Top Cybersecurity News Stories From April 2024

In just the first few months of 2024 alone, organizations around the world have already suffered several large, severe cybersecurity incidents. Once again, threat actors are making it clear that they’re not slowing down – especially with the emergence of AI-powered attacks – and organizations must be proactive about preparing to contain the next potential breach.  

This month’s news featured insights from cybersecurity experts and thought leaders on topics including:

• Cyber resilience for critical infrastructure
• Solving IoT security threats with Zero Trust Segmentation
• The severe risks posed by cloud security  

Cyber resilience: Solving critical infrastructure’s biggest security risks

Traditional cybersecurity methods aren’t keeping up with the security needs of today’s increasingly complex networks, especially those that make up our global critical infrastructure. Andrew Rubin, Illumio co-founder and CEO, addressed this reality on Sky News’ Business Live in an interview with reporter Ian King.  

“We live in a world where breaches and ransomware are now part of our lives unfortunately,” Rubin said. “What are we doing to be more resilient against this new threat?”

For Rubin, one of the most pressing issues in cybersecurity globally right now is the fact that critical infrastructure – the technologies that everyone relies on, including financial services, utilities, and healthcare – are being run on outdated, legacy infrastructure. This infrastructure lacks cyber resilience, making it easy for attackers to cause widespread disruption, steal data, and fracture citizens’ trust.

Compounding this issue is the long-held assumption that all breaches can be prevented: “Cyber has been so focused for so long on assuming that we can keep a bad threat out," Rubin explained.  

With the exponential increase in critical infrastructure attacks like the recent Danish energy attack, it’s time for organizations and regulators alike to assume that bad actors will eventually breach these systems and, in response, cyber resilience measures must be put in place.

“I think it’s fair to say that, right now, we should assume breach in everything,” Rubin said. “Our job now is to try and do two simple things that are, unfortunately, very difficult to do: Prevent as much as possible and equally accept that problems are going to occur. Resiliency – our ability to protect our most critical infrastructure and pick ourselves back up when we do miss something – is now the job that we have going forward.”

Zero Trust Segmentation is essential to solving IoT security threats

IoT (Internet of Things) devices and their associated technologies have emerged as prime targets for cyberattacks. With the proliferation of IoT devices and the rapid growth of the market, opportunistic attackers are capitalizing on the vulnerabilities presented by these connected devices.  

Louis Columbus explains how microsegmentation, also called Zero Trust Segmentation (ZTS), is a key step in protecting against IoT ransomware attacks in his VentureBeat article, Defending against IoT ransomware attacks in a zero-trust world.

Columbus reports a staggering 400 percent increase in IoT and OT (operational technology) malware attacks. The manufacturing sector is the primary target, suffering an average of 6,000 attacks weekly across monitored devices. He notes that Mirai and Gafgyt botnets dominate these attacks, often leveraging compromised IoT devices to launch distributed denial-of-service (DDoS) attacks, resulting in substantial financial losses.

"Attacks on IoT and ICS networks are becoming so pervasive that it’s common for the Cybersecurity and Infrastructure Security Agency (CISA) to issue cybersecurity advisories,” Columbus said.

As IoT ransomware attacks continue to proliferate, dark web forums witness a booming underground trade in selling ransomware, Columbus explained. The ransomware landscape includes well-known variants like DeadBolt, WannaCry, Mirai, and Gafgyt, posing significant threats to various industries like manufacturing and utilities.

Amidst these escalating threats, Columbus advocates for the adoption of a Zero Trust approach to bolster IoT security with Zero Trust Segmentation at its core. He highlights the importance of applying microsegmentation to endpoints, especially IoT sensors that include Programmable Logic Controllers (PLCs).

“Microsegmentation is designed to segregate and isolate specific network segments to reduce the number of attack surfaces and limit lateral movement. It’s one of the core elements of zero trust as defined by the NIST SP 800-27 zero-trust framework,” Columbus said.

He names Illumio as a key Zero Trust Segmentation platform that can provide end-to-end visibility and granular segmentation across hybrid, multi-cloud environments.

Cloud security poses a severe risk

In a world with AI-enabled and ML-advanced attacks, organizations are grappling with how to secure their hybrid, multi-cloud environments, particularly with overworked and understaffed security teams. Raghu Nandakumara advocates for a Zero Trust approach as a foundational strategy for mitigating risks and minimizing the impact of breaches in his Security Boulevard article, Confidence in the Cloud Starts With Visibility and Zero-Trust.

Nandakumara explains that organizations are increasingly storing sensitive data in the cloud, causing substantial cybersecurity risks – and in the event of a breach, diverting resources that could otherwise be used to bolster business operations or innovation initiatives. Security leaders are becoming more aware of cloud security gaps, with 60 percent acknowledging that cloud security poses a severe risk to their business’ operations.

Illumio’s Cloud Security Index 2023 reveals that 47 percent of breaches over the past year have originated in the cloud, costing an average of $4.1 million.

What’s the solution? Nadakumara encourages organizations to assume that breaches will happen and proactively prepare to contain them with Zero Trust technologies like Zero Trust Segmentation (ZTS). "By proactively recognizing breaches and ransomware attacks are likely to happen, organizations can better shore up their most critical assets and prepare proactively for an attack,” he explained.

He also recommends CISOs and their security teams focus on translating security investments into quantifiable cyber resilience to appease board worries about cybersecurity. “Businesses are terrified of suffering a cloud breach and losing trust among customers, not to mention suffering critical losses in sensitive data and downtime in revenue-generating services... And CISOs are facing more intense scrutiny than ever,” he said.

Organizations must simplify and better integrate their IT strategies in the face of cloud security risks that are being fueled by AI and ML. By adopting Zero Trust principles, organizations can protect their systems and manage the continuously changing threat landscape.

Want to learn more about the Illumio Zero Trust Segmentation Platform? Contact us today.