Cybersecurity remains a top priority

Departments - From the Flight Deck

In 2021, in every part of the world, cybersecurity threats increased and challenges grew, while organizations did their best to mitigate against new and destructive attacks. That’s the report from SecurityHQ, a global managed security service provider (MSSP) that monitors and oversees security devices and systems.

Throughout last year there was an increase in prevalent threat actors (a person, group, or nation that makes a cyberattack) and initial access brokers (cybercriminals who breach companies, then sell that access to ransomware attackers). Their activity led to a spike in supply chain attacks – cyberattacks that target vulnerable elements in the software supply chain. These software breaches can lead to supply chain compromise – the manipulation of devices or software before they reach the end consumer.

These are terms we should learn, especially since in 2021 the National Institute of Standards and Technology’s National Vulnerabilities Database (NIST NVD) published 21,957 vulnerabilities – the fifth consecutive year there’s been a record number.

Supply chain-related compromises, issues with cryptocurrency and digital asset security, expanding ransomware tactics, and a rise in geopolitical tensions have increased the number of threats SecurityHQ monitors and safeguards against.

In its latest white paper, Global Threat Forecast 2022, SecurityHQ experts discuss some of the evolving threats, the prevalent actors, and targeted industries – and they offer some mitigation actions. A few findings:

  • The highest number of major malware variant for 2021 was ransomware. While not new, what differed was the same malware being sold on forums or shared across groups. SecurityHQ reports a new angle: Groups will no longer just encrypt your data until the ransom is paid, they’ll publish it online if you don’t pay, effectively making all your data public.
  • Some advanced persistent threats (APTs) seen during the past year emphasize the role of nation state actors. The bad actors include organizations with ties to governments well-known to be antagonistic to U.S. interests. With the current conflict between Russia and Ukraine, the experts foresee an increase of cyberattacks globally.
  • Supply chain compromises will be more prevalent and are a relatively easy entry point for attackers, especially if they’re targeting whole companies via their customers.

In response to those threats, the SecurityHQ white paper offers six broad recommendations, a few of which are:

Asset visibility – You can’t protect your assets unless you know what they are. Find those assets, run discovery scans, and put them into your vulnerability management cycle.

Vulnerability detection – You must detect vulnerabilities quickly. How often you scan will impact your visibility and, therefore, vulnerability.

Preparedness – Keep your incident response playbooks up to date with the right contacts who should be called in. Educate your team, it plays a large part in being prepared.

Smaller manufacturers and machine shops need to be just as vigilant as larger companies in protecting their digital assets. Threats continually evolve and require the continued attention of someone in your organization to stay ahead of them. – Eric