Cybercrimes have been constantly evolving and extending across national boundaries in the 21st century. Their complexity, along with the ability of threat actors to constantly change and adapt, has now become an important security concern for businesses of all sizes (irrespective of their verticals). We all have witnessed how cybercriminals have continued to drag down organizations across the globe over the years with highly sophisticated methods and techniques, which keep progressing with the surge in remote working culture, automation, dependence on technology, and connectivity.
By Argha Bose, Head of Cybersecurity and Risk Business, Tata Advanced Systems Ltd.
We heard about the attack on the U.S. Colonial Pipeline that transports refined gasoline and jet fuel from Texas to New York. In addition, the Florida water supply security incident (earlier this year) highlighted the risk to the water treatment plants when threat actors increased the level of sodium hydroxide to an extremely dangerous level. And most recently, the world observed how hackers penetrated the defense of the popular U.S. IT company Kaseya and deployed ransomware.
These incidents demonstrated the vulnerability of IT and OT infrastructures to cyberthreats, and the complexity as well as sophistication level that cybercriminals had achieved over the years. They are now turning to advanced technologies like Artificial Intelligence (AI) to scale up their TTPs and circumvent detection.
I think we have seen a further surge in cyberattacks since the COVID-19 outbreak as the enterprises worldwide were forced to transmute and adjust so quickly that the security didn’t get ample time to reach close to the borderline.
The spike of cybercrime skyrocketed during the pandemic, and the fraudsters have leveraged the hype and fear connected with the COVID-19 to cause more damage, monetize and gain profits. With immense pressure on health systems, it has also challenged cybersecurity as more people have started working from home. I believe cybercrime has increased at both individual and organizational levels during this time.
Evolving Picture of Cybercrime – Targeting the Root of Organizations
We have seen threat actors leveraging human vulnerability and make the most out of their fears around health and safety. In a recent study by Cybersecurity Ventures, it was found that nearly 4000 malicious COVID-related sites emerged within a few months of the first lockdown in 2020. Even if we keep the pandemic aside, the last few years have observed so many severe data security breaches at high-profile enterprises worldwide.
Cybercriminals target vulnerabilities and gaps in security, irrespective of the fact whether it is at the human level or the system level. They keep looking for new ways to trick the first line of defense, compromise networks, and exploit vulnerabilities. Social engineering and phishing are the most commonly used as successful methods. Recent industry reports have shown that around 35% of internet users in India were impacted by web-based threats in 2020, which were social engineering attacks masqueraded as COVID-19 related threats. Businesses often struggle to counter such attacks as threat actors take advantage of the trends and fears in the digital ecosystem to trick users and grab their credentials to get access to critical information.
I think that ransomware is another name that can’t be kept aside while talking about the most dominant cyberthreats, which have evolved. Initially, we have seen threat actors encrypting both user and company data and asking for ransom in exchange for the decryption key. But now, cybercriminals have adopted a double-extortion model wherein they steal and publish the data, along with encryption, on the dark marketplaces to threaten victims. At the moment, Ransomware-as-a-Service (RaaS) is termed as the “next-great cyberthreat.” It has aided even the least technically sound cybercriminals to launch attacks and target victims. Ransomware is now being offered as a service on the dark web marketplaces by different operators.
Additionally, the cloud has also expanded the attack surface for businesses across the globe since more enterprises are moving to the cloud. And, therefore cybercriminals have moved their focus in this direction. The assumption that data stored in the cloud applications is highly secured is perishing gradually. Security experts have observed a very heavy volume of attacks (utilizing the IMAP protocol) on popular SaaS applications such as G Suite and Office 365...To read the full story, subscribe to CISO MAG.
This story first appeared in the August 2021 issue of CISO MAG.
About the Author
After being associated with leading technology and security organizations for 26 years, Argha Bose is presently working with Tata Advanced Systems Ltd. as the Head – Cyber Security and Risk Business. Previously, he has worked with CA Technologies as Sr. Director, managing Global Services Delivery business. Prior to that, he has also successfully established the IAM practice at HCL Technologies.
He has been an effective professional amalgamated with several successful high-growth organizations. He is a Certified Blockchain Expert and has acquired a Masters degree in Cyber Law and Cybersecurity, as well as other certificates like CISM and CISSP to name a few.
With well-rounded experience in managing business level P&L, CXO level client relationships, handling government and enterprise clients, he is excellent in creating strategic alliances with leading OEMs. His primary focus is in cybersecurity, including Identity and Access Management and Consulting.
Views expressed in this article are personal. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.