CIO OPINION
Six IT infrastructure security threats to be on alert for :
Russian cyberattacks
Even before the invasion of Ukraine , many countries were on high alert for potential attacks from Russian cybercriminals , particularly targeting critical infrastructures and essential services sectors . In the past few months , cybercriminals have taken advantage of more geopolitical chaos to target both nation states and organizations operating in these critical sectors .
Ransomware still on the rise , empowered by AI
Organizations and workers attack surface is growing as networks expand
As organizations ’ networks expand and applications and devices increase , pushed by the rise in hybrid work policies , the attack surface likewise grows . The Internet of Things , cloud applications , digital supply chains , open-source code , and even social media are bringing organizations ’ attack surfaces outside of a set of controllable assets .
More people are now security decision makers , leading to a radical decentralization of securitybased decision making
Ransomware certainly is not new . What is new is that it ’ s getting worse , more widespread , increasingly devious and dangerous . Actually , Asia Pacific has ranked the third-highest region globally to be targeted by ransomware . What is truly worrying is that AI is expected to drive even smarter and more insidious ransomware attacks as we look at the next six months .
In an attempt to bring more digital assets under control , we ’ re seeing specific departments take control over their IT , and by extension security decisions . These decisions are often carried out without any consultation with IT departments , leading to a growing decentralization of security-based decision making . This prompts a change in the role of the CISO to a higher level and more
Attack automation and Fraud-as-a-Service More attacks are now automated and various attack styles are available for download or even as a service . Some threat actors have started monetizing their fraudulent exploits by turning them into a cloud service that cybercriminals can simply subscribe to . These can even include AI-style features such as voice bots which impersonate businesses and embark on social engineering exploits in robotic fashion .
Cybercriminals have taken advantage of more geopolitical chaos to target both nation states and organizations operating in these critical sectors .
www . intelligentcio . com INTELLIGENTCIO APAC 45