Cybercriminals are persistent and determined. These are great qualities to have in a technical field, but for your organization, it means risk and threats are never static. They are always changing, evolving their techniques to exploit weaknesses and vulnerabilities. As a result, your cyber team must as well. You can’t use the same methods against new challenges.
While some of this upskilling is technical, much of it involves soft skills and developing the attributes that enable flexibility, proactiveness, and perseverance. In this post, we’ll review trends related to cybercriminals and their approaches and discuss ways to arm your technical folks with the right skills to win the cyber war.
Cybercriminals diversify their attacks and find new avenues to pursue all the time. The trends in cybersecurity relating to their approaches offer some insights for cybersecurity professionals.
Vulnerable Entry Points Are Attractive Targets
The proliferation of IoT (Internet of Things) devices has been a monumental implementation for many industries. They collect data for various applications that deliver intelligence to organizations, including health care, manufacturing, and retail.
For all the benefits they bring, they are also the most vulnerable endpoints. Cybercriminals are becoming IoT experts and have infiltrated these devices and been able to transfer between them. It’s familiar ground for hackers to find out how to endanger security through something that helps businesses operate based on data-driven decisions.
The QR Code Comeback
Cybercriminals look for ways to use technology trends to plan attacks. QR codes have been around for some time and had a resurgence during the pandemic, including scanning them for menus. Advertisers use them in CTV (connected TV) and broadcast TV ads, prompting users to scan them while watching. A Super Bowl commercial in 2022 for Coinbase featured a QR code (and not much else). It was so popular that the site crashed.
Hackers follow consumer preferences and create malicious QR codes that direct people to fake sites.
Ransomware Keeps Adapting
Cybercriminals invested lots of time and energy into ransomware attacks in 2022. According to data, ransomware increased by 13% in 2022. Cybersecurity has great concerns over ransomware, as many organizations experience it regularly, some with dire consequences, such as disrupting healthcare delivery.
The attraction to this method is the money. Many businesses have paid the ransom to retrieve access to data. Even those with backups and mature cybersecurity defenses can be a victim. The adaptation of ransomware occurs as hackers attempt to breach networks.
Hackers Expose Multifactor Authentication Shortcomings
Multifactor authentication (MFA) has been a tenet of cybersecurity and access control. The premise is to require more than a password, but hackers have found ways around this. One example is an attack created by Lapsus$ and Yanluowang threat actors. It bypasses the MFA framework through spamming original account holders, referred to as MFA bombing, MFA spamming, or MFA fatigue. It’s worked successfully in incidents involving Microsoft and T-Mobile.
Phishing and Social Engineering Are So Sophisticated
The earliest days of phishing were almost comical in delivery. The misspellings and awkward phrases were easy to spot. That was long ago, and hackers are more advanced and sophisticated in social engineering efforts.
It hinges on manipulation and the receiver believing the hacker is truly someone else. More of this is happening at the business level, with employees receiving communications from leadership asking for help. This email spoofing to impersonate others has become very effective. Hackers also use multiple channels, including email, SMS, SIM jacking, and piggybacking.
There has also been an increase in the use of Google properties for phishing. Millions of people use Google Drive and Google Ads for business. Hackers are attempting to “share” documents, “tagging” in the comments of documents, or inviting you to access a Google Ad account. For many, it would seem a logical email to receive and click, and that’s what hackers are counting on them doing.
Cybercriminals Focus More on Smaller Fish
Most of the headlines about cyberattacks involve well-known companies. It’s more newsworthy since these can cause outages and downtime and impact millions. However, most hackers don’t put a target on these whales. Smaller fish are easier to penetrate, and many have valuable data. Small- and medium-sized businesses (SMBs) often have less robust cybersecurity protocols and may be dealing with being understaffed as well.
It’s an ideal scenario for hackers eager to infiltrate a network and take control. The result can be a data breach with the aim of selling these assets on the dark web or ransomware. SMBs are highly aware that they are a target but lack the resources to combat them in many cases.
Cybercrime as a Service Lowers the Barrier to Entry
A new phenomenon, cybercrime as a service, is another troubling hacking trend. Hackers are for hire, so bad actors no longer need technical aptitude. Rather, they can find a cybercriminal on the dark web to do their bidding. These groups operate like legit businesses in many ways, with developers and engineers.
Seeing the commoditization of cybercrime is a concern for tech teams. It’s increasing the number of attacks, and their sophistication is improving daily.
As you can see, hackers never rest on their laurels. They evolve their methods consistently to reach their goals. It’s the same approach the good guys should also take. Here’s how to keep pace with cybercriminals.
Keeping Pace with Cybercriminals; Cyber Professionals Must Adapt Too
Developing your team’s capabilities and expanding them should be a priority for you as a leader. Such a strategy involves both technical and people skills. Focusing on continuous improvement is a requirement to outperform today’s hackers. Here are some critical steps you can take.
Being Proactive versus Reactive
A lot of cybersecurity is reactive. It’s how you’ll respond to a threat or attack. All that’s necessary. You have to have a cyber resilience and contingency plan in place. It can often overshadow being proactive, which is something organizations find difficult.
The barrier to being proactive is not so much technical failures. Much of the time, it’s the people and the way they communicate, collaborate, and operate. Cyber professionals tend to think in black and white and crave certainty. There’s much fear around what they perceive as new territory, so they stay set in their ways. As a result, you incur more risk because there’s limited exchange of information or ideas.
To be more proactive, you’ve got to break down those silos and create an environment where communication and collaboration are a priority. You must be an example and find ways to hone these people skills through exercises and other activities. If everyone’s not on the same page, you’ll be stuck in reactive mode, which gives hackers an edge.
Creating a Cybersecurity Culture
A cybersecurity culture, in this respect, alludes to the principles and values of your technical team. Building a team that can swiftly adapt requires healthy people skills, including communication, awareness of self and others, trust, a growth mindset, and empathy. It may seem daunting to pursue this, but it’s critical in the cyber war.
When these things are absent, your company increases risk. The environment may be toxic, with bullying, posturing, and disengagement. Any hacker would love to attack such an organization, so it’s critical not to be one of these!
Constructing and maintaining this culture requires several key elements:
- Employees need to know that their contributions matter and how they align with the company’s goals and wins.
- Encouraging the growth of each individual and acknowledging their improvements.
- Continuous development of strong communication skills, including what people say, how they say it, and how they listen.
- Removing self-centered thinking patterns and embracing cognitive empathy.
Cyber professionals understand innovation, often more from a technical lens. That’s crucial, but a culture of innovation is where new ideas thrive. If you open up your team to operate this way, many great things can happen regarding security. One way to make it front and center is to define what innovation means to your team and discuss ways to sustain it over time.
There is often a misnomer about security being the downfall of innovation. That’s not true, and the two can work in tandem, such as in the framework of DevSecOps. There should be a constant link between security and innovation. It’s a continuous cycle of improvement that enables better results, which are easy to understand for technical folks.
Cybercriminals vs. Cyber Professionals: Winning the War
On the battlefield, cybercriminals and cyber professionals are at war. Cybercriminals have had many advantages, much of which are due to their constant evolution and adaptability. Keeping up with hackers involves cyber professionals doing the same thing.
With these tips, your team can forge ahead. You can find more advice and resources for this in my book, The Smartest Person in the Room, which features the Secure Methodology™, a seven-step guide to transforming technical people into better communicators and collaborators. Get your copy today.