The need for cybersecurity has existed ever since the first computer virus came to light. The first known computer virus appeared in 1971. Creeper, named after a Scooby-Doo cartoon show character, was written by BBN computer programmer Bob Thomas as an experimental self-duplication program. The threat landscape has significantly changed since that time, especially with the emergence of new technologies such as Artificial Intelligence, cloud computing, and more. Bad actors are using more advanced tools and resources, and they have upgraded their tactics by designing new strategies to perpetrate their heinous intentions.

Cyberthreats are not only growing in scale but complexity as well. Given the rise in cybercrime, there is an urgent need for businesses and organizations to secure their critical infrastructures. Experts and leaders with a proven record and background in cyber security (ideally working in security recently examined how cyber attacks have evolved over the past 12 months, what lessons can be learned from the biggest cyber attacks in recent history, and what 

cyberattacks will look like in the future. The experts also shared key pieces of advice for organizations looking to get ahead of the cyber attacks of the future.

How Have Cyberattacks Evolved over the past 12 Months?

''In the past 12 months, attacks have become more persistent; and the level of sophistication in the attacks has increased. Attacks have been occurring in a well-timed manner, utilizing strategies that involve timing over long holiday weekends for the defending country. Once a bug has been exposed in a technology, attackers have been more rapidly deploying exploits'', said Thomas Andersen, Infosec Architect at BACS Consulting Group, Inc.

''Cyberattacks have evolved significantly over the last 12 months. They are happening more frequently and on a larger scale, more than ever. In 2021 alone, the world saw some of the most significant cyberattacks in history in Colonial Pipeline, JBS Foods, Brenntag, and Kaseya'', Kenny Riley, Technical Director at Velocity IT weighed in. 

The Infamous Ransomware Attacks

Ransomware attacks have been profitable for bad actors in the last 12 months. Ransomware locks files on the unsuspecting victims' systems and redirects them to a page that requests a ransom to have their files returned. With a low volume of barriers to entry, the volume of ransomware attacks continues to increase. Businesses and organizations continue to pay ransoms to retrieve their data but only about half are given access to all of their critical data after paying the ransom. 

Anthony Buonaspina, BSEE, BSCS, CPACC, CEO and Founder, LI Tech Advisors:

According to a mid-year report from SonicWall on cyber threats, the increase in cyber-attacks on all fronts is increasing at an alarming rate. The largest cyber threat area is with ransomware attacks, at over 300 million ransomware attacks, which is up over 150 percent since last year.  The main reason for this is it's the most profitable at over $6 trillion globally so far just this year, according to Cybercrime Magazine. As more and more organizations are paying out the ransom demand, the more incentive ransomware groups have to launch these types of profitable attacks. According to this SonicWall report, "Even if we don't record a single ransomware attempt in the entire second half (which is irrationally optimistic), 2021 will already go down as the worst year for ransomware SonicWall has ever recorded".   

Bryan Ferrario, CEO of Alliance Technology Partners:

Ransomware is still the most prevalent attack method, but cybercriminals have become more sophisticated. More and more, threat actors are working as teams where each group specializes in a specific area of an attack. This allows them to make a much bigger impact and receive much larger paydays by targeting entire networks, not just single PCs.  In addition to demanding a ransom for decrypting a company's data, they also threaten to release that sensitive data to the public. This is adding an additional quandary for the victims.   Even if they have their data backed up, releasing sensitive data could hurt multiple stakeholders such as their customers and employees.

Threat Actors Are Going after Insecure Remote Access Points

Joe Cannata, Owner, Techsperts, LLC:

As of late, we have seen threat actors evolve to use existing remote access software as an entry point.  An example of this is using a compromised account and silent installers for widely known remote access software. These are usually delivered through a convincing malicious email.  Once this software is installed, the malicious actor has full access to the compromised system.

What Lessons Can Be Learned from the Biggest Cyber Attacks in Recent History?

The biggest lesson to be learned from these large-scale cyberattacks is that companies, big and small, need to practice IT governance and put practical security measures in place to protect their business and confidential data. Technologies such as multi-factor authentication, while easy to implement, can be the clear difference-maker between a failed cybersecurity attack and a successful one.

-Kenny Riley

The lessons learned from these ever-evolving attacks warrant a multifaceted approach to security.  Gone are the days of installing antivirus software and feeling a sense of protection.  These times require multiple layers of security as the baseline. End-user training has quickly become one of the most vital layers of security.  Making employees aware of current threats and what signs to look for is imperative.

-Joe Cannata

I believe the log4j exploit and the Kaseya hack in 2021 highlighted how quickly attackers are to exploit a flaw once it has been discovered.  A better line of defense needs to be drawn in the stand, and a better combination of rapid response and automation needs to be put in place to combat the effectiveness attackers use to execute.

-Thomas Andersen

The biggest lesson we can learn is that attacks will only get bigger and impact more people. In addition, the threat actors can be individuals, groups, or governments.  They all might have different objectives, but the impact can be catastrophic. Cybercriminals are targeting critical infrastructure, such as the Colonial Pipeline, as well as core IT infrastructure such as the recent Solarwinds attack.  Governments around the world need to take major action to mitigate these national security risks.

-Bryan Ferrario

Test your worst-case situation recovery plan and implement the three key components of a zero-trust network: user/application authentication, device authentication, and trust.

-Raymond Mobayed, CEO of 4it

What Will Cyber Attacks Look Like in the Future?

The cyber attacks we see today will continue. We will begin to see threat actors direct more of their attention toward cloud environments because an attack on one cloud environment can cause damage to multiple organizations. The sophistication of attacks will increase as cybercriminals combine their infiltration techniques with their cybercrime techniques more frequently. Nation-state threat actors will continue to seek individuals to join their causes and by offering financial incentives. These threat actors will continue to use these individuals to wreak havoc on organizations with an expansive reach, causing the damage from cyber attacks to increase.

What Are Three Pieces of Advice for Organizations Looking to Get Ahead of the Cyber Attacks of the Future?

Every organization must design and implement an effective cyber risk management strategy. Small organizations must emphasize employee training and education, security policies, and ensure workplace technology is used in a secure manner. Larger organizations must implement better screening practices and implement internal measures that will be effective at identifying bad actors. Small organizations should also ensure their technology assets are used in a secure manner.