In the Middle East, cybercriminals heavily targeted the services, defence and energy sectors. Globally, the services sector claimed 33 percent of all attacks, the CyberRes Galaxy 2022 Annual Report found.
“The year 2021 smashed all records in terms of the sheer number of cyberattacks on government entities, private-sector organizations, and individuals. While several new threat actors emerged on the cybersecurity threat landscape in 2021, the existing ones also adopted more advanced tactics, techniques, and procedures (TTPs) to enhance the effectiveness of their operations,” the report found.
Espionage, socio-political, criminal, and personal are all motivators for cybercriminals. In some cases, cyber espionage is carried out simply to stain the reputation of the targets by leaking dubious business practices or private information.
The motives are relatively static, but as technology advances, so do criminals’ tactics. Greater advancement in technology means there is a greater need to tie up loose security ends. Without constant monitoring, the threat landscape will continue to evolve.
Now, some hackers are finding their way around security systems without the expertise previously needed.
“Service-oriented threat actor groups continue to increase and their tactics are becoming more precise. One of the major changes is the nature of the attacks. They are becoming far more service-oriented (“phishing as a service”), allowing attackers who might not have the required technical abilities to still carry out attacks,” the report found.
And tech advancements continue to present new opportunities for hackers.
“In 2021 cloud misconfigurations were widely exploited. Several campaigns leveraged vulnerabilities that were discovered during supply-chain attacks. And, triple extortion techniques caused a significant impact due to the threat actors targeting victims, clients, and customers,” the report found.
Digital payments, another relatively nascent and fast-evolving technology, has provided hackers with an opportunity.
“Even though digital payments offer convenience to the consumer, they pose a higher risk if not secured in the right way,” the report found.
Security pros continue to detect and eliminate threats from malicious actors in an ever-evolving landscape. One way they’re doing this is through public-private partnership.
“Public-private partnerships are becoming strategic cybersecurity tools. Cybersecurity-related complaints have tripled during the pandemic. With the increase in threats, governments cannot address all the threats themselves. Instead, they are collaborating with private organizations to help them re-design their cybersecurity posture in order to resolve issues promptly and protect against attacks,” the report found.
