According to Communication Authority of Kenya report for July to September, 657,843,715 threats were detected. The threats distribution were as follows:
Malwares
Web Application attacks.
Brute force Attacks.
Mobile Application Attacks.
Distributed denial of Service.
System Attacks.
Cyber threats continue to be a major worry for both businesses and the government. A survey involving more than 1,000 executives recognized cyber threats as a primary risk for 2024 and beyond. The threat actors are becoming more capable and eager to execute cyberattacks. In 2024, the following observation were made:
Growth of Ransomware Threat.
Ransomware attacks have surged since the pandemic, with attackers encrypting data and demanding ransoms for its release. In 2024, the average ransom payment reached $2 million, with some demands exceeding $5 million.
Many ransomware groups now use "double extortion" tactics, stealing sensitive data and threatening to leak it unless the ransom is paid. This practice has grown, with stolen data often posted on the dark web to increase pressure on victims.
These attacks have become increasingly profitable as organizations often prefer paying large sums to regain access to critical systems, making ransomware a widespread threat across all industries.
Despite having backups, companies sometimes find it faster and less expensive to pay the ransom than to restore systems.
Impact of Generative AI (GenAI) on Cybersecurity.
Generative AI (GenAI) is transforming both industries and cybersecurity. While it boosts efficiency, it also enables cybercriminals to carry out more advanced attacks, such as social engineering, malware creation, and disinformation campaigns. Cyber attackers use GenAI for phishing, deepfakes, and reconnaissance, as well as to generating malicious code.
Despite the challenges, GenAI is also strengthening cybersecurity defenses: risk identification, log analysis, and anomaly detection. GenAI tools help automate threat modeling, speed up risk assessments, and improve response times, enhancing overall security operations.
In 2024, OpenAI disrupted several cyber threats leveraging its tools.
Exploitation of Vulnerabilities.
In 2024, concerns over critical infrastructure vulnerabilities grew, especially after a CrowdStrike software update led to widespread IT outages across sectors like transportation, finance, and healthcare. While the incident was caused by human error rather than a cyberattack, it highlighted the inherent risks to infrastructure.
We have also experienced increase in the frequency of cyberattacks targeting Vulnerability in core applications. This pose a significant threat as it would affect so many sectors.
How to Navigate the future of Digital Security.
Its is now inherent that cyber attacks are inevitable but you can be prepared for the day the happen to you. What are the major things to keep in mind:
Keep Updated business continuity plans.
Every cyber security professional dread is when a attack will strike, this calls for a proper documentation on how to respond when an incident happens. A business continuity plans helps a business to uncover areas of compromise and helps the security teams to address them. This may include deployment of cyber security softwares, setting up policies or even a procedure to be followed.
A business continuity plans also address the roles of each team member to ensure that tasks are addressed in a quick and seamless manner.
Assess and monitor third-party Applications Security.
One of the key lessons of 2024, was that third party software came compromise the core functions of an institution. This has brought the need to assess and monitor the security measures of each third party product you add to your environment.
How does the vendor secure the applications?
How does the vendor patch vulnerabilities?
How does the vendor control access?
What sites or IP address does the application connect to?
Have an efficient Vulnerability Assessment and Patch Management Plan.
Patch management is used to eliminate vulnerabilities in application s which can be exploited by attackers. Patch management is considered a way of reducing the attack surface.
Vulnerability assessment is enacted with rating for each vulnerability based on the risk it may cause.
An automated process of vulnerability assessment and patch management eases the pressure on Administrators on keeping on track with new patches. However, new patches should be subjected to a test period to ensure they will not compromise the system. If they fail on a few devices, yo can discontinue the deployment to other devices.
Comprehensive Ransomware preparedness:
Organizations must have a comprehensive preparedness plan that includes:
Have a endpoint solution that supports behaviour detection, Exploit prevention and remediation engine. Ransomware threats will continue to emerge and signature detection cannot be sufficient. Artificial intelligent solution with machine learning will be on necessity.
Application control measures will assist in ensuring unauthorized application cannot execute reducing the chances of getting a ransomware attack.
Backup of system on a secure location. This important to help in restoration of the system even when they have been compromised by a ransomware. The bait of a ransomware attack is when you cant operate.
Increase Visibility and Controls.
Most of the attacks happens because of lack of visibility to assist the administrators to make the right decision. Invest of Cyber security products that increases your visibility and also allow you control your environment.
1. Endpoint detection and response.
2. Mobile Device Management.
3. Perimeter Firewall and Network Access Control.
Staff awareness and training.
Most of the attackers are mostly carried out at the end user. When we exposes them to cyber security awareness and training, we have added an extra layer of security. They will avoid common mistakes by staff and will report any suspicions they might have. This will go a long way in reducing the attack. surface.
Be ahead of the attacker by taking the necessary changes in your organization to ensure business continuity. Ariel technology is a reputable partner that can hold your hand in this cyber security Journey. We can offer technical advices to give you peace of mind in your institution.
Feel Free to contact us for more information here.
Σχόλια