The big picture is, security professionals are concerned about how their organizations can be protected from increasingly sophisticated attacks by exploiting zero-day vulnerabilities or nation-state invaders, but their day-to-day security concerns seem far more unreasonable. According to Dark Reading “Malware threat states“Reports, ransomware and phishing attacks are the most important for security professionals.”
When asked what type of attack worries them the most, 61% of IT security professionals cite ransomware, followed by 54% for phishing attacks. These figures are significantly higher than in last year’s survey, where 41% said they were concerned about ransomware and 31% about phishing attacks.
Ransomware attacks are on the rise, and they are becoming increasingly expensive. Even if an agency does not pay the ransom, the cost of recovery is high, and there is a risk that attackers may dump sensitive data online. Phishing is another major concern, as this tactic is used in almost every type of attack to download malware into a user’s machine or to steal information and certificates.
Even after more employees returned to the office in the wake of the COVID-19 epidemic, two years of distant work changes in business operations remain intact. Cloud implementation, which is already coming back in 2019, has accelerated more than predicted.
Increased reliance on the cloud may be why 27% of IT security professionals cite attacks on cloud systems and services as the most worrying.
Some threats may cause higher concern due to higher publicity violations. The 2019 SolarWinds attack, for one, the report launched what it calls a “new wave of breach-once-compromise-many attacks through software supply chains”. July 2021 Add Kaseya ransomware kerfuffle, and it’s easy to see why concerns about malware and other compromises triggered by suppliers or other trading partners have been 20% in 2022, up from 14% in 2021. Microsoft exploits events like Exchange Server. March 2021 truly worry-free security professionals: concerns and vulnerabilities in applications and operating systems more than doubled, from 11% in 2021 to 29% in 2022.
Polymorphic fileless malware was cited as another area of concern for 24% of respondents, up from 14% last year. This type of malware modifies functions and processes without the need for a separate file, making it difficult to detect. Cross-platform malware such as Hajime (a new category in the survey, citing 7% of respondents) often target Internet of Things (IoT) devices, an attack vector whose profile has doubled, from 12% in the 2021 survey to 24% in 2022.
Surprisingly, concerns about malware using artificial intelligence were almost flat, rising only 1% to 18% this year. It’s still a recognized threat, but it’s interesting that the fear around it has cooled.