Cyber security threats and the changing attack surface
SMEs, Enterprise, organisations and governments have been rapidly transitioning to a cloud-based infrastructure to manage everything from products and services, to systems, tools, and machinery.
This has resulted in an ever expanding cyber attack surface with potential vulnerabilities that cyber criminals can exploit for monetary gain, or to access valuable data and infrastructure.
Latest figures show that cyber crime is set to reach $10.5 trillion a year by 2025 but the risk isn’t just financial. Reputational or legal – even human life and safety are at stake as we saw in the recent NHS 111 attack. With cyber threats on the rise, it’s therefore no surprise that the UK Government is now on ‘high alert’ preparing for a new wave of potentially devastating Nation State-led cyber-attacks, particularly towards our critical infrastructure like healthcare and utilities.
What’s more, the form of many of these attacks is rapidly changing. While some threat actors are stealing and ransoming data, others are encrypting entire networks and disrupting key infrastructure such as medical care, leaving many businesses struggling to keep their organisation and data safe.
So, what cyber trends are we likely to see in 2023 following this surge in internet crime?
1. Increase in API attacks
Reports reveal that 95% of companies have had an API (application programming interface) security incident in the past 12 months, with API attack traffic growing by 681%. As a result shows that API vulnerabilities cost businesses up to $75bn annually. This means that we’re now facing a new type of threat that uses APIs as a primary attack vector. Another study shows that API vulnerabilities cost businesses up to $75bn annually. This means that we’re now facing a new type of threat that uses APIs as a primary attack vector.
These attacks are sophisticated and disruptive and have already spread across multiple industries. According to a Gartner report this is the year that APIs will have become the leading attack vector for enterprise web applications. As businesses continue to move more of their operations to the cloud and more data moves into APIs, we’ll see a big increase in API-based attacks.
Each organisation must take careful measures to secure their APIs at every level, including protecting them against external threats and insider misuse; otherwise, they risk exposing themselves to potential breaches. Take the LinkedIn breach for example, in which a malicious actor was able to scrape LinkedIn to download data of approximately 700 million users, then offer the data for sale on the Web. This data, which included email addresses and phone numbers, was a potential goldmine for hackers wanting to target high-level executives/finance personnel in advanced phishing attacks.
To reduce the risk of API-based attacks, businesses can start by applying zero trust principles to API security. Application security teams should empower their endpoints equally to a state of threat prevention across all three – authentication, authorisation and threat prevention.
2. Re-prioritising of cyber security measures
It’s likely that in 2023 we’ll see more organisations reprioritising their cyber security measures based on the results of regular, monthly vulnerability assessments of their entire estate. This is essential to any cyber security strategy by helping detect new vulnerabilities and ensure they are prioritising the most critical areas of security on their network.
Prioritise vulnerabilities by concentrating on issues that firstly, are accessible to the largest number of potential attackers, and secondly, would have the largest impact if exploited.
3. Organisations re-assessing methods of data storage
When analysing the growth of cloud vs. data centre vs. hybrid estates, several factors come into play.
A company’s size, resources, and the number of applications they use have shown to be determining factors in each model’s adoption and subsequent expansion. Companies have different needs when it comes to hosting software and applications. Large companies typically have the money, staff, and resources to set up a data centre or hybrid environment. Start-ups prefer the cloud for its affordability and ease-of-use. This is reflected in the growth of cloud-based storage representing a 41% YoY increase, thanks to it being considerably cheaper, more accessible, and easier to set up.
But while public cloud providers have made it easy to use modern software tools, the shift to the cloud has led to big cyber security challenges. Customers are no longer in full charge of their own cyber security, rather, software developers exert far more influence in cyber security decision-making. This paradigm shift, from traditional, on-premises security to cloud based operations, creates more opportunity for hackers to find gaps and worm their way into a company’s digital estate. Whereas previously, businesses operated within their own ‘fort-knox’ or ‘walled castle’ – where their network and applications were secured and controlled solely by them, therefore reducing the chance of a breach.
It’s no surprise then that, with the rapid rise in organisations moving to public cloud, an IDC survey of 200 security decision-makers in the U.S found nearly all (98%) of the companies surveyed had experienced at least one cloud data breach in the past 18 months, compared to 79% last year.
So, will we see a switch back to hybrid or data-centre storage for some companies? Likely so especially for those who weigh up the pros and cons of the inherent risks of having cloud-based data storage, which requires far more cyber security measures than it once did.
The basics of good IT hygiene is a must. Apply zero trust principles to API security, conduct regular vulnerability testing, reorganise your cyber security measures, and for some, a reassessment of your mode of data storage. This will all help to keep your castle secure and the threats out.