Ransomware and Nation-State Attacks Now the Biggest Threats, Say Cybersecurity Pros
Ransomware is the biggest concern for cybersecurity professionals, according to results of the Infosecurity Group’s 2022 State of Cybersecurity Report, produced by Infosecurity Europe and Infosecurity Magazine.
Cybersecurity Professionals’ Number One Concern: Ransomware
This attack vector was voted as the biggest cybersecurity trend (28%) by the survey respondents (including CISOs, CTOs, CIOs and academics), marking a significant change from the previous report in 2020, where ransomware did not break the top three. This follows surging ransomware incidents in 2021, with ransom demands and payments growing significantly last year. A number of these attacks have also impacted critical industries, for example, taking down the US’ largest fuel pipeline.
Victoria Baines, visiting research fellow at Bournemouth University, noted: “It started to have an impact on critical infrastructure, on states, on operational technology, and on large manufacturers. We went from a consumer citizen ransom of a couple of thousand dollars to millions for some of those higher-value targets.”
The survey respondents also highlighted the evolving tactics and capabilities of ransomware attackers. This includes threat actors becoming more sophisticated as they evolve into loosely coupled service-based operations, according to Guido Grillenmeier, chief technologist at Semperis.
A number of cybersecurity professionals believe that cyber-criminal groups will become more guarded in their approach due to new initiatives by governments and law enforcement to tackle these activities. David Edwards, founder of Zeroday360, outlined: “The risks ransomware groups are taking are higher, so they’re going to try and operate with a lower profile somewhere else.”
Cybersecurity Professionals’ Number Two Concern: Nation-State Attacks
The second biggest concern for survey respondents was geopolitics/nation-state attacks (24%), particularly the shifting hostilities from the Russia-Ukraine conflict into cyberspace. Russia already had a reputation for conducting offensive cyber operations prior to the conflict, and the Ukrainian government and critical services have experienced numerous attacks both before and since the war began.
The risk of Russian cyber-attacks affecting the West following the imposition of sanctions and military and financial support for Ukraine was cited by a number of respondents. This includes those conducted by cyber-criminal groups based in Russia, such as Conti, which have links to the Kremlin. “I see an escalation in state-sponsored or acts in connection with state-sponsored activity,” said Ian Hill, director of cybersecurity at BGL Insurance.
Growing geopolitical unrest makes the development of a global legal framework on cybercrime and cyber warfare more important than ever, according to Praveen Singh, head of global IT risk and cyber security, ICBC Standard Bank Plc. “We are going to get to a point globally where we have UN-level state laws on cybersecurity, warfare and rules, and they must be written down and agreed by the key nations around the world.”
Cybersecurity Professionals’ Number Three Concern: Supply Chain Attacks
Another issue that surged in importance during this year’s report was supply chain attacks, ranking as the third most significant threat (22%). The cybersecurity risks posed by increasingly digitized and complex supply chains were demonstrated by the SolarWinds attack in December 2020. This was followed by several other high-profile supply chain incidents in 2021, such as the Kaseya attack.
Tiago Carvalho, technical security consultant at Not So Secure, explained: “Supply chains have become more complex. This makes it difficult for companies to manage their risks.”
The respondents expect supply chain attacks to become a growing problem. This will be exacerbated by trends like employees continuing to procure their own software and online services, thereby widening the attack surface, and the growth of open-source software, with many of these libraries, utilities and applications having little security testing.
The report identified a total of 44 trends. Other notable issues highlighted by the respondents were:
- Cloud/multi-cloud security (21%)
- Remote work and return (18%)
- Deperimeterization and zero trust (15%),
- The human factor (15%)
- AI/ML (10%).
Commenting on the findings, Nicole Mills, exhibition director at Infosecurity Group, said: “The threat landscape is continually evolving, but this year’s report highlights just how quickly these changes are taking place. The industry is facing unprecedented challenges in trying to keep pace and stay one step ahead of the threats, and while most of these are familiar, the tactics and motivation behind them are diverse. We are facing a new era of cyber threats, being further propelled by increased digitalization and geopolitical events. These attacks are no longer just headlines that people can read and forget about, their effect on all of us will continue to grow.”
The 2022 State of Cybersecurity Report was based on 67 interviews conducted with top information security professionals in March 2022. The opinions of numerous cybersecurity experts were collected via online written responses and online one-to-one video interviews. To download a copy of the report, please click here.