2022 Top cyber threats & challenges

29 November, 2022

In 2022, cyber hacks affecting multiple organisations were reported in the media: high volumes of sensitive Australian business, staff and citizens’ personal information were compromised. Optus, Singtel, Telstra, Dialog, Uber, Vino Mofo, Mydeal, Canva, MediBank, Toyota and Costa Group are all examples of cybercrime victims in 2022. Cybercriminals are getting more sophisticated, affecting business supply chains and ransom demands continue to skyrocket.

This year’s Information Systems Audit and Control Association (ISACA) global Cybersecurity Survey indicates that 43 percent of organisations are experiencing more cyber-attacks, an eight percentage-point increase from last year. Thycotic reported in the 2021 State of Ransomware Survey and Report that 64% of organisations were victims of ransomware in the last 12 months. According to Enterprise IT World, the first nine months of 2021 saw 40% more cyber-attacks than the same period of2020. Equally important is that increasingly, these attacks originate from bad actors using publicly available tools, making hackers much more difficult to identify and be stopped. 

ISACA’s report lists the top three threat actors to blame for exploited organisations: cyber criminals, hackers and malicious insiders. Interestingly, the most common attack types reflect historical trends: social engineering, advanced persistent threats, security misconfigurations and ransomware.

The Australian government, since 2018, requires the mandatory disclosure and reporting of data breaches and can impose large penalties. Although it is clear that no industry is safe, many businesses still don’t believe their information is at risk. In contrast, many hackers believe their own information is at risk, claiming tactics such as phishing/SPAM are still very effective.

Continual security improvement cycle

Appropriately aligned policies, processes, an update and maintenance program, which are subject to regular review/update and evolve with your business is considered essential to maintain a security resilient IT environment. See the business model for information security from ISACA below.

Cyber skills gap

Cyber-attacks are growing, but the talent pool of defenders is not keeping pace. This continues to be an ongoing struggle. Across the globe, multinational enterprises and small businesses encountered adversities with the onset of the COVID-19 pandemic: staffing in cybersecurity was no exception. Staff retention and attracting new talent can be achieved by being an employer of choice:
-         Look after your staff
-         Be mindful of burnout
-         Know your workforce’s skills gaps and keep skills up to date

This is summarised in the table below from the 2022 cyber security skills gap publication published by My Security Marketplace.

How hackers find you

        Social media and profiling
        Twitter and Instagram and other image location tracking
-         Active internet attack
        Hacker search engines
        Data Breach information sold on the DarkNet, Deep Web or TOR
        Data leaks form systems, staff or vendors

Global threats

As the global cyber threats change over time, security intelligence, training and protections also need to evolve. To ensure ongoing business resilience against modern day attacks, you must continually invest in understanding your threats and the available protections against them. See the diagram below from Hackmageddon.

The four golden rules of cyber security

-        Get the basics right  
                   Over 75 percent of attacks exploit the lack of basic controls such as the Essential 8
-       Look after your crown jewels.
                   Prioritise where you spend your money to defendyourself. Build a fortress around your most critical assets or services.
-       Do your homework on your enemies
                   Invest in understanding who might attack you, why and how, so that you can anticipate the most likely scenarios and defend those assets that are most likely to get attacked.
-       Treat cyber risk as an opportunity to look closely at your business
                  Security and resilience can affect nearly every part of an organisation. Strategies to protect IT security and business resiliency should align with an organisation’s broader goals, from protecting intellectual property to maximising productivity to finding new ways to delight customers.

How to improve your cyber security

-        Incorporate cyber risks into existing risk management and governance processes
-        Implement industry standards and best practices, don’t rely on compliance
-        Evaluate and manage your organisation’s specific cyber risks
-       Provide governance oversight and review against business needs
-        Develop and test incident response plans and procedures
-        Establish a security culture and activity program
       Coordinate cyber incident response planning across the enterprise and suppliers
-        Maintain situational awareness of cyber threats

If you do nothing else

-        Patch or upgrade all operating systems, applications and Infrastructure, including mobile and other devices
-        Ensure an integrated security endpoint protection solution is used on all systems and mobile devices. A virus/malware protection alone is not good enough
-        Security-harden workstations and servers to vendor and industry baselines
       Know where your sensitive data is stored/transmitted, and ensure it is encrypted
       Implement two factor authentication on all systems and network with access to sensitive data. Also consider system-to-system service account security restrictions
-        Ensure your suppliers and vendors maintain their security to your standards as a minimum
-        Don’t reuse passwords, don’t share your passwords or sensitive information
-        Ensure your wireless is using WPAv2 or better encryption security
-        Periodically engage a security professional to conduct a security review

CyberOps’ services

We can help you with completing the following services:
       IT maturity assessment
       Technical vulnerability assessment
       Security architecture assessment
-        Security policy review and provision
       Security Program of Work and Schedule
-        Technology implementation, advice and project management

Contact us to find out more.

Resources and references

AU Notifiable Data Breach requirements: https://www.oaic.gov.au/privacy-law/privacy-act/notifiable-data-breaches-scheme

Online safety advice and incident reporting