This article is part of Panther’s new Future of Cyber Attacks Series which features interviews with cyber security experts, thought leaders, and practitioners with a goal of better understanding what organizations can do to prepare themselves for the future of cyber attacks.
The following is an interview we recently had with Ashu Savani, Co-Founder, TryHackMe.
Over the past year, we have seen a vast increase in attackers finding and weaponizing 0 day/N day attacks. In fact, 2021 broke the record for the most zero-day hacking attacks. More tools are available to hackers, alongside more targets.
The boom in home-working and the need for technology over the past twelve months has absolutely contributed to this cyber attack evolution. Attackers are more advanced than ever before, and have an even larger pool of targets available to them. With this, there is a significant skills-workforce gap in the cyber security industry; estimated to be 100,000 unfilled jobs by 2022. Essentially, attacks are occurring more rapidly and there is a vast lack of skilled professionals needed to combat this.
We have also seen a huge surge in ransomware attacks in 2021. There is a strong focus on compromising third party organizations/services that are used by companies for initial access. Compromising the supply chain for organizations has been a popular technique for attackers.
In recent news, Twitch – a live video streaming service – had a huge leak. Source code and creator payouts were made available to the public by an anonymous poster. The poster has said the data includes the entirety of Twitch and its commit history. This hack is damaging in so many more ways to the company than just financially.
The lesson here is even the biggest companies can make small mistakes that have exponentially damaging consequences. They got pwn’d as they had credentials stored in their codebase configuration – which could unfortunately easily have been avoided. If they had the correct teams and processes in place. For instance, this is something ethical hackers are put in place to pick up on, in order to avoid mistakes like this. Hacking just takes one person. Whilst not confirmed at this point, all the Twitch hack needed was for one attacker to compromise one laptop from a Twitch worker with the codebase on. From here they managed to expose the entire Twitch database.
Companies need to invest in teams and training of their people in order to avoid catastrophic situations like this.
Cyber attacks are becoming increasingly complex. With so much information and potential returns for hackers on the line, they will find and exploit any weaknesses found in companies. We have seen a rapid incline in cyber attacks on people and businesses of all sizes over the past years. With technology so prominent in our lives, we can expect this to continue growing and advancing. Companies need to start seriously investing and adding focus to their cyber security to avoid the line of fire.
Something we see as a regular topic of conversation is the rise of AI, and in turn, automated attacks. Whilst there are some wonderful tools available for cyber security, teams who think like hackers, who see where processes are automated and vulnerabilities lie, are vital to overcome this.
We recommend companies invest time and money in cyber security – the cost of not doing so will far outweigh the benefits. Time spent on monitoring the industry, evolving hacks, trends, and best practice is a great way to stay ahead of the curve. Hiring a team of experts who work to keep your site as safe as possible will pay for itself in the long run.
With this, regular training is key to keeping cyber security teams. Hacks and cyber security threats are an ever-evolving field, so it’s not possible to simply know all there is to know about the space. Where new tools, hacks, and processes present different paths for defense, regular training is important. Platforms like TryHackMe specialise in actionable cyber security learning paths – such as an offensive pentesting path and cyber defense path – which evolve with changes to the industry.
There are also some consistent cyber security best practices to be aware of. Businesses should ensure their environments are hardened and well monitored. They also need strong visibility in order to detect attacks and make attacking more difficult to undertake. Patch management practices help to ensure systems are regularly up to date, and reliable backup systems are crucial to restore access in the event of incidents.