Even though Hackers & Threats wasn’t necessarily a trend that bubbled up in the RSAC 2024 submissions, this year’s agenda had plenty of popular sessions looking at hacking techniques and the evolving threat tactics of malicious actors. Cybercriminals have been around for decades, and during their RSA Conference 2024 presentation, Flying Under the Radar – New Security Evasion Techniques, Etay Maor, Senior Director Security Strategy at Cato Network and Tal Darsan, Manager at Cato Network, discussed old and new tactics cybercriminals use while staying under the radar. Maor stated, “We’ve been battling malware, phishing, and cybercriminals for a better part of the last 20 years.” Hacking is increasing and hackers are becoming more sophisticated.
We have seen a rise in attacks in the industrial sectors. Although this is new territory for hackers, they remain persistent. As Rob Lee, CEO and Founder of Dragos Inc, stated during his presentation, attackers are, “Learning, adapting, and becoming more capable. Maybe they started with barely being able to get into the OT, but a couple of years later they have the knowledge on what to steal.” Hackers do not stop because they lack knowledge of a certain industry and how it works—they are determined to learn about it and how they can bypass that one single point of entry to gain access to attack their systems. It’s crucial for industrial control systems (ICS) and critical infrastructure organizations that are becoming the new targets for cyberattacks to understand “the direction that hurricane is going,” as Lee stated.
Ransomware: A Tool for Hackers
Ransomware’s rise was certainly a strong trend in the RSAC 2024 submissions, and while it’s ebbed and flowed in popularity, ransomware has become a powerful tool for hackers over the past decade. Paula Januszkiewicz, CEO and Cybersecurity Expert at CQURE, pointed out that “50% more organizations suffered a ransomware attack in the first half of 2023 compared to the first half in 2022.” During her session, Hacker’s Perspective on Your Infrastructure: Lessons From the Field, Januszkiewicz provided a few reasons why we see low detection rates of hackers getting into systems: understaffing, alert fatigue, and organizations cutting cybersecurity help. Now more than ever, we need to bring cyber professionals in every organization together to hone threat hunting skills to prevent or minimize the risk of a breach or a ransomware attack.
Hackers started ransoming users at home, but as Mikko Hypponen stated during his Keynote talk, “Criminals realize there is much more money to be made by targeting bigger targets,” such as enterprises. We have seen an increase in ransomware gangs and Hypponen further explained, “gangs create a name that is scary,” and they gain a “trustworthy” reputation. Which means an organization can trust that if a particular ransomware gang attacks, they just need to pay, and they are guaranteed their data is “safe”.
Is Secure by Design the Solution?
Secure by Design, another trend from the RSAC 2024 submissions, is nothing new but gained mention in almost every session. We even saw variants of the trend with sessions on Privacy by Design. Due to the evolving threat landscape, security teams need to look closely at how malicious actors are gaining access so that they can use that information to secure their platform, system, and network. In his RSA Conference 2024 session, Christopher Romeo, CEO at Devici said, “Security and privacy are business priorities, not technical features." Security teams need to shift their minds to not only secure something from start to finish, but continuously secure it after it’s been deployed. This mindset can get organizations ahead of the attacks by always figuring out innovative solutions to strengthen their security protocols.
Community Matters
Perhaps the strongest topic that was trending in the RSAC 2024 submissions, community matters resonated in many of this year’s sessions, even in those that revolve around hackers and threats, ransomware, and Secure by Design. Hugh Thompson, Executive Chairman and Program Committe Chair at RSAC, opened the first Keynote session to talk about the power of community – recognizing there really is power in community when we come together to collaborate and talk about these rising issues. The diverse cyber community, more than ever, needs to collectively brainstorm how to combat cyberattacks and figure out a proactive approach to secure our enterprises, but we also need to celebrate the monumental achievements that we have made in our quest to build a more secure world.