2022 paints an increasingly complex picture in the world of digital security, with sophisticated scams and gangs highly specialized in exploiting security breaches. While the expectation for next year is for an evolution of already known techniques, the main tip given by security specialists is for companies to be on the alert, instead of dealing consistently only in response to incidents.
This was the main idea presented by a panel of experts at Check Point, a company focused on cybersecurity. The idea is for protection sectors to work towards anticipation, understanding network vulnerabilities and acting where necessary, rather than continuing to focus on incident detection systems. It is, basically, to stop chasing the loss and to act proactively.
“You can’t protect what you don’t see. The lack of visibility and control is the main problem in the current market and also something that organizations only realize too late, when they are already being attacked”, points out Claudio Bannwart, Country Manager at Check Point in Brazil. He points out something that has been repeated by experts around the world: when an attack detonates, the reality is that it has been going on for some time and simply went undetected.
Want to catch up on the best tech news of the day? Access and subscribe to our new youtube channel, Canaltech News. Every day a summary of the main news from the tech world for you!
Proof of this is the growing solidification of ransomware as the great enemy of today’s corporate market. Data from the cybersecurity company point to a global increase of 40% in rates of this type of incident, with one in 61 organizations being impacted. The retail, health and leisure sectors are the hardest hit.
It is not, of course, an exclusionary account. As threats have advanced, incident detection and mitigation technologies have also evolved, allowing the focus to be shifted to a more proactive position. “A quick response is important, but data analysis needs to be more assertive to prevent attacks from happening,” adds Bannwart.
The notion that needs to exist, in the experts’ view, is that an incident of this type is a situation just waiting to happen, and no longer a possibility. Investment in preparation, then, emerges as an essential path in this type of approach. “If an attack is not taking place, it is probably in preparation or being initiated around the network. Criminals are always acting”, adds Thiago Mourão, evangelist and security engineer at Check Point.
Supply chain attacks and sensitive data breaches are placed at the top of the list of preferred incidents for criminals. Cryptocurrencies gain prominence to attackers as a means of payment, while small vulnerabilities or openings in connected services increase the attack surface. The main focus is on mobile devices, as well as hybrid and remote work regimes.
The warning signs for 2022 are completed by the approaching elections, which should bring back, and with force, the fake news and disinformation campaigns. In addition, Check Point highlights counterfeiting technologies, such as deep fakes, as weapons for more sophisticated and focused cyber attacks, generating the need for an increase in internal validations and verification mechanisms.
Yet, outside of digital hijacking, malware deployment should also follow a trend, with families like Emoter and Trickbot following at the top of the list. Here, Bannwart points out a tendency to pay attention: the human resources department remains the main vector of attacks on organizations, with resumes and proposals being used by criminals as an input method, precisely because of the high use of attached files and documents that are part of the routine of these professionals.
Brazil in focus
The global growth in ransomware attacks, of course, also follows a criminal trend in Brazil. Around here, the total volume may be smaller, but the growth in the number of sophisticated attacks in 2021 is 62% compared to last year; that’s 967 incidents against local businesses detected per week, and here again, we’re just talking about ransomware.
Health, insurance, retail, telecom and food make up the ranking of the five segments most targeted by criminals, while the government sphere emerges as a great candidate to assume some position at the top in 2022. It is, again, a global trend, with the bandits becoming increasingly turning to critical systems and critical infrastructure as a way to maximize damage from attacks and ensure faster, faster pay for systems release.
Then, the main danger point for national companies arises: the lack of segmentation. According to Check Point, statistics like these demonstrate a seamless connection between all departments on a network, so malware deployed from within the HR department, for example, can reach even the company’s industrial sectors. The look here is mainly on the health and infrastructure sectors, with a large number of professionals and appeal to cybercriminals.
Experts point out that the lack of news about cases of this type is not a sign that we are safe; at best, it carries with it the idea that the national protection framework seems to resist. “There hasn’t been a high-profile case yet, but specific problems are happening,” says Bannwart, adding that this alone was enough to spark a red alert in many organizations. The dangers are great, but at least we can count on good signs when it comes to protection.