In this episode of The Cybersecurity Insider podcast, host Yigal Behar discusses the cybersecurity challenges that organizations are likely to face in 2023.
From advanced persistent threats to artificial intelligence-based attacks, this episode covers the security risks that businesses need to be aware of.
Advanced Persistent Threats
First, Yigal focuses on the growing threat of advanced persistent threats (APTs). APTs have long been a concern, but their sophistication is increasing at an alarming rate. These threats are no longer confined to large corporations; small businesses are equally vulnerable.
The use of machine learning and AI in cyberattacks makes them even more difficult to detect, even with advanced security tools.
According to Yigal, recent months have seen several cases in which these techniques were used successfully.
AI In Cyber Warfare
Yigal then contends with the growing role of AI in cybersecurity. While AI has been discussed for years, its capabilities have recently taken a huge leap forward.
Both defenders and attackers use AI tools now that turn cyberattacks into fights between machines, or even humans and machines working together. It makes us wonder who will prevail in this new kind of scenario.
Yigal mentions using advanced and better solutions to stay safe online. He believes many organizations may be unaware that their current security solutions are outdated and need an upgrade. Education and awareness are crucial to staying ahead in this escalating arms race.
He relates to the urgency of the AI issue, stating that it’s not a future problem but a present reality. He encourages listeners and viewers to educate themselves about AI and explore tools that can help mitigate the risks.
The IoT Threat Is A Growing Vulnerability
Yigal then shifts focus to the massive challenge posed by the proliferation of Internet of Things (IoT) devices. These devices, such as security cameras and printers, are often connected to home or office networks without much thought given to their security implications. He compares them to a vulnerability in an army’s defense, providing attackers with easier entry points.
Yigal draws upon his military experience to illustrate how attackers exploit these vulnerabilities to infiltrate networks. He mentions a recent vulnerability in QNAP devices as an example of this ongoing threat.
There is a need for immediate patching of QNAP devices exposed to the internet. He urges users to avoid delaying updates and to take additional security measures like disabling unused accounts, implementing multi-factor authentication (MFA), and using strong, unique passwords.
Yigal also points to the growing concern of cyberattacks on internet-connected cars. Whether it’s a Tesla or another brand, these vehicles are susceptible to hacking.
Cloud Security Concerns
Yigal segues into the topic of cloud security, expressing his reservations about the cloud in general. On-premise systems can also be attacked due to misconfigurations, but he questions the security of cloud configurations.
Despite trusting cloud providers to protect data, the ultimate responsibility for security rests with the users themselves. Yigal cites examples of major cloud providers like AWS, Google, and Microsoft Azure; while they provide platforms for running applications and processing data, they do not guarantee the protection of the data itself.
Security Measures For Cloud Environments
Yigal discusses the measures taken by Microsoft to protect Exchange Online, noting their decision to block emails from unpatched on-premise Exchange servers. This approach is a positive step in protecting Exchange Online and its users.
He then points out that despite assurances about data storage locations, users ultimately lack control over their data in the cloud. Unlike on-premise systems, where physical access can be restricted by unplugging wires or turning off servers, cloud data is vulnerable in a different way.
Companies must invest in advanced tools that provide visibility into data and configurations, especially since some cloud applications have default settings that may not be secure enough.
Yigal uses Exchange Online to show how cloud security can be complex. He explains that it comes with basic settings that are not secure enough. Depending on the subscription level, users might have limited or extensive security options, but these often require additional configuration and expertise.
He stresses using strong security measures like encryption and threat detection tools. He notes that many cloud security solutions exist, but choosing the right ones and setting them up properly is key.
The Ransomware Epidemic
Yigal shifts the conversation to the pervasive threat of Ransomware attacks. Ransomware has been a recurring topic on the podcast and is frequently featured in the news. He understands the frequency of these attacks, observing them almost daily in his newsfeed.
He then explains that attackers use malware, stating that “it’s a special software that uses a key to encrypt the data and then to get your data back, you need to pay them in Bitcoins or other cryptocurrency to get the key to decrypt the data.”
He notes the increasing sophistication of these attacks, as cybercriminals now use machine learning and AI tools to identify vulnerable organizations to target.
The Repeat Victimization Problem
Yigal recounts a recent encounter with a customer who had suffered two Ransomware attacks within a year. This shows a worrying pattern where organizations that have been attacked before are often attacked again.
He explains that attackers assume these organizations haven’t learned from their past experiences and haven’t taken the necessary steps to strengthen their security. This makes them easy targets, or as Yigal puts it, “sitting ducks”.
Yigal shares a case study about a jewelry store that suffered a Ransomware attack. It took the store 71 days to recover and rebuild from scratch, representing a huge loss for the business. He questions why anyone would allow themselves to remain in such a vulnerable position.
Mitigating Ransomware Risks
Yigal offers advice on mitigating Ransomware risks:
- Have good backups.
- Change passwords regularly.
- Install patches promptly.
- Conduct risk assessments and vulnerability assessments.
- Identify and address your weakest link.
- Train employees to detect phishing attacks.
- Be cautious of credential attacks that can compromise active sessions.
- Beware of opening suspicious HTML files that can exploit existing sessions.
Yigal places importance on being aware of the various tactics attackers use, from email attachments and links to social media, and stresses the need to train employees to recognize and avoid these threats.
Cybersecurity Challenges & Solutions
Yigal ends his podcast with the following key points about the cybersecurity challenges of 2023 and beyond:
- Cyber threats are continuously evolving at a rapid pace.
- Organizations must invest in advanced security technologies.
- Artificial intelligence and machine learning capabilities are crucial for protection.
- Strong defenses for IoT, cloud, and Ransomware are essential.
- Maintaining multiple backups in different locations is critical.
- The case study of a Ransomware attack emphasizes the importance of backups.
- These measures will help protect against advanced attacks in 2023 and beyond.
Yigal notes that the ever-changing nature of cyber threats requires a multi-faceted approach to security so that organizations can better protect their networks and data in the coming years.
For more expert analysis and practical tips to protect your business, tune in to The Cybersecurity Insider podcast. Subscribe and join the conversation on YouTube, Apple Podcasts, and Spotify to never miss an episode.
