These days, every organization comes up against cybercriminals. Each new device, user or data point expands the attack surface, giving threat actors more opportunities to compromise environments. At Palo Alto Ignite ’22, hosted by Palo Alto Networks, threat intelligence experts recapped the biggest threats of 2022. Ransomware and business email compromise (BEC) were the top two incident types, followed by phishing and software vulnerabilities.
In a December 14 session titled “Understanding the Threat Landscape,” Ryan Olson, vice president of threat intelligence at Unit 42 explained why these threats, particularly ransomware and BEC, are so pervasive. He was joined by Wendi Whitmore, senior vice president at Unit 42, and Sam Rubin, vice president at Unit 42.
Click the banner below to receive exclusive data analytics content when you register as an Insider.
The Most Rampant Threats of 2022
In the past year, 96 percent of CEOs and executives experienced security breaches, according to a global survey conducted by Palo Alto. The speakers detailed the four biggest attack types of 2022 as defined in that survey, ranked by impact.
Olson noted that ransomware increased in 2022. Once hybrid work became the new “status quo,” Olson said, “unsecured third-party devices were being used everywhere, and a massive shift to multi-cloud environments left cybersecurity teams scrambling to secure more cyberthreats than ever.”
This shift left organizations more exposed, making it easier for hackers to attempt deployment of enterprise-wide ransomware. Threat actors can spend an average of 28 days in a targeted environment before being detected, according to Unit 42’s 2022 “Incident Response Report.
2. Business Email Compromise BEC
BEC hacks cost companies over 43 billion dollars this year, according to Whitmore. Olson added that Unit 42 tracked at least 19,000 BEC cases in 2022. BEC is “relatively easy to misjudge because it operates under the radar,” Whitmore said.
Essentially, an outside hacker will write an email to a person inside the organization requesting access to the network. The hackers will then get an accounting rep to authorize a fake invoice to transfer payment to them. “Out of all the scams, this one is really embarrassing,” Olson said, and business leaders often are reluctant to talk about it.
The percentage of CEOs that experienced security breaches in the past year
Source: "What's Next in Cyber," a 2022 Global Survey conducted by Palo Alto Networks
Phishing is very similar to BEC. It is also designed to trick employees into inadvertently giving privileged information to criminals. With employees working on a variety of devices today, hackers are trying distinct strategies on each platform. Here are the three types to watch: 1) Vishing scams which occur via voice email, or VoIP. 2) Smishing scams which occur via SMS text messages and 3) pharming scams when a malicious code is installed on your computer.
4. Software Vulnerabilities
Hackers typically exploit software vulnerabilities in companies that lack multifactor authentication on internet-facing systems, such as corporate webmail, VPN solutions or other remote access solutions.