According to Astra Security, approximately 2,200 cyber security attacks occur daily worldwide. In Singapore, the 2022 statistics published on the International Trade Administration website note that there were nearly 2 million attacks in the second quarter, with ransomware and data theft being the most common. The website further states that Singapore bears the highest costs in the Asia-Pacific for cyber security breaches, often investing approximately SGD 1.7 million each.
Throughout the years, Singapore has taken multiple steps to strengthen the country’s cyber protection. The licensing of cybersecurity vendors, introducing the Cybersecurity Code of Trade, the Cyber Trust and Essential Marks, the Cybersecurity Strategy, the Singapore Cybersafe Program and the Cybersecurity Act are just a few legislative and nationwide projects that have been implemented. Despite these measures, Singapore and countries globally need to address new threats that emerge daily in cyberspace constantly. Such threats can disrupt day-to-day processes, distort integral information and deteriorate a company’s reputation. This blog will discuss a few of the latest threats that pose a risk in 2023.
Eight Cyber Security Threats You Should Be Aware of in 2023
The cyber security threat landscape has evolved, making this an age where companies face an increased number of cyber threats than ever before. While some of the threats companies can expect are cyber threats that have long existed, some are only of recent origin. Here are eight cyber security threats to look out for that experts predict will potentially increase this year:
Ransomware
Certain people rely on specific software to conduct their daily work. One of the most famous ransomware attacks includes the Wanna Cry attack in hospitals in England and Scotland, leading to 70,000 medical devices being hacked and corruption. This form of hacking is extremely dangerous and often manipulative. It hacks important data and asks the relevant company or victim to pay a specific amount to prevent the data from being released into the public domain. Even where a ransom is paid, the data breached remains insecure as there is no guarantee whether all duplications were deleted, for instance. A data breach will break trust, especially when a company deals with sensitive information, drastically affecting the brand’s reputation. In severe cases, it may also result in the company being sued by its clients.
Mobile Attacks
Today, people can do many things from the tips of their fingers. Anyone with access to a smartphone can, thus, do their work, research, transact money to their bank accounts and more in one go. This has resulted in many increasingly depending on their smartphones, storing all sensitive and personal information. Hence, any data breach in a phone may endanger a person, risking one going bankrupt in a second. Mobile wallets like Apple Pay have also encouraged many in developed countries to adopt touchless payment systems. There is no one way to completely safeguard mobile devices, particularly because, unlike a computer with a strong infrastructure, it is hard to engineer an equally powerful security system for a mobile phone.
Phishing Attacks
A form of social engineering, this is one of the most dangerous and easiest hacking forms cybercriminals use. This is because phishing involves human interaction, thereby only needing to simply trick a person instead of having to get past a complicated security system. Generally, phishing is when an email is sent, whereby the hacker receives the person’s credentials the moment they click it. Thus, a person’s email account thereafter is impersonated. Social media account users may experience this often, as upon clicking on a link a trusted friend or unknown person sends via direct message, a person may lose access to their account, thereby also subjecting other friends to risk.
Cloud Vulnerability
While many businesses are often contending on whether they should be transitioning to cloud infrastructures, one key reason some hold back on doing so is the potential of cyber breaches. While the increased use of the cloud is expected to generate more powerful forms of cybersecurity protocols, as noted by Gartner, a 2021 report by IBM notes that clouds have been subjected to risks at an increased rate of 150 per cent for the last five years. One modern solution to protect vulnerable clouds is to adopt a Zero Trust cloud security architecture. This refers to a range of verification steps the user abides by whenever signing in or accessing a specific network.
Internet of Things Attacks
IoT has increased the number of networks that are interconnected. Coupled with 5G technology, data between devices can easily be shared with no delay. However, the more devices connected to the system, the higher the number of vulnerabilities of cyber attacks. This increases the number of access points for cybercriminals to hack into and reach personal and corporate systems. Considering whether each access point can be protected is a good way to protect against cyber threats, as a breach of the access point will only put one section network at risk rather than the entire system. Hence incorporating encryption mechanisms into every connected device becomes pivotal.
Automotive Hacking
While driverless cars may sound like a cool thing, any machine that has the capacity to automate or do things on its own is subject to risk. Automotive or automated equipment has undergone special coding, restricting the number of actions they can take. Hence, the moment someone hacks into the system and changes it, they could completely lose control of their own car or industrial equipment. Since driverless cars depend on onboard sensors which process information collected onto the internet, it increases the risk of cyber threats. Hence, information about families, including their home location, often visited places and related information, raises safety concerns.
Third-Party Exposure
This refers to situations where cybercriminals target weak networks. This is especially common in companies that outsource their data to a third party. For example, in 2021, a company called Sociallarks was employed by Facebook, Instagram and LinkedIn. As a contracted third party, the company had access to the social media giant’s network. It, however, did not have a protected network. Subsequently, they faced a cyber security breach whereby the hackers could leak the personal information of approximately 214 million users. Some companies subjected to this form of cyber crimes experienced such instances due to their own carelessness in not addressing vulnerabilities already discovered years prior.
Cyber Threats for Those Engaged In Remote Work
When a person starts working remotely, they must adopt cyber hygiene practices. This refers to ensuring remote employees only use protected WiFi networks and use strong VPS or multi-factor authentication software systems where needed. Making an extra effort to the type of password inserted is also important. It is no longer fine to have a simple password on your own personal computer where professional responsibilities are carried on the same computer. Either companies need to invest in electronic devices with a strong encryption system that makes it hard for hackers to access data, or users need to invest in robust cyber security protocols to prevent their personal and professional information from being taken.
Cybersecurity is Important Now More Than Ever
Since COVID-19, many individuals, institutes and businesses have relied on digital devices. There has also been a transition in workplaces where remote work no longer hinders business productivity. With these developments, there has been an unprecedented increase in cyber crimes since 2019, making it harder for cyber security specialists to adopt fool-proof protocols. With the number of ways cyber crimes can occur, whether simply opening up an email or visiting a specific website, users can easily be subjected to the consequences of a cyber-attack. Due to these reasons, ensuring a reliable software solution is purchased whilst implementing a strong data protection strategy is important.
This article is prepared by Cerexio, a leading technology vendor that offers specialised solutions in the Advanced Manufacturing Technology Sector. The company is headquartered in Singapore and has offices even in Australia. Cerexio consists of a team of experts that have years of experience and holds detailed knowledge on a range of subject matters centric to the latest technologies offered in manufacturing and warehouse operations, as well as in predictive maintenance, digital twin, PLC & instrumentation setup, enterprise integrator, data analytics and total investment system.
