No computer network will ever be truly secure. Malicious actors and cybersecurity experts are locked in an ever raging battle of compromise and contingency. Due to the shifting nature of this battle and the continued adoption of new technology by organizations, the focus of cybersecurity changes regularly. Here are some of the trending areas in the field in 2022.
Cloud Infrastructure Entitlement
Cloud computing and storage is immensely important in the age of big data and remote work. Companies are migrating to the cloud at a rapid pace: making use of remote computing and storage’s scalability and flexibility. Adopting the cloud, however, does come with some extra security risks. If access is not carefully managed, a single breach by an unauthorized or compromised party could devastate an organization. Cybersecurity professionals working with the cloud typically implement some kind of Cloud Infrastructure Entitlement Management system.
CIEM systems grant, resolve, enforce, revoke and administer access entitlements related to the cloud. They automate – to a degree – the many changes to access entitlement that each network identity goes through during their ‘identity lifecycle’. A network identity can be human, hardware or software. If we take a human being as an example, their network identity lifecycle would begin when they are onboarded and end when they leave the company. During that time, their necessary entitlements would change according to their role, rank and short term task. A Cloud Infrastructure Entitlement Management system operates by enforcing rules that are set by controlling cybersecurity experts. Careful research is needed before these rules can be effectively set.
Encryption
Old models of encryption are becoming more and more compromised as hackers develop more advanced methods of ‘cracking’ decryption codes. Cybersecurity experts are putting a great deal of time into developing airtight encryption methods. Encryption is especially important in organizations that have migrated to the cloud. Because cloud servers are remote, hackers have been using man in the middle attacks to intercept data while it is in transit. It is vital that all data sent to and from remote servers is strongly encrypted in order to prevent man in the middle attacks from being effective.
IoT Security
The Internet of Things is a term used to describe a new model of interconnected objects that use machine learning to improve their performance and deliver useful data. As with all new hyper networked solutions, the IoT comes with some novel security risks. Cybersecurity experts are turning their hand to securing the Internet of Things.
The Rise Of Ransomware
Ransomware is one of the most prominent and devastating kinds of malicious software that is targeted at data reliant organizations. Ransomware is usually spread by phishing or the interception and alteration of files. Once it is present inside a network, ransomware begins encrypting all of the data that it has access to. Network users are then presented with a ‘ransom note’ – a demand for money if they want to ever see their files again. The most infamous ransomware attack so far has been the Wannacry campaign. This malware was developed by the Lazarus Group – a shady hacking gang with ties to the North Korean government. The government of North Korea is perpetually broke due to the impact of both sanctions and self imposed Juche isolation. Holding businesses to ransom using Wannacry was alleged to have been an attempt to mine cryptocurrency to prop up the government.
Although the threat from Wannacry has dissipated somewhat, it proved just how successful a ransomware attack could be. Now everybody and their dog wants to get in on the game. Cybercrime magazine recently published an article in which it predicted that global losses to ransomware would exceed 265 billion dollars by 2031. If this does not make countering ransomware a priority for security teams then nothing will!
Mobile
Mobile devices are now used as workplace tools more often than ever before. Mobile devices are used to access work emails, provide multi factor authentication and take part in video conferences. These mobile devices, however, may not always be as secure as hardware owned and provided by the employing organization. Cybersecurity professionals are rightly concerned about the increased vulnerability that personal devices bring into a network. Many organizations have started to ban the use of non-company mobile phones when accessing sensitive areas of a network .They often issue work only mobile devices to employees that need them.
Mobile security vulnerability is nothing new – although it has taken on a new significance with the ubiquity of smartphones and the remote working implications of the covid-19 pandemic. In 2008 an aide working for British prime minister Gordon Brown had his blackberry smartphone stolen after meeting a suspected espionage operative in a Chinese disco. The phone may have contained extremely sensitive information. This underlined the vulnerability of mobile devices.
Social Engineering
While many security vulnerabilities are related to technical loopholes, one of the biggest weak spots in a network’s armor will always be its users. Social engineering has become one of the most popular ways for hackers to gain access to sensitive network areas. One of the most famous kinds of social engineering is phishing. During a phishing attack, an authorized network user is sent an email or text that purports to link to useful information. When the victim follows the link and enters their credentials they are actually giving them away to hackers.
Perhaps the most famous social engineering attack in history occurred in the run up to the 2016 US presidential election. Spear phishing emails were sent to accounts linked to the Democratic National Committee. The emails purported to link to useful election statistics. Once an account was compromised, the hackers leaked sensitive information. It is alleged that the hackers were working directly for the government of the Russian Federation.
Countering social engineering attacks is one of the main priorities for cybersecurity teams in 2022. Although entitlement governance can make it less likely that employees can compromise a system, it can never truly patch it up. Awareness training is widely considered to be the most effective protective measure.