One of the biggest threats to the cybersecurity of businesses is the ever-increasing expertise of cybercriminals. Johnty Mongan, head of cyber risk management at Gallagher explores how organisations can pre-empt what attackers’ next moves might be.
Building an effective cybersecurity programme means first understanding where your threats are coming from.
Based on what we have seen in 2022 and our understanding of the current landscape, we have outlined some of the key cyber risks we believe organisations need to be aware of in 2023 and beyond.
Ransomware is the preferred method for cybercriminals to monetise attacks and this type of cybercrime has become more impactful in recent years.
In 2022, there was a shift from large groups of attackers that dominated the landscape towards smaller Ransomware-as-a-Service (RaaS) operations.
RaaS kits can be purchased on the dark web, allowing attackers who lack the skill to write their own malware code to be up and running quickly. It is likely we will see this lucrative area of cybercrime increase further in 2023, with attacks becoming more widespread and more sophisticated.
Distributed Denial of Service (DDoS)
DDoS attacks target websites and servers by flooding them with HTTP requests and traffic through a series of bots. This can result in poor website functionality or complete disablement of the system, with attacks lasting for hours or even days.
As well as overwhelming a network, DDoS attacks can exploit security vulnerabilities, leaving an organisation at risk of other cyber threats such as malware attacks. DDoS attacks are expected to increase amongst a growing network of connected devices.
Business Email Compromise (BEC)
We expect attackers to have a renewed focus on supply chain attacks and continued success in the use of business email compromise, including techniques such as phishing, impersonation and identity theft.
The move to remote working has been a factor in the increase of BEC attacks as we rely more on communicating digitally, in some cases without adequate network security protection.
Often, one BEC attack will open the door to further incidents due to the data and identities stolen, making it big business and an easy win for cyber-attackers.
Artificial Intelligence (AI)
As artificial intelligence evolves at pace, organisations must be aware of the potential for cybercriminals to use it to their advantage.
The rise of ChatGPT has led to concerns around attackers using the chatbot to help them in their phishing campaigns and malware code creation.
Deepfake technology can alter existing audio or audio-visual content, or create new content, and the ability to dupe users could make this another useful tool to increase the effectiveness of BEC and phishing attacks, including video phishing and voice phishing (also known as vishing).
Multi-Factor Authentication (MFA) attacks
Multi-Factor Authentication has long been an effective measure to protect against cybersecurity incidents. However, it is predicted that MFA will be increasingly used as an attack vector.
One of the ways this is already being done is by attackers launching MFA fatigue attacks—bombarding users with authentication requests and fake, official-looking login pages.
Another is SIM-swapping, where the attacker transfers a mobile phone account and phone number to a new SIM card under their own control to impersonate the victim and send or receive messages, phone calls and MFA verification codes. SIM-swapping attacks skyrocketed in 20223 and will likely continue to be a signification security risk.
How can risk managers help protect their organisations?
While you cannot prepare for every eventuality, you can help protect your organisation against its cyber exposure by monitoring and strengthening your digital defences.
It is important to invest in areas such as endpoint detection and response (EDR), Multi-Factor Authentication, Application Programming Interface (API) security, zero trust architectures and threat intelligence.
Partnering with a cyber risk management specialist can help you understand how these methods of defence can work together to strengthen cybersecurity across your organisation.
As the cyber landscape changes on a daily basis, it is vital that you also keep your employees up to speed with cybersecurity training because one of the biggest threats to any organisation’s cybersecurity will always be human error.