Ahead of GISEC 2023, Cisco revealed the company’s security insights as observed in the latest Cisco Talosannual report, Cisco Talos: Year in Review 2022. The report delves into several major trends across the threat landscape in 2022, as well as new behaviours from commodity loaders that will continue to be present in 2023 and beyond.
“Cybercrime remains a clear and present danger that cannot be ignored, for individuals and organisations,” said Fady Younes, Cybersecurity Director, EMEA Service Providers and MEA, Cisco. “Last year, we have seen cyberattacks being highly co-ordinated and far more advanced than ever before. Our presence at GISEC this year provides us with the perfect platform to engage with our customers and industry leaders and explore ways to drive fightback against increasingly dynamic and sophisticated cyberthreats.”
The report is compiled by Cisco Talos Intelligence Group, one of the largest commercial threat intelligence teams in the world, comprised of world-class cybersecurity researchers. Their findings show that the intensity of ransomware, information theft, commodity malware and exploitation of known vulnerabilities decreased significantly worldwide between February and June, as threat actors focused on the Russia-Ukraine attack space. After a short break, organised cybercrime came back stronger than before in the second half of the year with top threats in 2022 including:
- Ransomware: In 2022, ransomware continued to be a significant threat to organisations across the globe with ransomware attacks making up nearly 20% of threats in 2022. The threats have been observed to be more sophisticated and the attacks can cause severe disruptions to business operations, result in data loss and damage a company’s reputation. Ransomware groups targeted the education sector very strongly as these institutions are considered high-value targets, especially since they have a low tolerance for downtime.
- APT groups: Advanced Persistent Threat (APT) groups have expanded their operations over the past year, with state-sponsored increasingly using supply chain attacks, zero-day vulnerabilities and social engineering tactics to gain access to target systems and networks.
- Log4j: The vulnerability in the Apache software’s Log4j shared library continued to be highly targeted by threat actors throughout 2022. Attempts to exploit this vulnerability have remained consistently high, with attacks over the past year being attributed to a variety of actors, ranging from simple cybercriminals to professionally organised APT groups.
Looking ahead
In 2023, it has become crucial to ensure that robust and multi-layered security strategies are in place to prevent, detect and respond to ransomware attacks effectively. The report also emphasises the need fororganisations to prioritise employee education and awareness programmes to ensure that everyone in the organisation understands the risks of ransomware and knows how to respond in case of an attack. Sharingthreat intelligence and collaborating with industry peers, government agencies and cybersecurity vendors will also assist in improving collective defence against APT groups.
Visitors at GISEC can see on Cisco’s booth demonstrations of various Cisco Security technologies, including Secure Connectivity with SASE, Zero Trust with Duo, XDR, Network Security and Cisco Security Services. To learn more, visit Cisco’s booth at Dubai World Trade Centre, stand B85, between March 14-16 2023.