Uncategorized

Think Before You Click - Cyber Crooks will not spare any chance !!!!

by VARINDIA 2021-10-29

Cyber Security Awareness Month is an internationally recognized campaign held every October to help the public learn more about the importance of cyber security. It is recognised as the National Cyber Security Awareness Month (NCSAM) globally. It is the time for everyone to be reminded about the role they play in ensuring cybersecurity, both locally and across the world.

Hackers and cyber attackers no longer target only companies and corporations, but individuals too. Cyber Security is now a part of every individual’s life. The more connected we get, safeguarding our digital identities becomes a shared responsibility. The more we share, the more we must care. Hence it is necessary to build your security on a solution you can trust.

During the pandemic where Work from Home was shifting workloads to the cloud and employees to work-from-home models has only expanded the attack surface, creating new opportunities for attackers to leverage. Cyber Security has become more important than ever in today’s Digital Life. Companies need Zero Trust solutions that not only defend against threat actors gaining access to enterprise systems, but also mitigate the impact of infections that slip through the cracks.

Social engineering is a general term used to describe how bad actors manipulate individuals into giving them access to personal information. Phishing is the most common form of social engineering for stealing an individual’s personal information like IDs or passwords, or for installing malware which can be used for various purposes including ransomware attacks.

Globally, after a slight decrease in the weeks before March 2020, but from March 2020, there was a significant increase in the average weekly number of attacks on each organization over the months including 2021. In September 2021, the average weekly number of attacks on each organization globally reached its peak with over 870 attacks. This is more than double the number of attacks in March 2020, as per Checkpoint survey.

While Africa is the most targeted region for cyberattacks, Europe and North America faced the biggest increases in cyberattacks between 2020 and 2021. Organizations in Africa experienced the highest volume of attacks so far in 2021, with an average of 1,615 weekly attacks per organization. This is a 15% increase from last year. This is followed by APAC with an average of 1,299 weekly attacks per organization (20% increase), followed by Latin America with an average of 1,117 attacks weekly (37% increase), Europe with 665 (65% increase) and North America with 497 (57% increase).

A finding from Fortinet says, Ransomware grew over 1000% between July 2020 and June 2021. This new data from Fortinet’s 2021 Ransomware Survey Report shows just how egregious ransomware attacks are today, and how organizations aren’t making the connection between the cyberattack and their own users.

1 out of every 61 organizations worldwide is impacted by ransomware every week. Education/Research is the #1 most targeted industry globally, marking a 60% increase in cyberattacks from 2020. In India, there is 18% increase in weekly cyberattacks in 2021, compared to 2020 (1741 cyberattacks a week on average)

Secondly, Trend Micro report states that, it has blocked 40.9 billion email threats, malicious files, and malicious URLs for its customers worldwide in the first half of 2021, a 47% year-on-year increase. In this period, the company detected and blocked a total number of 1,11,028 email spam, malicious URLs and malware, in India.

In India, the total ransomware threats for 1H 2021 stands at 12.98%, the second highest in Asia after China. The banking industry was disproportionately affected, experiencing a 1,318% year-on-year increase in ransomware attacks in the first half of 2021, globally.

Another report from Mcafee states that enterprises will face challenges in 2022. Bad actors have taken note of successful tactics from 2021, including those making headlines tied to ransomware, nation states, social media, and the shifting reliance on a remote workforce. Over this past year, the cybercriminals got smarter and quicker at retooling their tactics to follow new bad actor schemes – from ransomware to nation states.

Going forward, a power shift among ransomware threat actors: Self-reliant cybercrime groups will increase and shift the balance of power within the Ransomware-as-a-Service (RaaS) eco-kingdom from those who control the ransomware to those who control the victim’s networks. Ransomware has generated billions of dollars in recent years and it’s only a matter of time before some individuals who believe they aren’t getting their fair share become unhappy.

Secondly, 5G and IoT traffic between API services and apps will make them increasingly lucrative targets, causing unwanted exposure of information. The connected nature of APIs potentially also introduces additional risks to businesses as they become an entry vector for wider supply chain attacks. In most cases, attacks targeting APIs go undetected as they are generally considered as trusted paths and lack the same level of governance and security controls. Hence, there is a need to keep a Close Eye on API.

Thirdly, hijackers will target your application containers, like expanded exploitation of containers and vulnerable applications will lead to endpoint resource hijacking such as through crypto-mining malware, spinning up other resources, data theft, attacker persistence, and container-escape to host systems.

With the evolving threat landscape and continued impact of the global pandemic, it is crucial that enterprises stay aware of the cybersecurity trends so that they can be proactive and actionable in protecting their information.