Surging attacks, rising costs, and better malware create a digital inferno
With all the innovations, advancements, and practices put in place, how did we reach this point in cybersecurity? While it’s not my goal to spread doomsday think when it comes to digital protection, I do believe a practical view on what’s going on is important.
We’re in a confusing time, to say the least. The burst of cyber attacks thanks to the continued COVID-19 pandemic has put the industry in a tailspin. It radically demonstrates the serious need for powerful cybersecurity, while shining a light on the current weakness of contemporary infrastructure. Which is funny, considering just how much cash is thrown at the problem. Businesses are investing billions in cybersecurity solutions and training, though still come up short in the face of modern threats.
Personally, I don’t think the actual question is “how did we get here?” We’ve always been here, it’s just that circumstances finally revealed the situation for what it is.
Why it feels like a cybersecurity cyclone
We do possess substantial security tools. In fact, many simple-to-implement solutions are found abroad on mobile devices and networks. Things like multi-factor authentication, advanced security strategies (like zero-trust), and connection encryption are all helpful tools to combat threat actors.
The thing is, though, we’re facing down a torrent of attack surfaces. Remote services contributed greatly to this problem, as you probably guessed. But, the proliferation of mobile devices and convenient connections also “helped” this problem expand. Experts have used this metaphor before, so think of it like this: before, cybersecurity was simplified to single or few connection points. Like a building with one door, and said door was easy to lock down.
Now, we have numerous buildings with doors and windows, all of which need securing, but often lack substantial preventive measures. Adding to this is the complexity and volume of cyberattacks. Cybersecurity isn’t a battle to be won, it’s a constant race, and right now, cybersec is losing said race. While there is a federal and enterprise effort to start investing in cybersecurity efforts, it’s on the heels of major cyber-attacks. It’s reactive instead of proactive.
Technology working against us
It’s a whole disaster recipe. The saturation of attack surfaces created by remote working needs and the rapid growth of technology. Essentially, the evolution of technology is working against us, as much as it’s helping.
While yes, we have access to mobile devices and all sorts of nifty gadgets which make our lives a bit easier (or worse, depending on who you ask), it creates a problem. Technology is running away from us, and by this I mean understanding and competency don’t match the growth. Often we look to software or services to handle those “complicated” things for us, instead of having at least a basic understanding of fixing it ourselves.
This isn’t to suggest I’m shifting the blame of cyberattacks to people. Some are well beyond our point of control and understanding. Think of phishing attacks, the most successful method for attackers to launch ransomware/malware. Combatting phishing emails requires a little extra scrutiny and caution, but often people don’t know how to recognize their telltale signs.
There’s an increased reliance on technology for virtually any enterprise-level service. Cloud computing, for instance, is a reliable and powerful service letting companies set up virtual infrastructure quickly. But that rapid implementation also creates additional attack surfaces. It also means more and more companies are reliant on tech solutions, whereas they weren’t before.
Adoption of basic, but barely secure services, as you can imagine, invites dangerous attacks like ransomware.
Threat actors and their momentum
Where cybersecurity efforts lag, since it varies from business to business, malicious parties are improving their technique every day. Increasingly complex, nuanced threat campaigns emerge with ransomware tools more widely accessible to would-be attackers. Like I’ve mentioned before, one doesn’t need exceptional IT knowledge to conduct advanced attacks.
Hackers can even use anti-virus tools and techniques against unaware industries and workers. Automation, for instance, a technique to help sniff out attacks before they happen, is a resource hackers use to expedite their infection process.
For now, information is the ideal defense
Confronting the maelstrom of cybersecurity issues and renovations needed is a monumental task. Given the pace of malicious activity and threat actors, it can appear overwhelming. For now, enterprise leads should take every precaution available by examining the potential attack surfaces of their network. Additionally, keeping staff informed and updated on threat types is also efficient.
For example, Microsoft is a commonly emulated model for phishing emails. Therefore, informed staff taking an extra glance at a “Microsoft” email are less likely to fall victim to social engineering schemes.
Still, it’s an endless race, and without a concentrated effort to totally renovate cybersec strats, it’s one the “good guys” are losing.
-Douglas James
