This article is part of Panther’s new Future of Cyber Attacks Series which features interviews with cyber security experts, thought leaders, and practitioners with a goal of better understanding what organizations can do to prepare themselves for the future of cyber attacks.
The following is an interview we recently had with Jonathan Roy, the Director of Security and Compliance at designDATA.
How have cyberattacks evolved over the past 12 months?
First, as a general overview, both the frequency and success of cyberattacks have increased and will continue to do so as a consequence of their past profitability. Second, ransomware is experiencing an evolution to include a data breach component. In the past, hackers simply encrypted data and asked for a ransom, but victims could avoid paying the ransom if their IT team made the proper investments in backup and restore capabilities. With this next generation of ransomware, they are adding a data breach extortion element, doubling the ransom demand to “buy silence” and stop the leaking of sensitive info. Finally, there has been a genesis and burgeoning of supply chain attacks, where cybercriminals target software manufacturers to infect their larger, more prestigious companies at a more vulnerable level.
What lessons can be learned from the biggest cyberattacks in recent history?
Recent cyberattacks like those on Solar Winds in late December 2020 and Kaseya in July 2021 have highlighted the need for an increased level of vendor scrutiny. The usual vendor selection criteria of cost and quality of service must expand to include an evaluation of that vendor’s internal cybersecurity practices. While this can be difficult to assess, you can evaluate the quality of a company’s cybersecurity by asking for copies of certifications, audits, and regulations that a vendor adheres to or by submitting a custom cybersecurity questionnaire. Moreover, it is imperative to make the correct decisions regarding your organization’s internal processes and technologies to detect and prevent data breaches. For instance, using a Security Information Event Management system (SIEM) can detect data breaches in real-time or identify the precursors to attacks.
What will cyberattacks look like in the future?
The future of cyberattacks is notoriously hard to predict because of cybercriminals’ dedication to continually evading detection. However, because they have permeated nearly every aspect of large businesses at this point, cybercriminals will likely become increasingly efficient at distributing ransomware, casting a broader net to add small businesses and even individuals to their attack repertoire. With increased automation, cybercriminals can automatically distribute “small-dollar” attacks to personal and mobile devices while remaining profitable.
What are three pieces of advice for organizations looking to get ahead of the cyberattacks of the future?
First, conduct an annual cybersecurity risk assessment, either with in-house talent or the use of a third-party service. This will call attention to the most common forms of cybercrime that could affect your organization annually and identify the associated level of risk. At this point, decide if your business can accept the current level of risk or if you want to invest in additional resources to mitigate it. Second, it is imperative to invest in anti-ransomware software which specifically thwarts ransomware attacks. These are relatively inexpensive and result in a substantial financial gain for your organization. Lastly, always do your due diligence to evaluate the cybersecurity preparedness of third-party vendors and partners before contracting their services. Keep in mind: the lowest bidder may be cutting cybersecurity corners to reduce overhead costs.