By Nathan Wenzler
The economic and geopolitical upheaval this past year created exactly the kind of chaos in which threat actors thrive. According to a report by Microsoft, India was the third-most attacked country in Asia Pacific and fifth-most targeted in the world. Cyberattacks had debilitating effects on several businesses resulting in low customer turnover, lost revenue due to system downtime and the increasing cost of acquiring new business due to diminished reputation.
With India’s continued focus on embracing cloud-native technologies and the growing impetus for manufacturing with ‘Make In India’, the attack surface has undoubtedly expanded. If organisations don’t have complete holistic visibility into the breadth and depth of the attack surface, it’s only a matter of time before they fall victim to a cyberattack. A good place to start would be to understand the risks that lie ahead and adopt a preventive approach to get ahead of threats.
Ransomware actors will go after established brands
Ransomware actors fully understand the scale of damage inflicted on large OT-dependent businesses, especially in the manufacturing industry. Even minor disruptions can lead to severe financial consequences, prompting threat actors to target lucrative entities aware that certain businesses cannot afford downtime. The report by Microsoft revealed that one in four OT devices use unsupported operating systems. Compounding this issue is the vulnerability of devices running on legacy firmware in over half of organisations, making them susceptible to numerous critical vulnerabilities.The attractiveness of OT targets to threat actors lies in the potential for brand exposure and publicity, given the high-profile nature of these entities. Additionally, hacktivist groups are anticipated to focus on industries such as factory farming and energy production to maximise visibility for their causes.
Amid the escalating focus on energy consumption and carbon emissions, businesses are actively transitioning toward sustainable operational management. This shift inadvertently leads to increased deployment of OT-based sensors and controls. As the utilisation of Internet of Things (IoT) and OT devices in smart buildings rises, connecting factory and building management systems to the internet exposes companies to heightened risks. Consequently, OT security emerges as a critical imperative, with a projected increase in organisational investments to secure these environments in 2024.
Cloud security will be a top priority
Cybercriminals are increasingly leveraging misconfigurations in the cloud to gain access to critical networks. According to IBM, stealing cloud credentials was a favoured method used by threat actors in 2023. Traditionally security professionals viewed cloud security loosely in terms of networks, workloads and assets. With attackers looking at the big picture that includes services, identities and entitlements, security practitioners need to understand that tackling risks in the cloud requires a more holistic approach.
As more and more organisations migrate to the cloud, there will be increased demand for solutions and practices that help organisations evaluate their total attack surface and prioritise weaknesses to curb risk effectively.
To secure the cloud, security must be a key objective within development and DevOps teams focused on the delivery and deployment of applications. In 2024, we will see more and more cloud architects becoming responsible for the security of the deployed applications. This means that solutions originally designed for security practitioners will also be used by developers and DevOps teams, so they can all contribute to continuously improving the security of their applications without slowing down the development process.
Identities are at risk
Organisations in India will grapple with a significant challenge stemming from the escalating number of users and identities, making effective monitoring a daunting task. A recent study conducted by Forrester Consulting on behalf of Tenable sheds light on a critical issue: over 60% of IT and security professionals in India agree that their organisations lack an efficient method to integrate user data context into vulnerability management practices.
The crux of the matter lies in the organisational struggle to prioritise which identity vulnerabilities to address first. Tackling this issue necessitates the adoption of identity exposure management solutions. These solutions empower organisations to conduct thorough assessments of their Active Directory environment, proactively identify critical vulnerabilities, mitigate risks, and eliminate potential attack vectors before malicious actors exploit them.
Investments in tools that focus on the security of identity infrastructure, directory services and entitlement management across cloud platforms are poised to surge in 2024. This trend is driven by the rising threats posed by ransomware groups and the substantial uptick in successful phishing and smishing attacks across organisations. With the increasing adoption of cloud technologies and the challenges posed by a growing shortage of qualified cybersecurity professionals, these technologies will play a pivotal role in staying ahead of cybercriminals and identifying the attack vectors they’d use to compromise identities or exploit misconfigured entitlements, thus restricting their access to vital business assets.
The trajectory of cybercrime indicates a further surge in 2024, building upon the alarming number of attacks witnessed in 2023. This underscores the imperative for treating cybersecurity as a strategic priority at both organisational and governmental levels.
As organisations step into the new year, a proactive approach to cybersecurity becomes paramount. Anticipating, prioritising, and effectively remedying cyber risks no matter where they are in the technology stack must remain a top priority to mitigate the likelihood of loss-inducing cyberattacks. Being forewarned is being forearmed, and organisations must remain vigilant in predicting and addressing potential threats to safeguard their digital assets.
The author is chief cybersecurity strategist, Tenable
Follow us on Twitter, Facebook, LinkedIn
