In this episode of The Cybersecurity Insider, our host Yigal Behar tackles the seven biggest cybersecurity challenges looming on the horizon.
Learn what’s keeping the experts up at night and how to fortify your defenses against the cyber threats ahead.
1. Ransomware Attacks
According to Yigal, 2024 has already seen many cyberattacks. In the past three months, [they have] already handled quite a few.
Yigal recounts a recent incident where hackers stole passwords from a customer, including domain passwords. However, changing the stolen passwords rendered them useless. The hackers then tried to spread malware within the network, but they were stopped before causing serious damage.
Yigal notes that ransomware attacks are an ongoing threat and advised taking the following measures:
- Regular Backups: Back up systems daily, or even hourly if possible, as backups are the last line of defense against ransomware.
- Employee Training: Train employees to recognize and avoid threats like phishing and social engineering.
- Advanced Protection: Antivirus software alone is not enough. “You need something that will be able to handle threats that [are] actually already on your computer, ” he said, as hackers often use tools already installed on the systems.
2. Deepfakes & Disinformation
This part of the podcast is about the increasing danger of fake news and disinformation, especially during the 2024 American election year.
Yigal points out that deepfakes can be easily made and used to trick people, even when a lot is at stake, like trying to call and fool banks. Yigal expresses his concerns about the lack of countermeasures to stop deep fakes but remains hopeful that solutions will emerge.
3. AI-based Cyberattacks
As deepfakes are on the rise, so are AI-based cyber attacks.
Yigal acknowledges that AI is a major topic of discussion in business. He mentioned that the podcast will be doing a webinar on “How to use AI tools for your business” and how to improve business using these tools.
He says his team is using AI tools daily internally, both for developing new services and conducting market research.
However, Yigal warns that threat actors are also using AI tools, specifically large language models (LLMs), to develop more sophisticated attacks and evade detection. He points out that organizations must be prepared for these AI-powered attacks.
To combat these attacks from threat actors, Yigal advises that defenders need to use AI-based detection and prevention systems. He claims some companies are already implementing AI tools for defense. “As defenders, we need to use them more and see [to] find ways [on] how we can do this, maybe hire somebody to help us reprogram something” to leverage AI more effectively.
4. Advanced Persistent Threats (APTs)
The conversation then turns to the challenge of APTs, where hackers gain a foothold in a system and then try to maintain persistence for an extended period.
Yigal cites one example where a hacker was able to gain access by tricking an IT person into installing a malicious package disguised as QuickBooks. Once inside, the hackers will attempt to expand their foothold and access more parts of the network, even if the initial entry point is closed off. The hackers may remain undetected for months and carefully time their actions to avoid raising suspicion.
To defend against APTs, Yigal recommends having great tools to detect anomalies and suspicious activity on the network.
5. Internet of Things (IoT) Security
Yigal then directs his focus to another security challenge: IoT devices. IoT devices like printers often run web services, FTP, TFTP, and other services that expose them to potential attacks.
These IoT devices have a combination of hardware, software, and running services that need to be kept secure and up-to-date.
Yigal insists that it is critical to ensure IoT devices are updated with the latest firmware to patch vulnerabilities and maintain security.
He recommends segmenting IoT devices from the main data network, as many companies make the mistake of putting everything on one network. “If you’re using VoIP (Voice over Internet Protocol), you segment it from your data network. We see this time and time again where IT people, IT companies, what they do [sic] MSPS, however they are, they just do everything in one place, network, and then guess what, you have a problem.”
That said, having IoT devices on the same network as sensitive data can lead to problems, as IoT devices may not be as secure. So, segmenting IoT also improves performance for voice and video calls, as the IoT traffic is isolated.
6. Growing Threats to Critical Infrastructure
Yigal also identifies securing critical infrastructure systems as one of the major recurring challenges for 2024. He specifically mentioned water systems and power grids as examples of critical infrastructure that must be secured.
According to Yigal, many critical infrastructure systems are running outdated software and using outdated devices. Updating these systems is difficult due to compatibility issues with existing equipment and software.
To enable remote management, many critical infrastructure operators expose their systems to the Internet. However, this creates more vulnerabilities and attack surfaces that are exploited by threat actors.
7. Legal & Regulatory Challenges
Yigal rounds off the list with legal and regulatory challenges. This discussion focuses on the growing number of regulations that businesses, especially those handling critical infrastructure like hospitals and power grids, must follow.
He points out that we will see more of these regulations, especially from agencies such as the FTC (Federal Trade Commission) and SEC (U.S. Securities and Exchange Commission). There are also regulations on data privacy (General Data Protection Regulation) and on AI (Artificial Intelligence Act).
He stresses the importance of following these regulations. He gives an example of a cyberattack on a healthcare company called Health United. This attack caused problems for doctors and dentists, who couldn’t get paid for their work because they couldn’t file insurance claims.
Yigal finishes by saying we should expect even more of these regulations in the future.
Customer Is a Top Priority
Cybersecurity threats are real and growing. The seven areas discussed pose considerable risks to both businesses and individuals, demanding our immediate attention.
Yigal’s understanding of the issues and advice demonstrates how important it is to stay informed and prepared to deal with cyber threats. His top priority is taking care of his customers, and a big part of that involves helping them with issues like online attacks and investigations.
Before wrapping up the podcast, he shares an interesting example of a client who had their identity stolen and was worried about it affecting their business.
Yigal’s advice to deal with both identity theft and business problems at the same time shows that cybersecurity professionals need to think about all parts of a problem when trying to solve it.For the latest cybersecurity news, in-depth analyses, and actionable tips to protect yourself and your business, be sure to subscribe to The Cybersecurity Insider podcast, available on YouTube, Apple Podcasts, and Spotify.
