Economic Observer Network reporter Gao Ruoying "Why can hackers obtain more and more resources? It is precisely because of the rise of cryptocurrencies that this will have an impact on overall cybersecurity in the future. In the eyes of Ian Lim, Chief Security Officer for Asia Pacific at Palo Alto Networks, this is just the tip of the iceberg of the many cyber threats he sees.
In the upcoming 2021, the protection of data privacy, the transformation of large-scale remote work models, and the challenges of remote access by home work capabilities are all security topics that cannot be avoided. What other security threats are worth paying attention to in the coming 2022?
On December 15, Palo Alto Networks, a global cybersecurity leader, made five predictions for the cybersecurity that will affect digitalization in 2022.
Prediction 1: The rise of cryptocurrencies will encourage hackers to gain access to more resources and cybercriminals become richer.
Over the past year, there have been a variety of cyberattacks in the Asia-Pacific region, among which the one that has really attracted attention is ransomware attacks. According to the Unit 42 2021 Ransomware Report, the average ransom paid by businesses has increased by 82% compared to 2020. Cybercriminals dominate the cyber threat landscape and continue to profit from it.
"In 2020, the price of Bitcoin hovered between $3,000-5,000, but this year the highest value reached $60,000, and now it is around $40,000. It is precisely because of the huge increase in the value of these cryptocurrencies that cybercriminals have more resources to invest in their own infrastructure, talent, and can buy insiders to carry out internal attacks. Ian Lim said.
And the various levels of extortion are constantly escalating. Cybercriminals may also elevate the impact of the attack from the original "data breach" to "Shameware", causing permanent reputational damage to the target business or institution that is unwilling to pay the ransom, thus constituting a double blackmail.
In addition, the amount of ransom extortion is increasing. Ian Lim said the largest amount seen last year was $11 million, and the average ransom was around $500,000.
To prevent ransomware attacks, businesses can improve their cybersecurity posture by conducting a ransomware readiness assessment to diagnose their readiness to defend against attacks, or by identifying internal security vulnerabilities through desktop exercises. As cyberattacks become more sophisticated, organizations can deploy artificial intelligence and other innovations and adopt the correlation capabilities of continuously connected authentication authorization and detection of anomalous activity.
Cybersecurity requires group collaboration, and individuals, businesses, and government agencies work together to safeguard the integrity of any assets and data that belongs to or is connected to the corporate network. At the same time, close cooperation between cybersecurity service providers, cloud service providers and telecom operators is also crucial, and multi-faceted cooperation will help crack ransomware attacks and increase the cost of attacks by cybercriminals.
Prediction 2: When the line between the real and the virtual world becomes blurred, the people or things we believe in will have a greater impact on our cybersecurity, and cybercriminals will have more room to play.
IoT devices are ubiquitous in everyday life, further blurring the lines between the physical and digital worlds. Whether it's a smart light bulb or a self-driving car, these devices have vulnerabilities that hackers can exploit. The impact of web 3.0 data breaches and other cyberattacks in the next-generation Internet era that target cars and buildings that are closely related to people's lives will have a more lethal impact.
Given the hyper-connectivity of today's networks, enterprises must have policies in place to ensure complete visibility into all devices connected to their networks. Artificial intelligence is a powerful tool that helps businesses accurately analyze, correlate, and understand each digital entity. Combining these capabilities helps organizations validate, authenticate, and adopt threat defense technologies across their entire infrastructure.
Prediction 3: The API economy will usher in a new era of cyber fraud and security breaches, with increasing reliance on digital services, providing more opportunities for cybercriminals to engage in identity theft, fraud, and unauthorized data collection.
While digital banking offers convenience, there are potential risks. Especially with the rapid development of open banking and fintech, APIs act as the "glue" for digital programs and software, and any programming errors in it can have serious implications.
Any API security misconfiguration has the potential to be exploited by cybercriminals as a gateway to personal data, manipulate transactions, or shut down critical services. This data is valuable to attackers, who can not only sell data on the dark web, but also use it to carry out spear phishing, account hacking and business email systems.
"API technology has enabled the financial industry to expand the products and services it offers to people, and this situation is also happening in the retail industry. These programs provide better microservices while also expanding the compromised interface. Ian Lim said.
In response, financial institutions can incorporate user cybersecurity education into their security policies to build user confidence and improve anti-fraud strategies. Among them, businesses should pay special attention to older users, who as newbies may be more susceptible to fraud. In addition, financial institutions should integrate security into all phases of the software delivery process behind the system, ensuring that teams have visibility into the entire API ecosystem. The strategy, called DevSecOps or the security "Shift left" concept, ensures that the software has been tested for all possible security issues before it is publicly available, so that IT teams are prepared for any potential security incidents.
Prediction 4: Attackers are eyeing the nation's critical digital infrastructure, anticipating larger, bolder cyberattacks in the coming years.
There is a wealth of classified information in critical infrastructure, and cybercriminals often look for this lucrative data. In the past two years, there have been several high-profile cyberattacks, including the forced closure of the New Zealand Stock Exchange due to hacking attacks and cyberattacks that disrupt the operations of energy companies in Taiwan.
"One of the things that happened during the epidemic shows that these hackers basically have no conscience bottom line. The hackers attacked through third-party contractors who controlled a large number of hospitals in the United States. The attacks have put the hospital's emergency response and many lives at risk. Ian Lim said.
These attacks expose an important weakness in critical infrastructure, where they implement security protocols significantly slower than their digital transformation, and cybercriminals can easily break through weaknesses in their electronic systems. In the future, these time-sensitive and valuable critical infrastructures will usher in more cybersecurity attacks.
Because attackers can infiltrate these facilities from the outside, the interconnectivity between the supply chain and business applications deepens the complexity of the attack surface. In other words, companies that have taken the necessary defensive measures themselves may still face security threats from third-party suppliers and partners.
The Paito network predicts that there will be larger and bolder cyberattacks in the coming years. As a result, governments must work more closely together on policy and regulatory aspects to address these complex challenges, particularly attacks on supply chain weaknesses, and companies should proactively deploy security threat prevention and response strategies to analyze the relevance of endpoint threat data in a multi-pronged manner to effectively identify its source and attack vectors. In addition to this, technologies such as behavioral pattern analysis and SOAR (Security Coordination, Automation, and Response) can also reduce the burden on security teams.
Prediction 5: Employees working anywhere need cybersecurity measures that apply everywhere, and the "work anywhere" model has become an irreversible trend.
At the beginning of the pandemic, companies scrambled to deploy remote work systems at scale. With the growing popularity of distributed offices, hackers have shifted the focus of cyberattacks from targeting corporate headquarters or branches to attacking individual homes. Without adequate configuration and protection, all personal devices can become a security breach.
As working remotely has become a long-term business strategy for most businesses, businesses need to extend their corporate networks and provide unified security policy management for employees working from home. This should include deploying new integrated solutions, such as secure access service edge (SASE) that combines security, network, and digital experience management. SASE solutions not only bring security, but also improve operational efficiency by centralizing remote sites and user security into the cloud as a whole.
At the same time, Zero Trust must also become an important part of today's cybersecurity practices, and enterprises must adopt the principle of "never trust, verify all objects". Businesses must ensure that Digital Interaction is repeated at different locations and at different stages. This is critical to securing enterprise cybersecurity in the era of "telecommuting.".
In terms of Paituo Networks, it is expected that in the future, there will be more integrated solutions around remote access technology in the market to meet the needs of enterprises to simplify the deployment and management of remote work.
![The United States lost so badly in the Vietnam War, why did it insist on launching it? Mainly because of these people behind the scenes[fig]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)