Unit 4 – Question 3

Let’s have a look at a few current and possible future phenomena:

  1. The rise of ransomware without the encryption. Unfortunately, this is already a trend, so no need to look into the future. Organizations have improved their backup systems which has made denying access to business-critical data harder for the attackers. Cybercriminals have realized this and are now gradually shifting from the less effective task of encrypting an organization’s data to just purely stealing vast amounts of it and holding the confidentiality of that data as ransom.
  2. Vulnerability exploits in a supply chain weaponized for targeted, large-scale attacks. Vulnerabilities exploited by cybercriminals are a classic avenue of attack. However, the scale of these attacks is growing, as attackers are becoming better at infiltrating software that is delivered by a vendor to thousands of customers.
  3. Misconfigured cloud assets will cause data leakage. Cloud services are used by countless organizations globally. This means that also countless misconfigurations are done around the world. When organizations take cloud services into use, there is the risk of failing to configure the system correctly due to its difficulty. The commissioning phase usually includes activating several critical security features, and if these are forgotten or not done properly, it can result in data assets being completely unprotected and leaked to the internet. It is often unclear where the responsibility for securing cloud assets lies, possibly leading to false assumptions on what is secured by default and what is open to the internet.

+ There are no comments

Add yours