Once impacted by ransomware and other attacks, organizations spend a lot of time and money trying to recover systems. Many negotiate with attackers and even pay off the ransom. This is a reactive approach. My advice would be avoid negotiating with extortioners. Rather, they should deploy resilient technology like immutable backups that will help recover from attacks like ransomware. Here are my three predictions for 2022.
By Zachery Mitcham, MSA, CCISO, CSIH, VP and Chief Information Security Officer, SURGE Professional Services-Group
1. Introduction of Artificial Intelligence (AI) into cyberattacks. We can’t just dismiss cybercriminals as being unsophisticated imbeciles. It would be a mistake if we did. Cybercriminals are now using computer generated hacking algorithms to create more persistent and efficiently resilient cyberattacks, yielding incredibly favorable results. AI-generated attackers don’t have the weaknesses associated with their human counterparts. They don’t grow weary of trying heuristically to access their targets’ networks. Consequently, they continue until they achieve their ultimate objective.
2. Increase in Cryptojacking. Criminals hacking criminals does not get a lot of press. After all, who cares, right? Wrong! Cryptojacking, if left unchecked, will bleed over to legitimate enterprise activities. Cryptomining of blockchain-generated cryptocurrency has become more attractive to cybercriminals of late. Hackers are leveraging the resources of legitimate computer systems to launch attacks against dark side extortioner sites. The criminals feel like they will go unpunished in that they are attacking the financial resources of a hacker, and no one would care. In the final analysis, who can the criminals being victimized, voice their complaints to?
Also see: How Cryptojacking and Cryptomining Assaults Work
3. Increase in the implementation of immutable backup systems. This will reduce the impact of ransomware attacks. More organizations have established positions of not negotiating with cyber extortioners. They are deploying technology that will assist them in recovering quickly from cybercrime in the form of ransomware. One technology, in particular, is that of immutable backups. Regular backups offer some resilience against such attacks, but not much. If they themselves are compromised, they are rendered useless. On the other hand, an immutable backup is a backup that cannot be modified or altered by the intruder, thereby making it easier for an organization to recover from a ransomware attack.
Read more predictions from other experts in our January 2022 issue.
About the Author
Zachery S. Mitcham is a 20-year veteran of the United States Army where he retired as a Major. He earned his BBA in Business Administration from Mercer University Eugene W. Stetson School of Business and Economics. He also earned an MSA in Administration from Central Michigan University. Zachery graduated from the United States Army School of Information Technology where he earned a diploma with a concentration in systems automation. He completed a graduate studies professional development program earning a Strategic Management Graduate Certificate at Harvard University extension school. Mr. Mitcham holds several computer security certificates from various institutions of higher education to include Stanford, Villanova, Carnegie-Mellon Universities, and the University of Central Florida. He is certified as a Chief Information Security Officer by the EC-Council and a Certified Computer Security Incident Handler from the Software Engineering Institute at Carnegie Mellon University. Zachery received his Information Systems Security Management credentials as an Information Systems Security Officer from the Department of Defense Intelligence Information Systems Accreditations Course in Kaiserslautern, Germany.