Organizations worldwide benefit from reviewing lessons learned at the end of a fiscal year. These can single out reasons for project success and failures, thus contributing to improving outcomes. This approach is more important than ever as we analyze our cyber security needs as we enter 2022 . As we enter into a third year of a worldwide pandemic, organizational structures are constantly evolving and the  lessons learned in regard to cyber vulnerabilities are among the top focal points for oversight and management. Notice three emerging trends in cyber attacks that 2021 has taught us.

The ever-changing cyber attack landscape

The Global cyber-attacks environment continues to expand. A key reason is related to increase business carried out mainly over the internet. Half the U.S. labor force is estimated to be working from home. In an article by Cybersecurity Ventures, it is estimated that the world will store 200 zettabytes of data by 2025.  This includes data stored on private and public IT infrastructures, on utility infrastructures, on private and public cloud data centers, on personal. 

Remote work pulls the employees away from the safety barriers of an office which provides secure firewalls, routers, and IT security teams and places them in poorly protected at-home networks. This vulnerability gives hackers a playground to exploit weaknesses in these networks. Cybercriminals can use the billions of connected internet-based devices that can allow them to access all sorts of data. Protecting such a vast environment is more challenging and important than ever. 

Cyber criminals’ weapon of choice: Ransomware 

Ransomeware attacks is not new,  but it continues to be one of the most favored mechanisms since it give an easy way to receive monetary gain for criminals. It is believed that currently there exist approximately 124 separate families of ransomware and hackers are experts at using this malignant code. 

What makes these attacks so successful is vulnerability of the digital landscape, we have at present. Lockdowns and its effects has transformed the digital model of organizations worldwide, making ransomware an ideal weapon that provides an easier mark for extortion. Criminal hackers have transformed into more refined ways of exploiting vulnerabilities through machine learning and more synchronized sharing on the dark web and dark web forums. 

Preventing ransomware requires cybersecurity awareness and preparation based on anti-malware programs, secure passwords, updating patches, and having secure routers, VPNs, and Wi-Fi. You need to be aware of the baits and keep protected information correctly stored and backed up. 

Threats Against Critical Infrastructure 

The 2020 World Economic Forum’s Global Risks Report listed cyberattacks on critical infrastructure (CI) as a top concern. WEF noted that “attacks on critical infrastructure have become the new normal across sectors such as energy, healthcare, and transportation.” The Global Risks Report 2020 | World Economic Forum (weforum.org) 

Taking advantage of holes in software, phishing scams, bots, malware, among others, the threat goes beyond your neighborhood hacker. Criminal organizations, terrorists, and even national adversaries have found these types of “subtle” attacks as the new form of war. 

Healthcare, utilities, banking, and transportation are just a shortlist of the critical infrastructure that is vulnerable to malware attacks that can impact control systems and eventually cause severe damages that can lead to widespread mayhem. Critical infrastructure operators should apply a comprehensive risk framework to address vulnerabilities and establish a defense system. Despite having unique frameworks and other types of technologies within their organizations, critical infrastructure can redefine its approach and work more diligently in preparing for attacks. 

Considering these is just the tip of the iceberg, but you can trust R3CG to provide the knowledge and the tools to protect your systems. Contact us today.