Who is Danny/Shutterstock.com
In the cybersecurity and cyber threat climate today, there is no question about the fact that the
the threat landscape is substantial today. A concise explanation of the threat landscape is that first of all it is rather self-explanatory, in that the term points at the developing methods, growing surface as well as attack frequency and severity of cybercriminal cybercrime. We will delve into what exactly a threat landscape refers to, dive into real-world examples as well as explain some background on cybersecurity too in the next sections. Before we do that, it is important to go over some background details on cyber incidents, in general, to set up a precedent before talking about the threat landscape in detail. To set up a framework on the threat landscape, let’s talk about some analysis and research from industry forerunners in statistics, as well as analysis obtained from top cybersecurity institutions.
Data reveals that since last year, there were 700 cyber threat incidents that resulted in more than 20 billion sensitive records being exposed online, globally. More than 30% of data breaches were caused by some variant of a ransomware attack, while around 15% of the attack factored into what are called phishing scams and BEC or Business Email Compromise incidents. Furthermore, the industry recorded a slow but steady increase of a couple of percents each year in CVEs or Common Vulnerabilities and Exposures. Even still, over 30% of businesses are not prepared either technical infrastructure-wise or regarding the readiness and knowledge of employees for modern cyber attacks. A cyber attack now takes place approximately every 10 or so seconds, and most of this goes under the radar, so company oversights are inevitable in an essentially unprepared sector where over 90% of cyber incidents take place due to human error.
The threat landscape refers to the overall portrait and presence of cybercriminal threats that exist on the internet today, posing a risk to both the ordinary individual up to the highest tier organizations. Because access to the internet is so widespread and open-ended today, not to mention the billions of active connected devices and countless servers that hold critical data, the threat landscape grows more dangerous every second. Cybercriminals’ attack vectors (methods), attack surfaces (entry points) develop, expand, and are gaining in severity each day. As an example, a not-so-sophisticated or dangerous cybercriminal (fraudster let’s say) can set up a phishing website where he/she can lure users onto an illegitimate website and exfiltrate their credentials. In this case, the attack vector is compromising private credentials via phishing and the attack surface is that vulnerable point in the company system infrastructure.
Cybersecurity is an industry that provides solutions and knowledge for the defense of any device or system connected to the internet. It comprises anything from a simple antivirus or antimalware solution, secure enterprise routers to knowing what a Virtual Private Network or VPN is and how to use it. Cybersecurity measures are there to combat any internal or external threat to applications and networked systems. Cybersecurity also involves the training of employees to be prepared for the above, and general awareness of cybersecurity in the public domain. It is a growing industry, especially after 2020 where remote workforces and vulnerable systems (as well as supply chains) were exploited by hungry cybercriminals looking for the quickest profit (ROI or Return on Investment).
Perhaps the greatest change to the threat landscape ever since the dot-com bubble in the early 2000s happened last year, with the unprecedented global changes following the Covid-19 pandemic. 2020 brought with it completely new threat vectors and even exploited/disrupted covid-19 vaccine supply chains. Worse than that, central governments and intelligence agencies were successfully hacked and had their data completely compromised without their knowledge. The domino effect of a high-level organization breach is that hundreds of thousands or even millions of customers’ data will be compromised. Cybercriminals, therefore, exploited millions of people as well as thousands of organizations in 2020. They exploited uncertainty, fear and took full advantage of a frantic, distraught internet space. Some call 2021 the post-lockdown era, and with tired organizations fraught with problems and reduced budgets, cybercrime is indeed still rampant. Here is a picture of the current threat landscape in 2021 and what types of malware or techniques are out there;
Concerning the future, some of the above cybercrime scenarios will remain rampant, some will evolve, while new concerns are also on the horizon. As time passes and the internet grows and advances, cybercriminals will likewise update and expand their TTP portfolio (Tools, Tactics, and Procedures or attack vectors and surface as mentioned earlier).
By the end of this year, we are looking at over $6 trillion in financial cybercrime damages. The industry also predicts that next year, there will be a cyber incident every 6 seconds on average which is several times what it was in 2016. As far as what research shows concerning future cyber attacks this decade, we will be seeing the following;
What is the industry planning to ease some of the tension around these cybersecurity worries and risks going forward? Well, the mindset is a sort of better-late-than-never approach. Many organizations are transferring to hybrid cloud solutions and away from the public cloud where security is compromised. Also, organizations are moving away from preventative security architectures to resilience security architectures. As far as employment and educational trends, cybersecurity positions are among the highest-paid in the industry today, and cybersecurity degrees are in high demand. So, the future of the threat landscape does look grim, however, organizations are increasing their budgets for cybersecurity personnel that know how to use complex tools and run security operations, analytics, and monitoring of an organization’s cybersecurity framework. Hopefully, novel encryption techniques and AI defense systems (or even quantum systems in the distant future) should curb cyber incidents by a significant amount. Tightened security controls, monitoring systems, and most important cybersecurity awareness and education should further fix a lot of leaks in the industry making cybercriminals’ life difficult.