Today, Smarter MSP is continuing its exploration of cybersecurity trends expected to emerge in the year ahead, as well as some surprises from 2021.
We recently spoke with Wayne Machuca, the lead instructor for Information Systems and Technology Management, Cybersecurity, and Networking at Mount Hood Community College’s Oregon Center for Cybersecurity in Gresham, Oregon.
Don’t underestimate the threat of social engineering
Like many experts we have talked to recently, Machuca points to ransomware as a continuing threat in 2022, along with its troublesome twin: social engineering.
As Machuca aptly notes, the Verizon Data Breach Investigations Report listed social engineering as the #1 attack in 2021, with one of the report’s key takeaways on this topic stating:
“Eighty-five percent of breaches involved the human element. Phishing was present in 36% of breaches in our dataset, up from 25% last year. Business Email Compromises (BECs) were the second-most common form of Social Engineering. This reflects the rise of Misrepresentation, which was 15 times higher than last year.”
According to the report, social engineering has grown more sophisticated as hackers mine social media and pose as legitimate companies to try to sneak through defenses.
And that is a problem, Machuca stresses.
#SocialEngineering is prevalent because people are poorly trained in the risks, or perhaps just not paying attention. @SmarterMSP
“The reason many companies are vulnerable to ransomware is that their social engineering defenses are weak. Social engineering is prevalent because people are poorly trained in the risks, or perhaps just not paying attention,” Machuca asserts, adding that the hackers are very sophisticated.
“While a lot of spam is hilariously bad, some of it is pretty good,” he contends.
Some spam features surprisingly accurate imitations of well-known brands, courier services, and colleges, which lulls people into a sense of comfort due to the known commodity. Hackers try to capitalize on that comfort to perpetrate their crimes.
Proper backup and recovery can prevent data loss
And the effectiveness of the ransomware-laced spam will ensure that the threat continues. Only when human behavior changes will the danger of ransomware recede. Machuca notes that many companies don’t have adequate backup protocols in place until that day arrives.
“They think they do, but as is obvious, they don’t. There is no fundamental difference between ransomware locking a drive and a crashed drive. In both cases, the data on the device is unavailable, and the mitigation to a crashed drive is good backups. If a hacker encrypts a drive, the solution is still the same,” Machuca explains.
He adds that while good back-ups are essential, most are too complicated or time-consuming for people to do regularly.
“To this, I am sympathetic. Backing up multiple terabytes or a petabyte file takes some time, and if you back up the file online, it could take hours to days,” Machuca says.
“So, people don’t back up their files daily, and that’s the vulnerability,” he continues. As such, MSPs that monitor networks and keep a client’s cyber-vulnerabilities in check need to stay on top of back-ups.
End-user training goes a long way in securing remote work
Another trend MSPs and CISOs will need to continue to adjust to in 2022 is remote work, something Machuca advises can bring efficiencies to an organization if the risk can be mitigated.
“I think that in the future, we will see a blend of remote and in-office work, where remote will be preferred, and face-to-face will be the exception,” Machuca predicts.
Remote work is a weak link in the IT ecosystem, and that is a vulnerability that hackers will continue to exploit and MSPs need to continue to shore up. The best way to shore it up is through employee training. People doing remote work often do it on their own systems, which can be easier to penetrate.
“On an office computer, someone may be more vigilant, and the business probably has firewall policies in place,” Machuca suggests, adding that on personal machines, people are likely to be less careful, which creates complications.
“You can’t control where they go, what they download, or what they potentially can contract,” Machuca states, adding that if a remote worker is hacked, that hack can spread into the corporate network.
“Good firewalls and good protocols are the first steps,” Machuca advises, adding that he would like to see a technical solution to this problem.
But until such solutions exist, Machuca maintains the most effective use of dollars that MSPs can be expending is on employee training.
“Humans are the weakest link, and hackers know this. And that is why social engineering and ransomware are so effective,” Machuca says, adding that at Mt. Hood Community College, they are educating a quality corps of cybersecurity technicians. Such talent should be tapped across the industry. But the human element will remain the “wild card” in combatting hackers.
What do you think? What other cybersecurity trends do you think we will see emerge in 2022?
Photo: Robert Bodnar T / Shutterstock