By Doron Pinhas, Chief Technology Officer, Continuity
2022 clearly demonstrated that attacks on data represent the greatest cyber-threat organizations face. The attack pace not only continued, it accelerated. Notable data breaches took place at Microsoft, News Corp., the Red Cross, FlexBooker, Cash App, GiveSendGo, and several crypto firms.
Many of these attacks took advantage of known vulnerabilities and security misconfigurations in storage and backup systems. Continuity exposed the extent of the problem two years ago: on average, enterprise storage devices have 16 security misconfigurations, of which three are critical. And backup and storage systems are rife with unpatched CVEs.
To make matters worse, the political climate is likely to breed more nation-state sponsored cyberattacks. Job dissatisfaction and surging unemployment across the technology sector is likely to spur more insider threats. Organizations are being confronted on all sides by cyber-danger.
Here are our top 4 predictions on how this will play out in 2023:
- More Data Attacks, Greater Sophistication, Bigger Monetary Losses
There is an old saying that generals tend to fight the last battle or the last war i.e., they use tactics that would have been best suited to an earlier conflict. The U.S, for example, used World War II and Korean War tactics in Vietnam and came off poorly to the guerilla approach used by the Vietcong.
Similarly in cybersecurity, enterprises typically proof themselves up against last year’s strategies and attack vectors. By the time they adjust their processes, beef up their defenses, and add new layers of security, they find themselves battling more virulent ransomware strains and cyber-scams. That is why it has been clear for a couple of years that organizations are always playing catchup to cybercriminal gangs. Hence the coming year will inevitably see more data attacks with greater sophistication resulting in ever higher monetary and business losses.
This brings about a vicious circle. As criminals enjoy more success, they reinvest some of the profits in better technology, more powerful systems, and better organized gangs. Thus, we are seeing the appearance of developments such as ransomware-as-a-service and the evolution of a cybercrime supply chain composed of distinct elements, each performing specialized functions that dovetail together into the eventual heist.
- Slow Gains on Storage and Backup Security
Awareness about the perils of backup, storage, and data recovery is rising – but nowhere near quickly enough to catch up with the cyber-attack innovation. Only a couple of years ago, the prevailing view was that storage and backup systems were largely immune to attack as they were backend systems. That fallacy is dawning on more and more IT and security personnel. As more backups are infected with ransomware and more storage and backup vulnerabilities are used to infiltrate other enterprise systems, the word is getting out – slowly.
But for every enterprise that takes action to shore up the many storage and backup vulnerabilities and misconfigurations that exist, there is another that is wide open to attack. In 2023, therefore, we will see well-known storage CVEs being exploited for criminal gain as organizations failed to implement available patches. Similarly, we will see cybergangs continuing to exploit gaping holes in organizational security that can be traced back to well-publicized storage and backup misconfigurations.
To lessen the damage, organizations are advised to focus on the protection of their data. Add new layers of protection across their backup and storage infrastructure to thwart efforts that bypass networking and endpoint security. Make it extremely difficult to tamper with backups and exfiltrate data.
- Insurance Refusals and Rate Hikes
Many organizations remain unaware of the threat posed to their data by insecure storage and backup systems. But not insurance companies. Those offering cyber-insurance are putting pressure on organizations to up their data protection game. They are demanding more thorough assessments of IT, storage, and backup infrastructure before they offer a policy. Those performing poorly in these assessments face much higher rates or even complete refusal to insure. On the other hand, those organizations that demonstrate excellence in storage and backup security could save money.
- The Rise of Automated Storage and Backup Validation
Organizations typically house a LOT of data. Whether it is on-premises or in the cloud, there are numerous repositories of storage and backup data spread all over the place. Most organizations do a poor job assessing where all their data is resides. And an even poorer job of understanding where potential weaknesses may lie.
Automation is needed to inventory the enterprise to find any and all storage and backup resources. Once inventoried, that data needs to be scanned to isolate unpatched vulnerabilities, security misconfigurations, and other weak points. Unfortunately, traditional vulnerability scanners and patch management systems focus on application, network and OS insecurity. They do well at scanning these systems, but are found badly wanting when it comes to scanning storage and backup systems for vulnerabilities.
With growing pressure to improve security and increase compliance efforts, 2023 will see organizations start to invest in automated storage and backup security validation, reporting, and compliance evidence generation. That, in turn, will lead to security professionals becoming more educated in data storage in general. Currently, they are insufficiently versed in data storage and backup technologies and their associated security requirements. We will begin to see that shifting in 2023.