Jeff Bauza is an entrepreneur and business professional who consults on cybersecurity. In the following article, Jeff Bauza discusses the most common cybersecurity threats among businesses and individuals alike, with the hopes of educating readers on who is at risk, what to look out for, bring awareness to the variety of scams and attacks, and how you may be an unknowing victim of these security threats.
Cybersecurity threats are nothing new. But this year has presented particularly severe challenges for businesses and nations around the world.
From sophisticated phishing tactics to new-fangled crypto jacking to nation-state attacks, this year’s hackers are upping the ante more than ever before. But with a lack of cybersecurity professionals causing a plethora of unfilled positions, government entities and corporations must employ different tactics to combat the ever-multiplying cyber threats.
Entire nations and companies of all shapes and sizes are strapping in for a bumpy digital security ride explains Jeffrey Bauza.
Jeff Bauza Says Neither Enterprises nor Nations are Safe
Both government agencies and corporations suffer from a range of cybersecurity threats. But experts suggest these are the top issues this year:
Supply Chain Attacks
Jeff Bauza explains that security experts are urging enterprises and government agencies to be overly picky about the third-party suppliers and vendors they choose to work with. Trust and due diligence when vetting is vital.
Attacks on both software- and hardware-based supply chains leave lasting, devastating impacts.
Jeff Bauza looks at the SolarWinds hack documented in December 2020 which proves just how much these attacks can destroy organizations.
Three nation-state hackers exploited SolarWinds Orion’s supply chain, allowing them access to government and business networks around the world. The main victims were vast tech companies and government bodies like the U.S. Departments of Treasury, Commerce, and Homeland Security.
Ransomware: A Return of 2020’s Spike
2020 marked the year of ransomware explains Jeff Bauza. The number of attacks rose 148% throughout the COVID-19 pandemic, accounting for 23% of all cyber events.
As 2021 came around the corner, the IBM Security X-Force Threat Intelligence Index reported ransomware as the most common type of cyber-attack (21% of all attacks).
This year, Jeff Bauza says that the industry predicts the same. Already, ransomware groups and attackers have targeted colleges, municipalities, enterprises, and more.
Such cyber events cost billions of dollars. Hackers utilize technologies that essentially kidnap their victims’ databases, holding them ransom.
Analysts deem the popularity of cryptocurrencies the reason behind the surge of ransomware attacks. Data-nappers can demand payment anonymously through Bitcoin and other digital currencies, making it harder to catch them.
Since businesses and government bodies are tightening their ransomware belts, several industry experts believe hackers will begin targeting high-net-worth individuals.
Increasingly Sophisticated Phishing
Phishing affects companies, governments, employees, and everybody in between. It’s a never-ending challenge faced by nations and businesses of all sizes. Sadly, Jeff Bauza says nobody is safe.
Alarmingly, 25% of all breaches involved a type of social engineering or phishing last year, according to the 2021 Verizon Data Breach Investigations Report.
And Jeff Bauza says it’s about to get worse thanks to the sophistication of new phishing scams.
Most individuals are aware of email/spear phishing and the potential damage of clicking on suspicious links. So, hackers are upping their game. For instance, they are using machine learning technology to write and send fake — yet wholly realistic — messages, hoping that recipients will compromise their organization’s network or system.
Jeff Bauza says that these oh-so-convincing emails cause major damage, allowing hackers to steal financial information, credit card details, user logins, and access to databases.
Jeffrey Bauza Explains Crypto-Jacking
In addition to fueling ransomware attacks, the cryptocurrency movement affects cybersecurity in another way — crypto-jacking.
This trend involves cyber criminals hijacking vulnerable work or home computers to mine for cryptocurrencies like Bitcoin. Piggybacking off others’ systems allows hackers to make money discretely using third-party processing power explains Jeff Bauza.
While individuals are often targeted during this cybersecurity threat, crypto-jacked business systems cause major performance problems and expensive downtime as IT departments find and solve the issue.
A report by SonicWall, a cybersecurity firm, states crypto-jacking attacks have risen by 269% in the financial sector already this year, which is five times more than the retail industry. But overall, the first half of 2022 suffers from 66.7 million crypto-jacking cases (an increase of 30%).
Cyber-Physical Attacks — Even Military Systems Are at Risk
Cyber-physical attacks are an emerging threat in 2022, and it’s scarier than many first predicted.
These cyber events go beyond stealing sensitive information. Instead, Jeff Bauza says they allow hackers to control physical objects like implanted medical devices, water grids, transportation, treatment facilities, electrical grids, and even America’s military systems.
While the developed world marvels over the Internet of Things and all it’s allowed them to do, it’s constantly raising the cybersecurity threat level. Thus, the bigger it gets, the more at-risk everybody involved becomes.
Currently, no horrific disasters have been attributed to these attacks. However, certain independent cyber-physical events have caused property damage and injuries, including the attack that derailed four trains in Poland in 2008 and the 2021 attack on a Florida-based water treatment facility.
IoT Invasions and Infections
The number of devices plugged into the Internet of Things is expected to reach 75 billion by 2025, according to Statista. From laptops to household appliances to medical devices to home security systems, the IoT makes lives streamlined and helps businesses and consumers save money.
However, more connected devices equal larger risks, meaning networks are vulnerable to cyber infections and invasions.
As soon as hackers infiltrate an IoT system, they can use its devices to overload networks, lock down necessary equipment, and so much more.
Healthcare Battles Medical Device and Electronic Record Hacks
Recent events have highlighted the importance of digital patient records and the improvement of smart medical equipment. But these advancements have sparked concerns about privacy and cybersecurity threats.
Like the general IoT, the more healthcare-related devices on a network, the more vulnerable the information within. Theoretically, attackers could decrease or increase dosages, send electrical impulses to patients, or turn off vital sign monitoring once they’ve infiltrated a system explains Jeff Bauza.
Vulnerable Connected Cars
The driverless car isn’t too far in our future. But the connected car is with us right now, and it’s a cause for cybersecurity concern.
Connected vehicles use onboard sensors to improve operations and comfort. Usually, it’s achieved via tethered, embedded, or smartphone access.
The evolution of connected cars has brought another vulnerability exploitation opportunity to hackers. Not only can they steal sensitive data, but they can also harm passengers.
Social Engineering at Its Finest
To this day, the biggest vulnerability in any cyber system is the human psyche — and social engineering exploits this.
Social engineers take advantage of the weaknesses in employees’ psychologies and use various media to trick them into divulging private information.
Nowadays, these scam artists have a bunch of sophisticated techniques to lure unsuspecting individuals into their trap.
The most well-known technique is phishing. But lesser known (and therefore, more effective) are:
- Watering hole
As social engineering attacks grow in popularity, the world is seeing a surge in high-profile incidents, such as the 2015 attack conducted by a teenager on the director of the CIA.
The Uprising of Nation-State Attacks
Cyberattacks from governments in Russia, North Korea, and Iran are far too common. Potential attacks, known as nation-state threats, from such countries wreak havoc on businesses, homeland governments, and the rest of the nation.
But these days, attacks don’t come solely from recognized entities. After all, a nation-state is any sovereign ruled by a government that isn’t necessarily characterized by physical borders.
Consider the Kurds — they reside in several nations and aren’t legally deemed a separate country. But they are a nation-state.
In the cybersecurity world, it isn’t about the land the territories occupy, but rather the discrete techniques they use to cause harm, such as:
- Making fake company profiles or personas
- Infiltrating enterprise’s supply chains
They’re masters at deceit and stealth, making it increasingly difficult for countries and companies to protect themselves from cyber war.
These Attacks Have Happened for Years
Jeff Bauza says the real question is — are nation-state attacks a new, 2022-specific occurrence? No, they are not.
While news reports of these attack types have boomed recently, nation-state cyber events have been happening for a long time.
1986 saw an attack on the Lawrence Berkeley National Laboratory, and the 1990s and 2000s suffered similar catastrophes like Titan Rain, Red Store, and Moonlight Maze.
Although, it wasn’t until Stuxnet in 2010 that people began to sit up and pay attention.
The attack used a terribly sophisticated computer worm that infiltrated various systems to eradicate Iran’s nuclear weapons infrastructure.
Governments and military entities are most at risk from nation-state cyber events. However, businesses aren’t safe either.
Simplistic and Complex
The population regards nation-state attacks as highly complex tech-based ordeals. But the reality is that they’re far simpler.
In fact, technology isn’t a factor in many of these events.
As reported earlier, social engineering is a common method utilized to breach business networks, even by high-stakes nation-state attacks.
Typically, groups conduct these cyber events to ransom data, ridicule business moguls, and steal trade secrets, like in the following prolific corporation attacks:
- The 2014 attack on Sony Pictures over their movie, The Interview, which North Korea deemed offensive.
- The SolarWinds attack infiltrated various federal agencies.
- The 2022 attack on a satellite broadband company impacted Ukrainian military communications.
A Multi-Layered Approach to Nation-State Attacks
As nation-state attacks continue to change and grow even more sophisticated, businesses and national entities need to take a multifaceted approach to cybersecurity. There isn’t a one-size-fits-all fix.
The current lack of industry professionals means organizations must work harder and smarter to stay ahead of 2022’s surge of nation-state threats.
Experts suggest companies and entities update their cyber defenses and risk assessments by:
- ensuring their risk model includes nation-state threat as a potential scenario.
- understanding who and what should be running devices and setting up alerts for unusual file behaviors.
- knowing the value of asset and vulnerability management systems.
- educating all employees on nation-state attacks and the potential business impacts, including ongoing training, targeted communications, and unannounced tests.
Severe Lack of Cybersecurity Professionals
Over the past few years, the cybercrime epidemic has snowballed — and it doesn’t appear to be slowing down.
Unfortunately, Jeff Bauza says the rapid growth has put cybersecurity professionals in too much demand. There simply aren’t enough of them to service the country’s companies and governments.
Some estimates suggest there are over one million unfilled cybersecurity positions around the world! And many predict it could exceed three million.
Naturally, the shortage is a cause for concern. A well-run, strong digital workforce is crucial to dealing with the evolving cybersecurity threats.
Therefore, enterprises are working harder than ever to plug the skills gaps and construct a solid digital safety team.
Corporations to Implement Hybrid SOC Models
Due to the rarity of knowledgeable OT and modern IT environment professionals, organizations are turning to a hybrid Security Operations Center model.
Reacting to the issue in this manner means companies must turn to third-party security experts to develop advanced programs fit for working with a cloud-based, modern-day SOC. This way of working combines any in-house cyber skills with the expertise of an MSSP or a Managed Security Service Provider for a stronger defense.
Alongside the security system itself, MSSPs work to enhance in-house knowledge in techniques and tools such as intelligence threat-hunting, EDR (endpoint detection and response), and XDR (extended detection and response).
Prevention, Identification and Response
As the complexity and speed of attacks continue to skyrocket and the shortage of cybersecurity professionals keeps expanding, MDR (managed detection and response) systems are the next best thing to strengthen resilience.
The rapidity means it’s no longer about prevention for most organizations but identification and action.
Companies will look for early warning alert systems and SOAR (security orchestration automated response) systems to enhance efficiency.
Of course, anti-malware software and other traditional cybersecurity tools remain important. But they should be combined with threat hunting and other proactive techniques to ensure vulnerabilities are seen and mitigated as quickly as possible.
2022: The Year Businesses and Nations Grow Increasingly Serious About Cybersecurity Threats and Management
The first half of 2022 has presented a myriad of cybersecurity challenges, and the second half is set to be a struggle as more positions remain unfilled. Companies and nations across the world are employing various measures to combat the growing threat of sophisticated phishing scams, crypto-jacking, and nation-state attacks.