Bertus Engelbrecht, Senior Manager: Information Security at BCX, talks about the cybersecurity threat landscape in 2023 and how the rise of artificial intelligence, automation and intelligent threat actors is putting intense pressure on the organisation.
Cybercrime remains one of the most persistent challenges facing the modern business. In September 2023 there have been seventy-one incidents and 3,808,687,191 compromised records. Globally, the total number of breached records for 2023 is currently sitting at more than 4.5 billion. According to Orange Cyberdefense Security Navigator 2023, the types of attacks are predominantly malware, social engineering, policy violations, system anomalies, and network and application anomalies.
Ransomware remains one of the most common threats. According to the Sophos State of Ransomware 2023 report, 27% of ransomware payments in 2023 were between one and five million, and it costs companies an average of $US1.82 million to recover their data. However, this form of attack is veering away from its encryption roots towards an extortion-led approach that cybercriminals are finding far more profitable and effective. Instead of encrypting the files – a process that takes time and patience to orchestrate – they are simply exfiltrating the data and holding it to ransom with the threat of selling or leaking it to the highest bidder.
It is a move that shows how good ransomware is at its job. The tools used to perpetrate ransomware attacks are increasingly sophisticated, aiming their sights at larger organisations using tools refined by artificial intelligence (AI) and investment to capture the data and extort increasingly hefty sums of money. Ransomware-as-a-Service is also playing a role in the ongoing success of this malware. Commoditised, it is being optimised to deliver a service to those who purchase and use it.
Mobile malware, destructive malware, disk wipers, and zero-day vulnerabilities are also counted among 2023’s rising threats, with cloud third-party attacks also gaining ground. Cloud computing may be delivering significant benefits to South African businesses, but it is also introducing vulnerabilities. Cybercriminals are constantly looking for new ways to exploit the cloud and targeting third-party service providers is becoming a popular route inside the enterprise. Disk wipers are another rising concern – according to Fortinet, there was a 53% increase in wipers towards the end of 2022 and these remain a pervasive threat.
However, it is the exploitation of vulnerabilities that remains a real concern. Malicious actors are, according to the research, 327 times more likely to exploit vulnerabilities and there has been an increase of up to 68% in unique exploit detections. Then, of course, there are the zero-day vulnerabilities that are leaped on by hackers at speed. These wide-open doors are an effortless way into the business, especially as many companies are not patching their platforms as quickly as they should once these vulnerabilities have been revealed.
What all these threats and challenges add up to is one quite simple step forward. It is time for the organisation to become the hunter, not the hunted. To invest in tools and methodologies that put security back into the hands of the business. PwC’s 2024 Global Digital Trust Insights study found that 5% of companies are experiencing fewer breaches and less expensive attacks because they have focused on streamlining their security. These companies are more productive and are showing increased growth because they can take advantage of emergent technologies and invest in new ways of working with greater confidence.
What does that mean? It means that they have placed security at the centre of the organisation, allowing for innovation and growth to emerge from the technologies that protect them rather than the other way around. This is an investment into technologies and partners that allow the organisation to thrive and grow despite the threats that sit outside its walls. When a company has a robust security system that can adapt to threats with agility, then that company can continue to drive its innovation and investment forward with confidence.
Monitor, respond, hunt, and protect. These are the four pillars of a robust security posture that ensure network, email, and identity security alongside managed detection and response (MDR), monitoring and analysis, and intelligence and threat hunting. BCX’s Threat Detection Centre leverages best practice approaches alongside market-leading threat detection and mitigation technologies to rapidly respond to risks within the organisation while ensuring it remains as sophisticated and agile as the threats themselves.
Cybersecurity is more than just technology. It is a mindset and a methodology embraced by organisations that want to prioritise growth with a partner that has the right tools and expertise.