Digital transformation investments in the region are projected to hit US$921 billion in 2024, with many organizations continuing to adopt new technologies in 2022. However, the number of cyber-attacks correspondingly saw an increase, with new vulnerabilities being revealed across fast-growing digital environments.
According to Kroll’s latest APAC State of Incident Response, 2022 saw more than 59 percent of organizations in APAC encountering a cyber incident, in which one-third suffered multiple incidents. Lumen Technologies also recently stopped a large 1+ Tbps attack from disrupting a gaming service hosted by a telco. With the growing emergence of threats and vulnerabilities, organizations must shift from a reactive to a proactive approach toward cybersecurity in the digital-first era.
Proactive security pre-emptively finds, identifies, and addresses inherent security vulnerabilities within an organization’s IT system before bad actors can exploit it. To deter threats and mitigate attacks, it is imperative for organizations to ‘See More, Stop More’, I.e., continuously assess vulnerabilities and keep a lookout for threats.
As such, here are some useful cybersecurity trends for 2023 to take into consideration, that can help strengthen organizations’ security posture.
People are our Achilles heel
As the saying goes, a chain is only as strong as its weakest link – and so too is the security of an organization. Threat actors tend to look for low-hanging fruits in areas in which they are more likely to discover exploitable vulnerabilities that require less effort to leverage. These could be vulnerabilities in firewalls, unprotected endpoints or IoT devices, or weaknesses in applications that are visible to the world. The majority of the time, the weakest link is people.
Employees, users, technical support personnel, or even suppliers and vendors, are vulnerable to falling prey to social engineering attacks. For example, consider social engineering, in which the adversary uses social manipulation to find a way to break into a system – the attacker may contact a service representative employee, pretending to be a sincere-sounding customer.
As human beings, we are susceptible to the 3Ms (Mistakes, Misconfigurations, Mismanagement), and there is a need to secure the weakest link. Build a human firewall; establish sound policies and practice the principle of least privilege; continuously train, educate, remind, and ensure employees and users are aware of the dangers.
Rise of Advanced Persistent Threats (APT)
APT adversaries are usually sophisticated, using a variety of stealthy and advanced techniques for initial compromises, such as phishing campaigns, to deliver backdoors or web server exploitation. They are capable of evading detection and are usually experienced cybercriminals targeting high-value organizations for financial gain, cyber espionage, or hacktivism.
Many APTs are state-sponsored groups and are responsible for many of the incidents related to data breaches of high-value targets. The dwell time in these attacks is usually longer, i.e. the compromise remained undetected for an extended period of time. The targets do not only include government bodies, but also businesses such as government-linked companies – especially in an increasingly polarised world filled with geo-political frictions.
Technical controls in deploying detection capabilities for full visibility across their environment and endpoints will help to avoid blind spots that can become a haven for this threat. Threat intelligence – through partnering with a best-of-breed MSSP – is also important for proactive security to mitigate APT risks, through threat actor profiling, campaign tracking, and malware family tracking.
Cyber supply chain risk
Businesses are much more interconnected today than ever before. There is greater reliance on a diverse pool of suppliers, vendors, distributors, and manufacturers, in the products and services used. However, with this comes an increased inherent cyber supply chain risk from external parties.
Supply chain risks will grow as threat actors seek out the weak points and look for ways to infiltrate the supply chain by inserting counterfeits, tampering with source codes, and insertion of malicious software and hardware, with the aim to target the mass market.
Managing cybersecurity risks in supply chains requires ensuring the integrity, security, quality, and resilience of the supply chain and its products and services throughout its lifetime. This can be done by identifying the cyber supply chain, understanding cyber supply chain risk, setting cyber security expectations, auditing for compliance, and monitoring and improving cyber supply chain security practices.
DDoS impact on Business Availability
Global geo-political events in 2022 have further complicated the threat landscape, with the US-Sino relations deteriorating and Russia’s invasion of Ukraine acting as a catalyst for further polarization of the underground.
During the first half of 2022, there were increased attacks on government bodies, financial institutions, and healthcare institutions. For 2022, we have observed spikes and lulls in Ransom DDoS, as such attacks become more seasonal this year. Dry periods will likely be followed by a flurry of activity—with attackers opting for a shock-and-awe campaign. Major attacks will also likely inspire copycat activity.
There were more sophisticated multi-vector attacks, and this is foreseeable to continue throughout 2023. It is not surprising to expect growth in Layer 7 attacks, leading to the need for web application protection and bot management to protect new application-driven revenues.
Conclusion
Today’s cybersecurity landscape is ever-evolving for both individuals and businesses alike, as cyber criminals perpetually look for means to penetrate digital infrastructures and systems. With many businesses still in the midst of digital transformation, they must be agile and always prepared for potential attacks in their evolving business models, be it on their cyber supply chains or cloud services.
As organizations typically lack the resources to implement proactive security controls, they must turn to a top-class MSSP to guide and help them achieve their desired security posture.
Through excellent technical expertise, MSSPs – like Lumen Technologies – can build effective proactive security strategies that align with organizations’ business goals. From our perspective, it should not be ‘set it and forgot’ – we’re focused on helping customers transform their cloud and network infrastructure, simplifying the way they manage data and applications, and securing the entire IT environment.
Only then can MSSPs transform, simplify and secure businesses’ digital journeys, empowering them with capabilities to innovate and create better products and services for end-consumers.
Cheah Wai Kit is Senior Director, Product Management and Security Practice, Asia Pacific at Lumen Technologies.
TechNode Global INSIDER publishes contributions relevant to entrepreneurship and innovation. You may submit your own original or published contributions subject to editorial discretion.