Over the past year, the cybersecurity landscape has experienced significant transformations due to the rapid evolution of modern technologies and the growing prevalence of IoT devices. In a highly digitized nation like Australia, the number of cybersecurity incidences has continued to rise at an alarming rate. Prominent breaches, such as the 2022 Medibank and Optus data breaches, have left many organizations anxious about safeguarding their digital assets. The Annual Cyber Threat Report for 2021-2022 reveals that the Australian Cyber Security Centre recorded an astonishing 76,000 reports of cybercrimes, marking a 13% increase from the preceding fiscal year.
Additionally, the growing proliferation of IoT and edge computing has created vulnerabilities, making the protection of endpoints essential for maintaining data integrity, confidentiality, and availability while mitigating potential risks. This makes it crucial for businesses to prepare and stay vigilant of cybersecurity trends that may be exploited by attackers in the years ahead.
The Surge in IoT attacks
The rapid growth of the Internet of Things (IoT) brought about many benefits to consumers and industries, most notably in its ability to connect a diverse array of devices to the digital landscape. While there have been considerable improvements, many devices often lack traditional security measures such as firewalls, rendering them susceptible to cyberattacks. Furthermore, 2023 witnessed a record Distributed Denial of Service (DDoS) attack, exceeding predictions and hinting at the potential for even more severe attacks in 2024.
Emergence of Ransomware-as-a-Service (RaaS)
In 2022, Australia saw a significant surge in reported ransomware attacks, with over 1,200 incidents, indicating a troubling upward trend. These attacks are increasingly adopting double-extortion tactics, where cybercriminals not only encrypt data but also threaten to release sensitive information unless a ransom is paid. The economic impact is substantial, with ransomware incidents projected to cost the Australian economy up to $2.59 billion annually.
Cloud Jacking
The swift migration of data and infrastructure to cloud platforms has made enterprises an enticing prospect for cybercriminals. As a result, we’ve witnessed the emergence of a highly sophisticated threat known as “Cloud jacking.” This threat primarily targets public cloud services and involves exploiting unauthorized access to a company’s cloud infrastructure for financial gain and other nefarious purposes.
AI-powered Attacks
Artificial Intelligence (AI) has undeniably risen as a prominent force within the cybersecurity domain and is currently a hot topic in Australia. While there is active discussion on the potential applications of AI, it’s imperative to acknowledge that when used by malicious actors, AI can automate and amplify their harmful actions. Cybercriminals can leverage AI to identify vulnerabilities in target systems, streamlining the process of exploiting these weaknesses.
Supply Chain Vulnerabilities
The sensibility of numerous corporate supply chains makes them a deliberate focus for cyber-attacks, including phishing, ransomware, Denial of Service (DoS) attacks. In an era where businesses are increasingly reliant on a network of suppliers and collaborators, the growing sophistication of attacks leads to loss of data, finances and trust.
Amidst these rising threats, enterprises can improve their security strategy by implementing the following:
- Prioritise edge security and leverage AI to enable real-time data analysis at the edge to minimise bandwidth usage and reducing the risk of interception
- Conduct a comprehensive risk assessment to identify and prioritise potential internal and external risks and vulnerabilities that could impact the organisation’s security.
- Embrace Multi-Factor Authentication (MFA) to ensure that employees provide multiple forms of identifications to deter potential hackers.
- Adopt the Zero Trust approach, which mandates a verification of every device and user authenticity and privileges.
- Conduct regular security awareness training to educate employees about the latest cyber threats and best practices. IT teams should also be encouraged to do phishing tests to ensure that employees are vigilant in flagging suspicious links.
- Develop a well-defined incident response plan outlining the steps to be taken in case of a security incident.
- Establish a robust backup and disaster recovery strategy to safeguard critical data against cyber incidents like ransomware attacks or data breaches.
Putting user and consumer safety first is crucial. Staying updated on cybersecurity trends in 2024 is a proactive approach to stay ahead. Businesses should understand these upcoming trends and put in place essential security measures like the Zero Trust Model, MFA, and AI-driven security tools to maintain a competitive edge. The future of cybersecurity relies on our capacity to foresee and get ready for the constantly changing threat landscape, ensuring the security of our digital future.
John McCloskey is MD – ANZ at Lenovo ISG.
