Five things you need to know to protect from cybersecurity threats | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Hackers will continue to rely on phishing, ransomware, scams, and trying to compromise business emails. Businesses need to be aware of these key trends driving the proliferation of cyberattacks.

1. Cyber tactics are becoming more accessible

Telstra’s Narelle Devine says the criminal consumer can now “purchase attacks”. 

Narelle Devine, Telstra’s chief information security officer for Asia Pacific, says the industrialisation of cybercrime is one of the most significant trends in the cybersecurity world.

Criminal organisations are working smarter, not harder, by investing in “cybercrime-as-a-service” business models that allow hacking groups with the most basic coding experience to target and exploit weaknesses in the vast digital ecosystem.

“What it means for the criminal consumer is they can purchase attacks, and because they’re commoditising them, they’re getting cheaper and cheaper. They’re really easy, and the returns are really good,” Devine said.

However, while “business” may be booming, this approach has meant criminal organisations have less control than they once had, resulting in a dramatic shift in the scope of threats.

“There were unwritten rules – you don’t go against hospitals; you don’t take out critical infrastructure – that is bad. We’re seeing a real shift where, because anyone can buy these attacks, they [cybercriminal organisations] don’t really control who’s being targeted now,” Devine said.

2. AI is both a threat and a solution

Artificial intelligence has been quietly infiltrating business processes for years, with the launch of the generative AI platform ChatGPT helping to take AI from the ‘too-hard’ basket and making it an essential tool for over 100 million users.

“I think we’d be quite naive to think that criminal and state-sponsored actors were not also looking at that [AI]. But it’s probably going to be the same attacks,” Devine said.

“There’s still going to be phish, it’s still going be business email compromise. They might just be able to do it quicker or at scale, or maybe do it a little bit better,” Devine added.

Tulin Sevgin, a director in MinterEllison’s national cyber security practice, added that in the future, hacking groups could also target organisations using AI and machine learning and manipulate data sets used by AI systems to steer them in the wrong direction.

Tulin Sevgin, a director in MinterEllison, says hackers could use AI to target organisations. 

“This misdirection can, in turn, lead to system malfunctions and expose vulnerabilities. Attackers can potentially reverse engineer AI systems to gain access to the sensitive information used to train AI,” Sevgin said.

On the other hand, Anderson points to how AI and machine learning can help cut through the cyber threat noise. In March this year, the global tech giant announced a new product, Microsoft Security Copilot, allowing the system to sift through thousands of alerts and events to identify and act on the clear threats in the system. This leaves the less obvious cases to be further investigated.

“Take a piece of code. If it doesn’t make sense to you, you can literally throw it into these AI models and go, ‘What is it doing?’ And it’ll come back and say, ‘it is doing this, it is doing that, and then it’s doing that’,” Anderson said.

3. Geopolitical tensions mean we will see more state-sponsored threats

The latest annual cyber report from the Australian Cyber Security Centre noted that Russia’s invasion of Ukraine has increased the cyber threat globally, with cyber operations an important tool in geostrategic competition.

Sevgin, who also sits on the board of the global Cybersecurity Advisors Network, predicts this will increase and continue to be a threat to Australia.

“[This is] particularly due to the tension we’re seeing between the US, Iran, North Korean or Chinese hackers – especially when events such as elections are on. And with more than 70 elections to be held this year, we expect to see criminal activities surge,” Sevgin said.

Amidst the noise, it’s becoming more challenging to differentiate between state and criminal actors, with Devine saying there has been a true blending of the two.

“A decade ago, state-sponsored activities were very much concentrated on espionage and criminal activities were very much focused on money. But now that’s changed because criminals have worked out that if you take data, you can sell it, and you can get money,” Devine said.

Many state-funded actors are also required to generate income or launch an attack for reasons other than espionage.

Microsoft’s Mark Anderson says in Russia, gangs are operating unimpeded. 

Anderson also notes that the breakdown of cooperation between nations presents a challenge. In the past, there was closer cooperation between law enforcement across jurisdictions – that’s not a given anymore.

“If you take Russia as an example, now those gangs are operating unimpeded. And they can get away with it as long as they are not targeting their own country, and they’re able to help the state when the state needs them,” Anderson said.

4. Know what you are protecting

Regardless of the motivation of the threat actors, a remaining – and not insignificant – barrier for companies to overcome is understanding what it is they are protecting.

According to MinterEllison’s cyber risk survey, released this month, only 38 per cent of respondents were confident their organisation understood what data they stored, where it was, and who has access to it.

This is reflected in Anderson’s conversations with board members for the last year or so. “[Board members are] thinking about how do we know what we have, how do we know where it is, and should we be rethinking our policies about how long we keep it? Because you can’t protect what you don’t know about,” Anderson said.

Devine adds that understanding what you have will help organisations understand the motivation behind the threat actors most likely to target them. “Then you can start putting layers and segmentation around the things that matter most.”

“It really should shape the cyber strategy and the cyber posture for any business, no matter the size,” Devine said.

5. The fundamentals of cybersecurity remain the same

While the attacks are becoming more frequent and more detailed in their execution thanks to new cybercriminal service models, Anderson stresses that most attacks are not sophisticated and basic hygiene controls remain effective.

“I think there is an element in this industry, we like to catastrophise a lot and come up with, what’s the most fanciful way we could be breached. But if it still takes you three months to patch your computers, you’ve got a whole different issue to be worried about,” Anderson said.

It’s a sentiment Devine shares. “By just getting that basic hygiene right, you’re going to lift the bar significantly. It doesn’t necessarily need to be raised heaps, but if you make it a little bit hard, it will cost them [cybercriminals] an awful lot more. And that cost of entry is the thing that’s normally one of the biggest deterrents,” Devine said.

A simple piece of advice Devine has for everyone is just to be suspicious. “Be that little bit sceptical. If you’re not expecting something, that’s probably one of the best triggers,” Devine said.


Click Here For The Original Story From This Source.

National Cyber Security