Moving Target: How the Cyber Threat Landscape Is Evolving
Vertali’s Leanne Wilson on how the cyber threat landscape continues to develop and how to defend systems and mitigate future risk
Cybersecurity risks are dynamic by nature, with new threats and attack vectors emerging fast. As technologies, processes and practices constantly evolve, we now have a proliferation of digital technologies that are external facing and enable previously unimaginable levels of connectivity. This underlies some of the biggest challenges facing cybersecurity, operational risk and cyber resilience professionals in the next decade.
Imagine the cyber threat landscape is like the mythical monster, the Hydra: cut off one head and another two spring up in its place, presenting new and different challenges. The cyber threat keeps shape-shifting and growing—powered in part by new tech. At the same time, the world is now fully connected, with the Internet of Things and a new era of smart devices like fridges or exercise bikes that can have everything enabled yet very little security, leaving a backdoor to your data. We’re also now living in an age of AI and quantum computing, of which the wider (and wilder) implications are not yet known.
However, there is good news: In an uncertain world, with an unknown future, we are not powerless. We can hope for the best while planning for the worst; as my dad always says, “Think like a hacker, act like an engineer.” In this article, we’ll explore how the cyber threat landscape is changing and how you can defend your systems against constantly evolving threats.
Shifting Cybersecurity Threats
In recent years, IT security attacks have shifted from isolated incidents on systems toward targeted and complex threats at a personal, corporate and national level. New digital technologies have brought a wave of back doors and vulnerabilities; as most organizations continue their digital transformation, major risks emerge. The “digital now” is intertwined with the current era of remote, home and hybrid working, brought to the fore by the coronavirus pandemic.
A 2020 assessment by the international criminal police organization (INTERPOL) indicated an alarming rate of cybercrime attacks during COVID-19, with “a significant target shift from individuals and small businesses to major corporations, governments and critical infrastructure.” It appears that while cyberattack methods didn’t particularly change during the pandemic, the scale did, as attackers suddenly had a much bigger pond to phish. People began using new meeting and messaging platforms in huge numbers, with the security vulnerabilities of certain platforms and applications later identified. At the same time, raised anxiety levels made some individuals more susceptible to attack.
That’s a quick glance in our rear-view mirror, but what does the road ahead look like? New technologies will continue to provide huge benefits with one hand while offering increased risks with the other. Here are some examples.
A More Mobile Connected World
Today’s mobile applications and devices have the potential to significantly compromise cybersecurity. In a world of changing lifestyles and working habits, increasingly adaptable mobile platforms are used to access and process sensitive data: personal and corporate email, messaging services, corporate and financial data and so on. Smartphones have become a target to be comprised by malware.
What does this mean for cybersecurity and risk management? Risk analyses and mitigations should be concerned with robust policies and governance around both bring-your-own devices (BYOD) and corporate-provided devices. There should be policies and mitigating technologies in place to protect against breaches and data loss, including appropriate logging and monitoring of all devices.
AI: The Good, the Bad and the Ugly
Machine learning uses past data and experiences to learn and develop autonomous intelligence. While AI methods like this are driving incredible innovation and automation, AI is also applied maliciously, often in combination with standard attack methods. The evasive malware application DeepLocker is just one example. Research has not yet crystalized the AI-based cyber threat sufficiently to inform the development of appropriate defense mechanisms and risk management approaches. Addressing this gap will require additional investment and time. But we can fight fire with fire: using AI itself to mitigate AI-driven cyber risks, mapping and analyzing data from attacks to anticipate and deflect future threats. AI can be used to automate threat detection, battle bots and provide breach risk prediction and powerful end-point protection more efficiently than humans or conventional software.
Quantumania: The New Arms Race
Quantum computing also offers benefits as well as risks. Quantum-based engineering is used to achieve complex concurrent computations. The issue is that digital encryption relies on the computational complexity of mathematical problems—for example, factoring large numbers—which could be easy to crack using a quantum computer. For now, experimental systems aren’t powerful enough to destabilize public encryption. But they do highlight that, in certain situations, quantum computers can best the fastest traditional supercomputers.
This should be of significant concern to cybersecurity and risk management professionals. If bad actors fully realize quantum computing, they’ll gain the ability to hack systems, attack networks and topple key infrastructure with minimal resistance. Rivalry to achieve the first fully realized quantum computer has been described as “the arms race of the scientific age,” with the scientific community working to create countermeasures and quantum-safe alternatives. Let’s hope the countermeasures arrive faster than the real-life attacks.
This Time It’s (Cyber) War
Another growth area is cyber warfare waged by independent criminal groups and state-sponsored actors: breaching or immobilizing a nation’s infrastructure or systems and hacking intelligence repositories for sensitive or valuable information. How can we protect both personal and national sensitive information? What are the implications in terms of data protection and confidentiality, wider governance and jurisdiction? Like many other areas of modern IT and cybercrime, there is a huge number of legal, ethical and professional issues to consider. At the heart of this issue is an overriding responsibility to ensure that appropriate, effective and robust policies and technologies are in place to help manage the myriad risks and threats that we face.
Cybersecurity: Toward the Unknown?
As former U.S. Defense Secretary Donald Rumsfeld famously stated, “There are known knowns; things we know we know. There are known unknowns; some things we do not know. But there are also unknown unknowns—the ones we don’t know we don’t know.” And there’s the rub. The same goes for the state of cybersecurity today.
We can, however, make informed predictions and plans, researching and understanding the current threat landscape to take preventative action. That can mean working with external experts as needed and investing in practical activities such as security assessments, penetration testing, vulnerability scanning, security engineering, network segmentation and cyber resilience planning. Moreover, technologies and solutions already exist that can help us, providing more robust defenses and practical countermeasures to help mitigate the risk of whatever challenges lie ahead: the unknown unknown. In this never-ending game of cat and mouse, who wants to be the mouse?