By Javvad Malik, lead security awareness advocate at KnowBe4
Just when we thought the rate and intensity of cybercrime could not get any worse, threat actors have proven us wrong once again. This year has been nothing short of a spectacle when it comes to attacks…we have witnessed some of the most significant supply chain and ransomware hits to date, with the likes of Kaseya, SolarWinds and Colonial Pipeline among those on the firing line. Phishing attacks have multiplied, and ransom demands have surged. Cybercriminals are not holding back, and the bad news is, they are not anticipated to in the years to come.
End of the World at the Hands of Cybercriminals
Underpinning the success of cybercriminals is their persistence and unfettered creativity, both characteristics which will continue to serve them well moving forwards. Indeed, by combining botnet services such as DDoS-as-a-service with Phishing-as-a-Service (PhaaS) and Ransomware-as-a-Service (RaaS), cyber gangs are going to up the ante, as well as their capabilities, in the already brutal realm of cybercrime. In other words, these gangs are moving away from being specialists of individual tactics, and are adopting a ‘jack-of-all-trades’ approach.
Every potential victim represents a pot of gold and their objective is simply to maximise financial value extraction. For ransomware attempts, this means moving beyond just encryption. They could start with BEC compromise, then password exfiltration, crypto-mining, data exfiltration, identity theft, targets on supply chain partners, before finally detonating encryption malware. The trick will be in conducting smaller strikes, that are less likely to be noticed and stopped, before moving on to higher risk schemes until all avenues are explored.
A Target on Your Crypto Wallet
Cryptocurrency will also play a more prominent role both as a tool to facilitate illicit payments and as a target. In line with American robber Willie Sutton’s infamous quote, threat actors “rob banks because that’s where the money is”. Already today, we are seeing an escalation in the attacks against cryptocurrencies, whether against individuals and their personal wallets, or exchanges and service providers in the chain. As you can imagine then, as cryptocurrency is increasingly adopted amongst the wider public, we will likely experience a spike in the volume of these hacking attempts. In the majority of cases, the hackers will look to exploit weaknesses such as poorly designed or implemented multi-factor authentication, and human emotions via social engineering.
Enough is Enough for Cyber Insurers
As these criminal efforts grow rampant and prove rewarding for the executers, cyber insurers will almost certainly consider new product lines that do not include underwriting against breaches. Recognising the risk and its cost, insurance companies will demand that organisations fork out a much higher premium in return for a lower, more restricted pay-out in the unfortunate event of a breach. As such, businesses can no longer hide behind insurance when things go wrong. Rather, they will need to seek a means of taking control of the situation themselves, by embracing measures and tools that will help them to prevent and combat security threats.
Is this the end?
Up to this point, the forecast for the year ahead appears remarkably bleak but it is not all doom and gloom. In fact, if anything, recent events should act as a catalyst to encourage a shift in mindset and inspire a collaborative approach between security vendors, businesses governments as well as the general public. 2022 will be the year that we acknowledge that prevention is better than intervention.
Slowly but surely, organisations are implementing security awareness and training programs for their users allowing a shift to a stronger security culture, whereby employees keep security top of mind and make smarter security decisions. Governments too are stepping up with policies, guidance and law enforcement to reign in the terror wreaked by criminals behind screens. For instance, the UK recently released a blueprint for tackling cyber threats, and the US have established the CISA Cybersecurity Advisory Committee made up of leading cybersecurity experts to inform the country’s next steps in this arena. With any luck, these efforts will only strengthen and progress in the near future.
It is clear that, as a collective, we are not prepared to stand idly by either, and one of the tools from the ‘unofficial toolbox’ that we will see is ‘hacking back’. This is especially true when it comes to raiding crypto accounts used to collect funds from cybercrime victims. Victims will no longer watch their crypto wallets run dry but will actively go back after the funds they’ve lost. In the case of nation-states or large, well-equipped enterprises, we may even see them go after the cyber criminals themselves, using social engineering or technical vulnerabilities to take their revenge. And so the saga goes…
How it all plays out is not yet written in stone, but if we’re rooting for the good guys to win, we need to work together and make cybersecurity a top priority on our agenda.