How vulnerable are we to cyberattacks in the digital age?

In the first half of 2023, a report from CyberSecurity Malaysia revealed a worrying trend that the government sector suffered the highest number of data breaches, while the telecommunications sector suffered the largest volume of data leaks. This highlights the pressing challenges in protecting sensitive information across different sectors.

Global cybersecurity challenges

According to an annual report by IBM on the global cyber security risk index 2024 (IBM X-Force Threat Intelligence Index 2024), the urgency in addressing cyber security threats is increasing.

IBM X-Force has revealed a growing global identity crisis as cybercriminals increasingly exploit user identities to infiltrate businesses worldwide. The report is based on data collected from tracking more than 150 billion security incidents every day in more than 130 countries globally.

The report said the situation is becoming increasingly serious as cybercriminals are shifting from attacking online accounts to using readily available internet and dark web data. This shift allows hackers to penetrate deeper into personal lives, revealing everything from daily habits to users' hobbies and interests.

The IBM X-Force 2024 report also noted a significant change in cybercriminal attack methods in 2023. Accordingly, cybercriminals prefer to use legitimate account credentials to penetrate corporate networks rather than using other attack methods, making this strategy a favorite of threat actors.

This data not only underscores the urgency of the cybersecurity situation, but also underscores the importance of understanding attacker tactics to effectively protect our people, data, and infrastructure.

The Asia-Pacific Cybersecurity Landscape

The IBM X-Force 2024 study also provides a regional breakdown of cyber incidents, with Asia-Pacific being the third most impacted region in 2023, accounting for 23% of all global cyber attacks handled by IBM X-Force.

This result shows that there has been a change in the ranking of cyber attacks compared to the period 2021-2022, the period when the Asia-Pacific region was most affected. In 2023, Europe topped the list with 32% of all cyber attacks globally, followed by North America with 26%, Asia-Pacific with 23%, Latin America with 12% and the Middle East and Africa both at 7%.

In Asia-Pacific, manufacturing remained the most targeted sector for the second consecutive year, accounting for 46% of cyberattacks. This was followed by finance, insurance, and transportation, each accounting for 12% of cyberattacks, and education ranked third at 8%.

Phishing attacks remain the dominant method for hackers to initially gain entry, accounting for 36% of cyber attacks, followed by attacks on public-facing applications at 35%.

After intrusion, malware was the leading attack tactic, with 45% of attacks involving this tactic, including ransomware at 17% and info stealers at 10%.

The report suggests that the return on investment (ROI) from attacking generative AI platforms is currently negligible. However, IBM X-Force 2024 predicts large-scale attacks on these technologies will occur when a single AI model has 50% market share or the market shrinks to three or fewer competitors.

Although phishing attack volume is down 44% year-over-year, it remains a primary attack vector, especially since AI can refine and accelerate these attacks to around two days, making it a favorite among cybercriminals.

The Role of AI in Tackling Cybersecurity Threats

Amidst the challenges of cybersecurity, AI technology has emerged as a key tool that can both exacerbate cybersecurity incidents and help combat potential threats. Today, AI is widely recognized for its usefulness, especially in the way it revolutionizes threat detection, response times, and the protection of user identities and data flows.

According to IBM's Cost of a Data Breach 2023 report, organizations worldwide saved nearly $1.8 million in data breach costs by leveraging AI and automation, compared to organizations that had not yet adopted these technologies.

However, the advent of generative AI also brings new challenges and opportunities in both cyberattack risks and protecting business data security. This means that when hackers make good use of AI capabilities, we may face larger and more dangerous cyberattacks.

Conversely, AI is also expected to boost enterprise cybersecurity, allowing threats like ransomware to be quickly identified based on their signatures and behavior, even if it is a variant the system has never encountered before.

Generative AI is self-learning, requiring no prior exposure to specific scenarios, to detect new, sophisticated threats. This makes it invaluable to cybersecurity, where it speeds up business processes by automating threat detection and investigation, and adapts an organization’s response strategies in real time based on previous incidents.

As generative AI gains market dominance, it could also become a focal point for cybercriminals, prompting further investment in tools designed for AI-based attacks, IBM X-Force 2024 research suggests. While concerns about such attacks are growing, the main security threat in the Asia-Pacific region remains the exploitation of known and unpatched security vulnerabilities.

Government agencies need to focus more attention on protecting critical infrastructure and key regional industries such as manufacturing, finance, insurance and transportation. This includes conducting tests and having a robust incident response plan in place.

With the growing trend of global threat actors exploiting user identities, the need for more effective user access controls is becoming urgent. This situation highlights the importance of a comprehensive security strategy in the era of generative AI, and the need for increased vigilance and adaptability in cybersecurity strategies.

Strategic measures to prevent malicious cybersecurity threats

There are many different strategies that can mitigate cybersecurity threats, and choosing the one that best fits your or your business's specific needs is important.

While many AI solutions claim to offer protection against a wide range of cybersecurity threats, the ultimate choice depends on what best fits the specific needs of you or your business.

One effective approach is to update identity management across multicloud environments. As cybercriminals increasingly exploit legitimate user accounts to infiltrate networks, with this attack method accounting for 30% of incidents handled by IBM X-Force by 2023, strengthening identity and access management (IAM) becomes more important.

In addition to identity management, AI plays a key role in optimizing cybersecurity resources, enhancing protection by securing endpoints, and detecting anomalous activities, such as data theft or unauthorized account creation.

Cybercriminals are shifting from ransomware to malware attacks, especially those aimed at stealing data. This shift underscores the need to protect data in hybrid cloud environments, monitor it closely, and implement strong data protection measures.

However, increasing spending on security by organizations may not be enough. Adopting a zero-trust security model and prioritizing trusted data can significantly strengthen the cybersecurity posture. By promoting transparency and accountability, organizations can not only mitigate risk but also proactively prevent bias, making zero-trust security and prioritizing trusted data essential strategies.

Building trust and preparing for future threats is key to these strategies. A proactive security posture, based on careful partner selection and regular security assessments, complements the technical and strategic measures already discussed.

Building trust should be the foundation of every interaction, enhancing cybersecurity risk management and prioritizing cybersecurity resilience to maintain and strengthen business relationships. This involves continuously monitoring and managing critical points where trust is established or compromised.

Preparing for future threats requires a proactive security posture, including careful selection of partners and regular assessment of their security strategies and practices. This holistic approach to cybersecurity emphasizes the need for a balanced mix of technology, strategy, and a culture of trust and resilience.

As we prepare for future threats, a balanced mix of technology, strategy, and a culture of trust and resilience is essential. The holistic approach discussed underscores the need for vigilance and flexibility in cybersecurity strategies to effectively combat evolving threats.

In conclusion, the vulnerability to cyber attacks in the digital age is a serious issue that needs to be addressed. By raising awareness about cyber security and implementing appropriate security measures, we can reduce the risk of attacks and protect our data.