predictions Archives - Cyber Secure Forum | Forum Events Ltd
Posts Tagged :

predictions

Threat Predictions for 2024: Chained AI and CaaS operations give attackers more ‘easy’ buttons 

 960 640 mattd
By:
0
0

With the growth of Cybercrime-as-a-Service (CaaS) operations and the advent of generative AI, threat actors have more “easy” buttons at their fingertips to assist with carrying out attacks than ever before. By relying on the growing capabilities in their respective toolboxes, adversaries will increase the sophistication of their activities. They’ll launch more targeted and stealthier hacks designed to evade robust security controls, as well as become more agile by making each tactic in the attack cycle more efficient.

In its 2024 threat predictions report, the FortiGuard Labs team looks at a new era of advanced cybercrime, examines how AI is changing the (attack) game, shares fresh threat trends to watch for this year and beyond, and offers advice on how organisations everywhere can enhance their collective resilience against an evolving threat landscape…

The Evolution of Old Favorites

We’ve been observing and discussing many fan-favorite attack tactics for years, and covered these topics in past reports. The “classics” aren’t going away—instead, they’re evolving and advancing as attackers gain access to new resources. For example, when it comes to advanced persistent cybercrime, we anticipate more activity among a growing number of Advanced Persistent Threat (APT) groups. In addition to the evolution of APT operations, we predict that cybercrime groups, in general, will diversify their targets and playbooks, focusing on more sophisticated and disruptive attacks, and setting their sights on denial of service and extortion.

Cybercrime “turf wars” continue, with multiple attack groups homing in on the same targets and deploying ransomware variants, often within 24 hours or less. In fact, we’ve observed such a rise in this type of activity that the FBI issued a warning to organizations about it earlier this year.

And let’s not forget about the evolution of generative AI. This weaponisation of AI is adding fuel to an already raging fire, giving attackers an easy means of enhancing many stages of their attacks. As we’ve predicted in the past, we’re seeing cybercriminals increasingly use AI to support malicious activities in new ways, ranging from thwarting the detection of social engineering to mimicking human behavior.

Fresh Threat Trends to Watch for in 2024 and Beyond

While cybercriminals will always rely on tried-and-true tactics and techniques to achieve a quick payday, today’s attackers now have a growing number of tools available to them to assist with attack execution. As cybercrime evolves, we anticipate seeing several fresh trends emerge in 2024 and beyond. Here’s a glimpse of what we expect.

Give me that big (playbook) energy: Over the past few years, ransomware attacks worldwide have skyrocketed, making every organisation, regardless of size or industry, a target. Yet, as an increasing number of cybercriminals launch ransomware attacks to attain a lucrative payday, cybercrime groups are quickly exhausting smaller, easier-to-hack targets. Looking ahead, we predict attackers will take a “go big or go home” approach, with adversaries turning their focus to critical industries—such as healthcare, finance, transportation, and utilities—that, if hacked, would have a sizeable adverse impact on society and make for a more substantial payday for the attacker. They’ll also expand their playbooks, making their activities more personal, aggressive, and destructive in nature.

It’s a new day for zero days: As organisations expand the number of platforms, applications, and technologies they rely on for daily business operations, cybercriminals have unique opportunities to uncover and exploit software vulnerabilities. We’ve observed a record number of zero-days and new Common Vulnerabilities and Exposures (CVEs) emerge in 2023, and that count is still rising. Given how valuable zero days can be for attackers, we expect to see zero-day brokers—cybercrime groups selling zero-days on the dark web to multiple buyers—emerge among the CaaS community. N-days will continue to pose significant risks for organizations as well.

Playing the inside game: Many organisations are leveling up their security controls and adopting new technologies and processes to strengthen their defenses. These enhanced controls make it more difficult for attackers to infiltrate a network externally, so cybercriminals must find new ways to reach their targets. Given this shift, we predict that attackers will continue to shift left with their tactics, reconnaissance, and weaponisation, with groups beginning to recruit from inside target organisations for initial access purposes.

Ushering in “we the people” attacks: Looking ahead, we expect to see attackers take advantage of more geopolitical happenings and event-driven opportunities, such as the 2024 U.S. elections and the Paris 2024 games. While adversaries have always targeted major events, cybercriminals now have new tools at their disposal—generative AI in particular—to support their activities.

Narrowing the TTP playing field: Attackers will inevitably continue to expand the collection of tactics, techniques, and procedures (TTPs) they use to compromise their targets. Yet defenders can gain an advantage by finding ways to disrupt those activities. While most of the day-to-day work done by cybersecurity defenders is related to blocking indicators of compromise, there’s great value in taking a closer look at the TTPs attackers regularly use, which will help narrow the playing field and find potential “choke points on the chess board.”

Making space for more 5G attacks: With access to an ever-increasing array of connected technologies, cybercriminals will inevitably find new opportunities for compromise. With more devices coming online every day, we anticipate that cybercriminals will take greater advantage of connected attacks in the future. A successful attack against 5G infrastructure could easily disrupt critical industries such as oil and gas, transportation, public safety, finance, and healthcare.

Navigating a New Era of Cybercrime

Cybercrime impacts everyone, and the ramifications of a breach are often far-reaching. However, threat actors don’t have to have the upper hand. Our security community can take many actions to better anticipate cybercriminals’ next moves and disrupt their activities: collaborating across the public and private sectors to share threat intelligence, adopting standardized measures for incident reporting, and more.

Organisations also have a vital role to play in disrupting cybercrime. This starts with creating a culture of cyber resilience—making cybersecurity everyone’s job—by implementing ongoing initiatives such as enterprise-wide cybersecurity education programs and more focused activities like tabletop exercises for executives. Finding ways to shrink the cybersecurity skills gap, such as tapping into new talent pools to fill open roles, can help enterprises navigate the combination of overworked IT and security staff as well as the growing threat landscape. And threat sharing will only become more important in the future, as this will help enable the quick mobilization of protections.

Threat Predictions for 2024: Chained AI and CaaS operations give attackers more ‘easy’ buttons 

 960 640 Guest Post
By:
0
0

With the growth of Cybercrime-as-a-Service (CaaS) operations and the advent of generative AI, threat actors have more “easy” buttons at their fingertips to assist with carrying out attacks than ever before. By relying on the growing capabilities in their respective toolboxes, adversaries will increase the sophistication of their activities. They’ll launch more targeted and stealthier hacks designed to evade robust security controls, as well as become more agile by making each tactic in the attack cycle more efficient.

In its 2024 threat predictions report, the FortiGuard Labs team looks at a new era of advanced cybercrime, examines how AI is changing the (attack) game, shares fresh threat trends to watch for this year and beyond, and offers advice on how organisations everywhere can enhance their collective resilience against an evolving threat landscape…

The Evolution of Old Favorites

We’ve been observing and discussing many fan-favorite attack tactics for years, and covered these topics in past reports. The “classics” aren’t going away—instead, they’re evolving and advancing as attackers gain access to new resources. For example, when it comes to advanced persistent cybercrime, we anticipate more activity among a growing number of Advanced Persistent Threat (APT) groups. In addition to the evolution of APT operations, we predict that cybercrime groups, in general, will diversify their targets and playbooks, focusing on more sophisticated and disruptive attacks, and setting their sights on denial of service and extortion.

Cybercrime “turf wars” continue, with multiple attack groups homing in on the same targets and deploying ransomware variants, often within 24 hours or less. In fact, we’ve observed such a rise in this type of activity that the FBI issued a warning to organizations about it earlier this year.

And let’s not forget about the evolution of generative AI. This weaponisation of AI is adding fuel to an already raging fire, giving attackers an easy means of enhancing many stages of their attacks. As we’ve predicted in the past, we’re seeing cybercriminals increasingly use AI to support malicious activities in new ways, ranging from thwarting the detection of social engineering to mimicking human behavior.

Fresh Threat Trends to Watch for in 2024 and Beyond

While cybercriminals will always rely on tried-and-true tactics and techniques to achieve a quick payday, today’s attackers now have a growing number of tools available to them to assist with attack execution. As cybercrime evolves, we anticipate seeing several fresh trends emerge in 2024 and beyond. Here’s a glimpse of what we expect.

Give me that big (playbook) energy: Over the past few years, ransomware attacks worldwide have skyrocketed, making every organisation, regardless of size or industry, a target. Yet, as an increasing number of cybercriminals launch ransomware attacks to attain a lucrative payday, cybercrime groups are quickly exhausting smaller, easier-to-hack targets. Looking ahead, we predict attackers will take a “go big or go home” approach, with adversaries turning their focus to critical industries—such as healthcare, finance, transportation, and utilities—that, if hacked, would have a sizeable adverse impact on society and make for a more substantial payday for the attacker. They’ll also expand their playbooks, making their activities more personal, aggressive, and destructive in nature.

It’s a new day for zero days: As organisations expand the number of platforms, applications, and technologies they rely on for daily business operations, cybercriminals have unique opportunities to uncover and exploit software vulnerabilities. We’ve observed a record number of zero-days and new Common Vulnerabilities and Exposures (CVEs) emerge in 2023, and that count is still rising. Given how valuable zero days can be for attackers, we expect to see zero-day brokers—cybercrime groups selling zero-days on the dark web to multiple buyers—emerge among the CaaS community. N-days will continue to pose significant risks for organizations as well.

Playing the inside game: Many organisations are leveling up their security controls and adopting new technologies and processes to strengthen their defenses. These enhanced controls make it more difficult for attackers to infiltrate a network externally, so cybercriminals must find new ways to reach their targets. Given this shift, we predict that attackers will continue to shift left with their tactics, reconnaissance, and weaponisation, with groups beginning to recruit from inside target organisations for initial access purposes.

Ushering in “we the people” attacks: Looking ahead, we expect to see attackers take advantage of more geopolitical happenings and event-driven opportunities, such as the 2024 U.S. elections and the Paris 2024 games. While adversaries have always targeted major events, cybercriminals now have new tools at their disposal—generative AI in particular—to support their activities.

Narrowing the TTP playing field: Attackers will inevitably continue to expand the collection of tactics, techniques, and procedures (TTPs) they use to compromise their targets. Yet defenders can gain an advantage by finding ways to disrupt those activities. While most of the day-to-day work done by cybersecurity defenders is related to blocking indicators of compromise, there’s great value in taking a closer look at the TTPs attackers regularly use, which will help narrow the playing field and find potential “choke points on the chess board.”

Making space for more 5G attacks: With access to an ever-increasing array of connected technologies, cybercriminals will inevitably find new opportunities for compromise. With more devices coming online every day, we anticipate that cybercriminals will take greater advantage of connected attacks in the future. A successful attack against 5G infrastructure could easily disrupt critical industries such as oil and gas, transportation, public safety, finance, and healthcare.

Navigating a New Era of Cybercrime

Cybercrime impacts everyone, and the ramifications of a breach are often far-reaching. However, threat actors don’t have to have the upper hand. Our security community can take many actions to better anticipate cybercriminals’ next moves and disrupt their activities: collaborating across the public and private sectors to share threat intelligence, adopting standardized measures for incident reporting, and more.

Organisations also have a vital role to play in disrupting cybercrime. This starts with creating a culture of cyber resilience—making cybersecurity everyone’s job—by implementing ongoing initiatives such as enterprise-wide cybersecurity education programs and more focused activities like tabletop exercises for executives. Finding ways to shrink the cybersecurity skills gap, such as tapping into new talent pools to fill open roles, can help enterprises navigate the combination of overworked IT and security staff as well as the growing threat landscape. And threat sharing will only become more important in the future, as this will help enable the quick mobilization of protections.

Cyber security in 2023: We polled some top experts on the trends to watch…

 960 640 Stuart O'Brien
By:
0
0
We’ve rounded up predictions from a clutch of cyber security experts, covering off everything from zero trust and the Open Security Schema Framework to the SMB threat and SecDevOps…
John Linford, The Open Group Security and Open Trusted Technology Forum (OTTF) Director
“Zero Trust has been a high-profile topic in cybersecurity for well over a decade now, but in recent years it has suddenly bloomed from being a promising future approach to being a fundamental component in enterprises’ security toolkits. According to one report, active Zero Trust implementation more than doubled in the year to August 2022, reaching more than half of businesses.
This growth has had two major consequences. First, information security for businesses has been considerably strengthened. We know that Zero Trust can reduce data breach incidents by 50%, and so its rapid widespread adoption is something to be celebrated.
The second, less encouraging consequence has been an accompanying growth of competing definitions around what it means to comply with the Zero Trust model, whether for an organisation to implement Zero Trust or for a product or service to aid in this. While the principle of Zero Trust might seem simple enough to state in theory, applying it in a production environment demands countless subtle decisions which affect the ultimate nature of the solution. This fact adds a layer of conceptual overhead to an undertaking which can already be daunting, requiring in-depth planning and cross-company collaboration in order to succeed.
This is not a new story in technology; in fact, the origins of thinking behind Zero Trust can be traced to the Jericho Forum® Commandments. Once the idea or approach has proliferated sufficiently, a period of blossoming innovation as ideas are brought to market is often followed by a period of rationalisation as new or additional standards are created to ensure holistic benefits. So it is with Zero Trust: initiatives like NIST® 800-207 and The Open Group Zero Trust Architecture Working Group will establish the clarity Zero Trust needs in order to grow from being present at the majority of businesses, to being at the heart of most business processes.” 
Allen Downs, Vice President Security and Resiliency Services, Kyndryl
“There is an easy prediction that we could make about cybersecurity this year. A few months ago, a group of major industry players announced the Open Security Schema Framework (OCSF), an initiative which aims to standardise cybersecurity information sharing around a common data standard. It’s a deeply promising move, and one that’s long overdue: the modern CISO can often be found grappling with how to transform a patchwork of hastily-implemented solutions into a cohesive security stance, and seamless data integration could be exactly what we need.
The truth is, though, that a fully-fledged standard will take longer to achieve than many enterprises have. Gaps between systems exist today and, despite economic headwinds, the drive for digital transformation is still there, creating an ongoing expansion of security needs. If we can’t wait for reinforcements to arrive to unpick this problem, we need to start now by auditing, rationalising, and streamlining what we’re buying for and how we’re using it security and resilience.
It can’t be overstated how chaotic structures across security solutions put organisations at risk. That’s why my real prediction is that, this year, we will see clearer evidence of a non-correlation between security investment and security performance. While global cybersecurity spending continues to skyrocket year-on-year, major organisations will still be caught out by mismatched systems, whereas those who achieve a holistic view of their security and resilience stance will fare far better.”
Anthony DiBello, Vice President, Strategic Development at OpenText 
“Cybersecurity challenges in 2023 will be driven by global recessions, cryptocurrency risks and fluctuations, workforce and supply chainchallenges, and international conflicts destabilising economic conditions in various geographies.
These conditions will lead to an uptick in financially motivated identity theft driven both by individual desperation, and isolated economies such as Russia and North Korea. With disruption in the cryptocurrency markets, expect to see a small decline in ransomware attacks as criminals pivot to more direct financial theft and fraud, such as tax and credit card fraud schemes. For organisations, expect to see investment focused on fraud and insider threat detection as a result.
As enterprises prepare for a recession, expect to see organisations look to consolidate the number of cybersecurity vendors they interact with and push to get more from the technology they already have in deployment. On the vendor side, expect to see consolidation through M&A, particularly as sigh-high valuations begin to drop to more consumable levels. As a result, there will likely be less cybersecurity startups entering the marketing in 2023 and existing vendors will focus more on practical solutions to near and present cybersecurity challenges.
Past concerns regarding fraud and insider theft, those challenges will be securing the supply chain (physical and digital), and critical infrastructure. Bolstering security in these areas will be a huge focus for security leaders within those industries in 2023. Expect to see entrenched security vendors extend existing technology to better secure and monitor manufacturing and critical infrastructure environments (IoT Security) and the software development supply chain (DevSecOps) for cyberattacks.”
Brett Beranek, General Manager, Security & Biometrics, Nuance
“Financial services organisations of all sizes have seen digital interactions and call volumes rise over the last two years. Like all brands, banks must offer great customer experiences to remain competitive. But the nature of their business means security must always be a top priority. Traditionally, adding security meant adding friction to the customer and agent experience, so financial institutions will prioritise investments in technologies that strengthen security and CX simultaneously.
 
“Traditional authentication methods – such as PINs and passwords – are archaic and no longer fit for purpose. Passwords are being sold on the dark web, exploited for fraudulent activity and have even cost unfortunate individuals vast sums of money in terms of recovery if lost or stolen.
 
“In 2023, an increasing number of banks will turn to modern technologies – such as biometrics – to robustly safeguard customers. We’re already seeing banks get immense value—including 92% reductions in fraud losses and 85% increases in customer satisfaction—from biometrics solutions that eliminate authentication effort for customers while making life very tough indeed for fraudsters. Over the next 12 months, I expect to see many more financial services organisations following in their footsteps.”
John Smith, EMEA CTO, Veracode
“Each year, software and applications are only becoming a bigger part of our lives. As this demand for better digital experiences continues to grow, it is imperative that businesses remember that the need for better security increases alongside it. To achieve success in 2023, businesses will need to set out on the right foot from the beginning and ensure their security strategy is considered from the first line of code.
If we have learnt anything from 2022, it is that no organisation is immune to cyber threats. Fortunately, however, we are seeing proactive new steps to help prevent risk, with the likes of the European Cyber Resilience Act (ECRA) and Digital Markets Act (DMA) both coming into play in the last year. This, coupled with the increased demand for better digital experiences, seems to have reenergised the investment and prioritisation of cybersecurity by businesses. Many professionals expect further laws to be introduced in the coming years and want to get ahead of anticipated mandates by investing in better security practices and emerging technologies, such as automated, machine learning-driven remediation.
While we are seeing positive steps in the right direction as we enter 2023, it would be naive to think that we can ease up and pat ourselves on the back. Security is neither a tick-box exercise nor an end goal, but rather an ever-evolving journey. Now, more than ever, we should be ensuring that security is pervasive not invasive. Then, hopefully we’ll be able to reach a place where businesses truly have an always-on understanding and active role in mitigating cyber risk before disruption can occur.”
Mark McClain, CEO and Founder at identity security firm SailPoint
“Identity spending will continue to rise, even as budgets tighten. In a tighter spending environment, CIOs and CISOs will de-prioritise various areas of IT spending, but security will remain at (or near) the top of their priority list. And within those security budgets, identity security will continue to rise in importance compared to other aspects of security. CXOs (especially CIOs and CISOs) now broadly recognise how critical it is to secure their enterprises through the lens of identity, and the consequences for failing to do so are increasingly clear. Moving forward, identity will be seen as a “business essential” rather than simply a security category.”

Nick Westall, CTO, CSI Ltd
“With progressively large sets of data and an ever-increasing growth in creative cyberattacks, IT teams are now dealing with operations and threats that go ‘beyond human scale’. Even moderate sized teams can no longer have the ‘eyes’, or visibility, they need to oversee all IT activity to keep their business secure. So, for 2023, as we move further into more complex IT worlds the application of AI and automation for cloud and security processes will become key to threat detection and prevention, as well as cloud optimisation and cost control. And all this at a time when businesses need to do more with less heads and while dropping into recession.

In terms of cyber security, things will only get worse before they improve. With dynamic, personalised attacks and working beyond human scale, hackers will have significantly more power to cause damage. Then there are the unknown threats. Given the pace of technological development, it’s likely we will be hit within the next few years by forms of cyber-attacks that are hardly conceivable today.

Within this scenario, I see AIOps and SecOps (and SecDevOps) becoming critical in 2023 to help protect against attack. However, despite their best efforts many businesses will still be attacked. So, having the right business continuity practices in place and cyber insurance will be critical to survival. Information Security Management Systems and Cyber Essentials Plus is no longer fit for purpose on their own. And with insurance companies stipulating that companies must have in place more rigorous technical controls, cyber security policies and toolsets before they will insure them, being able to meet these increasing demands will be key in 2023.

While CISOs have much to do in 2023 to add value and avoid risk (whilst not forgetting their ESG/CSR role or keeping their customers at the heart of what they do), they will not only need the commitment of the C-suite, they will also need their involvement.”

Tyler Moffitt, Senior Security Analyst, OpenText Security Solutions
“Small-Medium Sized Businesses (SMBs) will need to do more with less and cyber resiliency will be more important than ever. Cybercriminals will increase ransomware attacks on SMBs as prime targets in the wake of heightened geopolitical tensions, such as the War in Ukraine, and rising inflation in the UK and globally. This will force SMBs to do more with less, while already having smaller cybersecurity teams and budgets to defend against attacks, and it will make cyber resiliency more important than ever. Our recent SMB survey found that 46 percent of respondents felt more at risk of a ransomware attack due to heightened geopolitical tensions, and 53 percent were also concerned about their security budgets shrinking due to inflation.

“Search engines like Google and Bing try to make it as easy as possible for consumers to find the information they request, but it will become increasingly difficult to distinguish between safe and malicious search results. As search engines work to provide a more streamlined experience, they unintentionally open consumers to a greater possibility of being phished. Scammers will purchase top ranking search result ads and use them to drive people to malicious and fraudulent websites to steal their personal and financial information.”

Mark Molyneux, CTO of EMEA, Cohesity
“Companies in the UK will need to prepare for downtime and blackouts with solid disaster recovery plans for their data centres. The National Grid chief has warned about potential blackouts impacting major data centres amid the energy crisis, stating that it’s possible the UK may face blackouts in January and February in 2023.

Many companies will have solid Disaster Recovery plans for their data centres, but random or even structured blackouts over a prolonged period will have a very different requirement for operational resiliency compared to a typical outage.

Best practice involves organisations moving copies of their critical data to an alternative location to create more resiliency against potential blackouts. Alongside other operational challenges, and set in the context of reduced IT budgets, organisations will have to quickly develop procedures to keep services running and secure. This will mean leveraging automation and orchestration to make those procedures efficient and effective.”

Nine cyber security trends to watch out for in 2023

 960 640 Guest Post
By:
0
0

By Miri Marciano, Associate Director, Cybersecurity Expert at Boston Consulting Group

Here’s what organisations should be on the look out for in an increasingly volatile environment, where attackers are constantly finding new ways to access sensitive information and take control of vital systems. The wider issue will be to make sure the recovery system an organisation is fool-proof – ensuring they can bounce back from an attack in an instant.

As we develop new technologies such as the metaverse, organisations must be on the look out for new tools that attackers will be using. It is critical they consider the following trends that we will see in 2023…

  1. Cyber will continue to be a big business

Cyber will always be a huge business and as we’ve seen this year, as long as new technologies are being developed, there will always be more hackers. Effective cyber protection is now regarded as a significant competitive advantage and security has become a major focus at board level of public and private organizations as an area of ongoing strategic investment – this is a key learning for next year.

2. There will be an increase in attack surface expansion

The extensive use of cloud applications by remote staff, customers, suppliers, and third parties has multiplied the attack vectors and vulnerabilities across complex, interconnected tech supply chains. There has also been exponential growth in connected low security IoT devices, adding to the rapidly growing attack surface. We also continue to feel the impact of geopolitics on the cybersecurity threat landscape.

3. Geopolitics will impact the cybersecurity threat landscape

Governments are starting to attack countries or critical infrastructure and this will grow more in 2023. The attacks won’t be to gain anything of monetary value but will be more so an act of terrorism. Or an aditional weapon when having a kinetic confrontation of parties.

4. Ransomware will continue to rank highest in terms of types of threats

In terms of types of attacks, ransomware has grown as a threat this year in the shape of double extortion, including data exfiltration, ransomware as a service and massive DDOS attacks. With these increasing threats, there must be an increase in talent and businesses are having to outsource to MSSPs as the job market is highly competitive in the cybersecurity sector.

5. An increase in supply chain attacks

Threat groups will increase their interest and capability in supply chain attacks and attacks against Managed Security Services Providers (MSSPs).

6. AI and machine learning will be made use of

Attackers will increase their use of AI and machine learning, as well as other technologies, to launch increasingly sophisticated attacks. Social engineering-based attacks will be strengthened by AI and ML. It is simpler and faster to gather data on businesses and employees using these capabilities.

It is an effective tool for cybercriminals because of its ability to anticipate what’s happening now and what might happen in the future.

On the other hand, AI can strengthen cybersecurity – powered systems such as SIEM capabilities allow security teams to detect threats faster and respond to incidents quicker. Higher capabilities create correlations, automation and more.

7. There will be a talent shortage

There will continue to be a highly competitive labour market for cyber talent. Organisations are increasingly investing in automation and orchestration to address cybersecurity tasks.

They will outsource to specialised services providers (MSSPs) rather than on-premise deployment.

8. The govenment will need to act

Nations will need to ensure protection and safeguarding of critical national infrastructure and services. Governments need to look at adapting regulations, data protection policies and compliance requirements and invest in building a culture of security awareness across organisations.

9. The main focus will be on recovery

Organisations will shift towards additional investing in recovery and restoration to prepare for managing a crisis – they will need to understand that a crisis is just a matter of time.

Hold tight for 2021: A volatile global outlook will continue to fuel fraud and cyber-threats

 960 640 Guest Post
By:
0
5

By Ian Newns, Fraud Specialist at RSA Security

2020 was full of surprises. But one thing that didn’t come as a revelation was the speed and agility with which the criminal community reacted to unfolding global events. We’ve often witnessed groups behind phishing attacks, for example, capitalise on breaking news stories and consumer behavioural change to improve click-through rates. Well, news events don’t come much bigger than a global healthcare and financial crisis, and 2020 has been the year we’ve all had to embrace online working, shopping and socialising. 

UK consumers are predicted to have spent more than £141 billion on internet shopping last year, up nearly 35% from 2019. The bad news for 2021 is that cyber-criminals and fraudsters will continue to exploit our rapidly changing world to monetise their campaigns. On the other hand, following some simple best practices still offers a highly effective way for businesses to mitigate escalating online fraud risk. With that, here are five fraud and cyber-threat predictions for the coming year:

  1. Loyalty points become a valuable commodity

From frequent flyer miles to retailer loyalty schemes, the pandemic and subsequent lockdowns mean there’s a lot of loyalty points that weren’t used in 2020 and may have been forgotten about. That hasn’t been lost on the cybercrime community though, who have been observed by RSA’s FraudAction team to be discussing in online forums how to conduct loyalty scams on a range of companies – from fast food restaurants and retailers to hotel companies and gaming websites. These fraudsters will increasingly look to target the growing trove of points accruing in consumers’ online accounts this year.

Tried-and-tested methods for account takeover, including phishing or credential stuffing, will be among the tactics of choice here. That makes it even more important that every retailer or business with a loyalty scheme communicates the dangers of password reuse, and offers multi-factor authentication (MFA) options for customers. Monitoring for suspected botnet activity with behavioural tools can also help.

2. Beware the rise of malicious QR codes 

The past year has seen an explosion in the use of QR codes. They’ve become especially common in hospitality settings where businesses want to promote hygienic access to menus and useful in facilitating the government’s Track & Trace scheme. However, whenever a new form of tech starts to become popular, there’s always the danger that it will be subverted by cyber-criminals.

QR codes are no exception – they are now being used in phishing emails and via social media to take users to fake websites designed to harvest their details or covertly download malware. Tackling the problem is more about user education than anything else. Just as recipients shouldn’t click on links in unsolicited communications, they need to be educated not to scan QR codes either. Organisations can also help by aligning any QR codes they use with MFA to mitigate the risk of account takeover.

3. Fraudsters will capitalise on COVID-19 vaccine hype

COVID-19 vaccines signal the beginning of the end of a traumatic period in recent history. But the media attention focused on the vaccine roll-out at the moment will also help cybercriminals hoping to make gains at the expense of others. Europol has already warned of counterfeit versions of the Pfizer/BioNTech vaccine appearing for sale on dark web sites, and warns that these types of forgeries will increase.

Online promotions and phishing emails are a perfect way to lure individuals desperate to jump the queue and get inoculated. Unfortunately, by paying the fraudsters up front, they not only have your money but potentially also your bank details. Governments and social media companies will need to step-up their efforts at taking down any signs of fake advertising related to COVID-19 vaccines and warn citizens of the dangers of engaging with them.

4. Buyer’s revenge as consumers dabble in first-party fraud

Historically, times of recession usually lead to an increase in fraud. According to Portsmouth University, there was an increase in fraud offences after both the 1990 recession (10%) and the financial crash of 2008 (7.3%). The coming economic crisis could be much deeper than these events, especially after the government furlough scheme ends. Cash-strapped individuals may be forced to try and see what they can get away with to make ends meet. A classic example is chargeback fraud, where a customer makes a legitimate purchase and then claims the product was never delivered, thereby generating a refund from their bank.

It’s suspected by some banks that as many as 35% of cases classified as third-party fraud could in fact be first-party scams. Many banks would prefer to write-off lower value transactions than go through the painful and awkward experience of accusing customers of lying, especially as figures showed a 36% rise in complaints last year about how banks deal with fraud and scams. If they’re going to try and tackle first-party fraud, banks need cast-iron proof. This is where more sophisticated data-centric fraud solutions can help. Such tools can crunch hundreds of data points – like age, buying habits, and previous fraud claims – to determine the likelihood of fraud having taken place.

5. Brexit: good news for scammers

There’s still some uncertainty for businesses surrounding Brexit, which opens the door for fraudsters to step in. Given the huge demand for information and advice on how to adapt, this is the perfect opportunity for cybercriminals to swoop in with some well-timed phishing emails spoofing government and other trusted institutions. Some may even request the recipient confirm bank details to continue trading in the EU.

Organisations should enhance their user awareness training simulations accordingly, and ensure they have the right email security tools to spot any phishing. Aside from URL and attachment scanning and IP reputation checks, they could invest in AI-powered tools that analyse writing style and other elements to say with more certainty whether inbound messages are to be trusted or not.

There’s plenty to look forward to this year, not least hopefully an end to social distancing, self-isolation and concerns over vulnerable friends and family. But consumers and organisations alike will need to retain their digital savvy and invest in new tools to ensure the next 12 months is a success.

Where is cybersecurity in 2020 and where are we heading?

 960 640 Guest Post
By:
0
0

At the start of 2020, smart businesses were already preparing their security practices against threats including ransomware and phishing. That was before the pandemic, which has resulted in a shift in traditional working practices and a significant rise in remote working this year that has introduced the possibility of additional security risks. Paul Colwell (pictured), CTO at OGL Computer and CyberGuard Technologies reveals where we are now with cyber security and what the IT services providers’ team foresees the next 12 months bringing for UK businesses...

Where are we now with cyber security?

The last year has been full of rapidly evolving cyber threats made increasingly public via the news of high-profile breaches and allegations of election rigging as well as growing global data protection regulation.

News stories, consumer data protection awareness and corporate accountability at every level have contributed to an increased awareness of the need for excellent cyber security. Small to medium-sized businesses are more cyber aware as common attack vectors, such as email phishing, infiltrate every type of business, often costing millions.

Advances in cloud technology, AI and IoT have created a realisation that cyber protection must fully encompass the entire on-site and off-site network as well as peripheral IoT enabled devices.

Cyber Essentials is in high demand and has been accepted across the UK as a good standard for customer and supplier relationships, especially as companies recognise third-party risk can be severe. There has also been a maturity in patch management as specialists strive to fix the stress point of out of date software. Companies are also understanding the rapid development of Windows 10 and other software from cutting-edge creators means new business-beneficial features launch frequently.

What will the next 12 months in cyber security bring?

Companies are transitioning from reacting to threat after threat to a more pro-active security prevention approach. Industry wide advances such as AI-enhanced security services and a conditional rule approach are delivering better threat detection, and faster response rates.

Widespread recognition that threat-intelligence sharing must be enacted for all to benefit has been achieved so that today, and moving forward, companies and specialists can learn from attacks on their peers, and from industry experts and leaders before they themselves fall victim.

2021 in cyber security will see further growth in the need for “visibility” of network activity. Software developments such as the use of AI, high-performing integrated cyber security dashboards, real-time and cloud monitoring as well as regularly scheduled internal checks by specialists will allow the effective monitoring, tracking and response to network events. Real-time monitoring means threats are identified quicker and can be purged faster thus reducing corporate risk, loss, and potential litigation from expensive data breaches.

The combination of threat intelligence sharing, and the development of real-time monitoring means fast reaction – the ability for ‘zero day’ vulnerabilities to be pro-actively stopped before their impact is felt. Gone should be the days where cyber threats are able to infiltrate corporate networks for weeks and sometimes months without discovery.

The use of cloud technology and DevOps methodology as well as widespread remote working and IoT adoption have increased the awareness that cyber security practices must be implemented for every platform, device and user location. The security of cloud data will become increasingly the responsibility of the user. Two factor authentication for VPNs and Office 365 access will be a must. And, as in 2020, the popularity of next generation anti-virus services such as Carbon Black will grow with the need for enhanced security for off-network devices.

Where are we now with IT services

The growth in remote working, and even distance learning, has changed cyber security requirements but also the entire basis of IT provision. Figures from the Office for National Statistics in the UK point to homeworking having become common for nearly half of UK workers by the summer of 2020. This prompted both demand and technology change for bandwidth, remote connections, VPNs and RDS farms.

The use of interactive tools such as Microsoft Teams and Zoom has mushroomed affecting IT solution design, which has to keep up with the resource demand of such applications. Instead of hardware, software and softphones are being used for communication and audio/video calling, and instant messaging is far more prevalent.

Before 2020, IT services providers and IT departments were slowly adapting to remote working trends and greater digital transformation. In many cases mobile devices and laptops were still add-ons to a corporate network and employee perks instead of essential tools for many workers.

What will the next 12 months in IT services bring?

By 2021 digital transformation will have accelerated further. We believe that cloud-based solutions will continue to replace on-premise solutions in most instances, being more suited to remote working trends. Platforms like Microsoft Azure will no longer seem reserved for the enterprise, instead these are tools for almost any sized company.

Microsoft 365 applications, such as SharePoint, PowerBi and Flow, will see increased use. The onward migration to the cloud will give rise to greater use of cloud-based data storage and networking services, especially those that integrate with Microsoft 365 like OneDrive.

Security products that protect such services, like Datto, will prosper. Data storage technology will continue to change with SSD and NVMe (Non-Volatile Memory Express) increasing performance and interoperability for corporate systems. The demand for on-premise and physical equipment will fall, reducing capital expenditure. However, the need for services and subscriptions will increase monthly and yearly operating spend.

Social distancing means less human interaction. As this need continues and embeds into workplace culture the use of AI, machine learning, automation, virtual, augmented and mixed reality will also accelerate. IoT and smart devices will be used more frequently for real-time monitoring of processes, especially to aid distancing. Without Covid-19, AI was already set to revolutionise business intelligence and create efficiencies, especially in sales and customer service processes.

Businesses will budget in 2021 for homeworking solutions and equipment for their employees. Both companies and individuals will utilise smart home solutions to deliver multi-format fluid communications platforms, which need to be engaged frequently during the day. Smart assistants such as Google and Alexa will augment work processes as well as home lives for remote workers.

Five IT trends to watch in 2020

 960 640 Stuart O'Brien
By:
0
0

By Alberto Pan, Chief Technical Officer, Denodo 

Edge Computing will emerge as the key to device management 

Next year, devices are set to become smarter than ever before. The use of them is will also increase to new levels. Already, through the collection and analysis of data, these devices – whether they be voice assistants or smart thermostats – are able to learn about our preferences and adjust accordingly. 

But, the volume of data they collect is expected to exceed record levels in 2020. The more devices we use, the harder it becomes to collect all data into a central repository, analyse it and then push the resulting recommendations back to the device. Next year, businesses will need to adopt technologies that execute the compute function on these devices, or on the ‘edge’ of these devices, rather than doing it centrally. This will enable devices to learn and adjust in real-time.  

The use of data fabrics will increase 

In 2020, the search for an effective integration platform to access and utilise data and deal with issues like data security and siloed information will continue. But an increased amount of organisations will look towards using a data fabric to overcome these data challenges.  

By combining historical and real-time data sets across multiple data silos, a data fabric offers a single, secure and consistent data management framework. It reduces data delivery and helps to support the automation of data preparation and integration as well as enabling organisations to focus more on machine learning and artificial intelligence.  

Legacy to Cloud: hybrid, multi-location architecture will become the norm 

In 2020, as the cloud initiative progresses with more and more data migrating to the cloud, the center-of-gravity will shift. The balance will tip towards platforms where the data is spread across both cloud and on-premises data sources.  

Similarly, integration of the data will transition to a multi-location architecture. Unlike traditional data integration technologies, data virtualisation was designed from the beginning to provide data location transparency, data abstraction, and integrated security across multiple locations, which makes it a perfect fit for these scenarios. Therefore, it will take an increasingly important role in hybrid architectures next year. 

Voice technologies will infiltrate the office 

Voice assistants have established themselves as common place in our personal lives. But 2020 will see an increasing amount of businesses turning to them to improve and personalise the customer experience.  

This is because, advances in AI-driven technology and natural language processing are enabling voice interactions to be translated into data. This data can be structured so that conversations can be analysed for insights. 

Next year, organisations will likely begin to embrace conversational analytics to improve their chatbots and voice applications. This will ultimately result in better data-driven decisions and improved business performance. 

Selling information to third-parties using the Data-as-a-Service approach will become a growing source of revenue for big companies 

The effective use of enterprise data for strategic decision making has become a key priority for all big companies in the last few years. As a consequence, companies have created high quality datasets and a sophisticated technology architecture to manage them and expose them to consumers.  Companies have also invested heavily in automating their business processes for greater efficiency.   

In the new year, since many big companies will now own high-value, unique data and services, the next logical step is reusing this infrastructure in order to offer them to third-parties. For instance, we are already seeing telecommunications companies selling customers geolocation data for a variety of purposes. This trend will be significantly accentuated during 2020 in all major industries. 

From the investment standpoint, this will involve higher demand for the technologies involved in creating and exposing data as a service, like GraphQL, Data Virtualization and/or API management tools.

Image by 849356 from Pixabay