to cutting-edge technology. Nation-state-backed attacks against companies and interests in the U.S. have increased 100 percent since 2017, according to one recent academic study.
Cloud resources will be increasingly targeted. The accelerated use of cloud services and applications to support remote work has dramatically expanded the typical organization’s attack surface. At the same time, configuration errors, insecure interfaces, unpatched applications, and poor encryption and authentication practices are opening the door for a variety of exploits. Malicious actors are seizing the opportunity — 98 percent of companies surveyed recently by IDC said they experienced at least one cloud data breach within the previous 18 months, with 67 percent reporting three or more such incidents.
Cryptojacking is a worsening threat. There was a steep rise in reported cryptojacking attacks in 2021, as malicious actors infiltrated networks to install malware that covertly uses system resources to mine cryptocurrencies such as Bitcoin. The process drains system resources, consumes valuable bandwidth and increases energy consumption. Analysts warn that Bitcoin-mining malware increasingly includes additional malicious payloads designed to exfiltrate data from compromised systems.
Now’s the time to review your cybersecurity infrastructure to ensure that you have the controls in place to protect against these threats. Let the security specialists at Verteks assess your environment, identify any gaps and vulnerabilities, and help you develop a strategy for bolstering your security posture.