Last year in Germany we saw the COVID-19 pandemic exacerbate existing cyber security concerns. Has this trend continued, and what else has been happening in Germany? Based on the last 12 months, these are the cyber security trends we expect to be prevalent in 2022.
Last year we noted that cyber attackers were taking advantage of increasingly digital German companies, who had to transform in order to continue operating during pandemic lockdowns.
This has continued on through 2021, with the German Federal Office for Information Security's (BSI) Die Lage der IT-Sicherheit in Deutschland 2021 report noting that cyber criminals had used a variety of tactics to abuse the poor security among many rapidly digitised businesses. Such tactics included:
Ransomware is now one of the most prolific forms of malware on the web. According to the Kaspersky Security Bulletin 2020-21, nearly 57,000 unique users were struck by malware during that reporting period, of which over 12,300 were from major organizations.
Big game hunting
Why are so many huge companies under attack, rather than small companies? It's due to a trend called 'big game hunting' - where attackers target very large organizations from which they can extort the largest possible ransom. Criminals look for high-value targets through publicly available financial information, and choose companies that they think can afford the biggest ransoms.
How are attackers getting in?
The usual methods are still common - phishing via spam emails, for example. But attackers have found that they can also manipulate weak points in remote maintenance and VPN access. Whenever these are compromised, it gives attackers quite extensive access to the system. And they're taking their time initiating attacks, too, scouting the network and spear phishing for specific victims before making their move.
Learn more: "The most common cyber attack vectors of 2021"
Since 2020, there has been a sharp rise in the number of groups offering malware as a SaaS product. Ransomware-as-a-service (RaaS) is one of the most common, where would-be attackers purchase ransomware from an organized group, as well as the use of its payment and distribution infrastructures and back-office services. Some RaaS groups even offer customer service for victims, to help them pay.
According to the BSI, RaaS allows attackers to conduct effective extortion operations at a lower cost - they don't even need the technical skills to develop the malware, or any of its components. In exchange, a percentage of their extorted earnings go back to the group (BSI says this is usually less than 50%).
In 2021, the BSI discovered 144 million new malware variants, which is 20% more than last year. That's 394,000 per day.
Human error is one of the biggest security vulnerabilities for any business. Phishing, social engineering, credential harvesting, all of these attack vectors take advantage of people. So, your people must know what to look for and how to keep safe online.
Try to raise the basic level of cyber security understanding in your business. Host workshops and education sessions on a regular basis to teach the basics, and incorporate cyber awareness into everyday life - giving shout outs to people who are doing well, and send out occasional tips and reminders about, for example, changing passwords, or how to spot spoofed websites.
Ransomware works because it locks access to important files, or entire systems. If a company can't get access to those files, it cannot operate as a business. This can be hugely damaging.
If you were to back up your system regularly, however, you could theoretically reinstigate the backed up version of your files in the event of a ransomware attack. You would lose only the data that was gathered between creating the backup and now. This may be weeks', or just days' worth of information.
Just remember, though - your backup has to be safe from attackers. We recommend housing backups in an entirely separate network to your main system, so any malware cannot cross over into the backup and infect that too.
In the global digital supply chain, your partners and vendors could leave your business vulnerable. As companies increasingly deploy apps and tools developed by other companies, you may find that your organization becomes beholden to someone else's cyber security.
It's of critical importance these days that you review all vendors and partners from a security perspective from the very beginning of the relationship - before signing the contract, even. Involve your security experts in the research and negotiation phases, and try to keep a diverse set of vendors - so that you spread the risk, and don't rely entirely on one brand.
Learn more: "Are you reviewing third parties for security risks?"
Cyber security is, unfortunately, a problem that is only getting worse. We know it can feel like a lot to try and figure out how to tackle it all on your own, but you don't have to.
Here at dig8ital, we know what it takes to improve a company's security posture, and to build better policies and procedures from the ground up - tailored to each of our unique clients' own needs.
So what can we do for you? Contact us for a free maturity consultation and let's talk about what you require.