Organisations Beware of Bot Attacks, Insider Recruitment and Security Gaps in Cloud Services in 2023
November 22, 2022With cybercriminals becoming more savvy and inventive year after year, in 2023 and beyond, organisations can expect to continue dealing with largely the same threats they face today – but the difference will be that the criminals would have found ways to optimise the effectiveness of their attacks using the advancements in technology and better execution methods. Manuel Sanchez, Information Security and Compliance Specialist, iManage, offers his view on a few developments that organisations should look out for in the coming year:
- Bot attacks at scale
Ransomware, phishing and social engineering attacks are some of the most common cybersecurity threats, today. In the case of social engineering, typically the bad actors would gain access to personal information and secure systems by exploiting human weaknesses. However, targeting and engaging with a victim takes time and can only be done one victim at a time.
With bot technology gradually advancing, these bots have the potential to undertake such attacks more efficiently, and at scale. Whilst presently we can tell when we are interacting with a bot, it’s only a matter of time before bots become sophisticated enough to make it difficult for us to tell the difference. Imagine how easily an attacker could target all users in an organisation, with legitimate access to sensitive information and company systems – working in a remote/hybrid environment. Scary thought.
- Insider recruitment by cyber criminals
We have long talked about accidental, non-malicious insider threat activity. These are caused by employees who tend to ignore security policies unknowingly, or inadvertently email confidential information to an external party, or fall victim to a phishing attack. However, increasingly, cyber criminals are beginning to target employees to surreptitiously recruit them as insiders, privately offering financial enticements to hand over company credentials, and access to systems where sensitive information is stored. This approach isn’t new, but a decentralised work environment makes it easier for criminals to engage with employees through social channels for instance, as the employee does not feel that they are being watched as they would in a busy office setting.
- Security gaps in misconfigured cloud services
As more and more organisations move their systems and applications to the cloud in 2023, criminals know that this increases the chances of more exposed systems that may not have been configured correctly. Cloud services include a multitude of security features that need to be activated to provide a high level of protection to the data residing in these systems. If not done properly, this could allow highly sensitive data to be easily accessible via the internet. And bad actors know this.
Organisations need to start revisiting their approaches to people, processes and technology to prepare them for new threats, like the ones mentioned above, or any unprecedented global events that would impact the way of working.
Leadership teams can start by reviewing their security policies and assessing how these are enforced, and whether these are clearly understood by their employees. Also, evaluating how technology is performing in assisting employees to abide to internal policies is essential, especially if this is creating barriers and employees try to find alternative ways to get their work done. Regular security awareness training can help to reinforce employee good practices too.
Leaders should look to instill a positive security culture, so that employees think and act in a security-conscious manner, as a matter of routine.