InfoGuard Cyber Security and Cyber Defence Blog

In 2022, these cyber security issues will be keeping the it world on tenterhooks

Written by Philippe Vetterli | 07 Feb 2022

The 10th InfoGuard Innovation Day has broken all the records. On 26 January 2022, the anniversary edition was held virtually and was extremely successful, inspiring over 700 professionals from the entire DACH region. The participants eagerly listened to the latest trends and challenges that we may be facing. 17 leading security providers and manufacturers, as well as our own InfoGuard cyber security experts, described the current threat situation in 27 presentations based on real cases, or demonstrated innovative security solutions. The two keynote speeches were undoubtedly some of the very special highlights. Hannes Lubich humorously explained how in the future the CISO function and requirements will change. Dr. Christian Neubaur, CIO of Siegfried AG, gave a gripping account of a real ransomware attack, and how he and the entire company managed this challenging situation.

The previous record was once again beaten by far with over 700 participants from Switzerland, Germany and Austria, and a total of over 4,300 sessions attended. This impressively shows that the event has established itself very successfully in cyber security circles, and it is no longer possible to imagine life without it. Our thanks go not only to all the participants, but also to all our partners. Their virtual exhibition stands and presentations made a significant contribution to the success of this great day.

Cyber Defence Center (CDC) plays a decisive role

As could be expected, the field reports and insights from real security cases from our Cyber Defence Center (CDC) met with particular interest. We deliberately focused on this this year. For example, the Threat Intelligence Team presented what a retrospective case analysis reveals about attack patterns. They also gave insights into how the InfoGuard Computer Security Incident Response Team (CSIRT) works. The Security Operations Team used the Cobalt Strike and Exchange Vulnerabilitycases to show how they defend against attacks and what role Managed Detection & Response (MDR) plays in this process.

They also persistently analysed how attackers hack Azure AD accounts, and the Red Team used very authentic, specially conducted tests to illustrate the opportunities for attackers in physical security concepts, and revealed the weaknesses of even state-of-the-art access systems. Of course, the increasingly relevant subject of cloud security was also on the agenda. The fascinating programme was rounded off with a Field Report by a CISO, which focused on Zero Trust and best practice, as well as an introduction to External Attack Surface Management to counter attack surfaces by means of appropriate perimeter architecture.

The most important security trends in 2022

So far so good. That was a brief summary of the InfoGuard Innovation Day 2022, but what does this actually mean for security managers? What threats, dangers, challenges and trends does the cyber security world have in store for them? Here is a recap:

1. Ransomware attacks

Attacks are on the rise at an alarming rate. Swiss companies are increasingly becoming the focus of attackers. Studies reveal that one in three companies in Switzerland has already been the target of a cyber-attack. The question is no longer whether but when your company will also be hit. In 2021, this was also what happened to Siegfried AG. Dr Christian Neubaur, Global Head of IT & Procurement, transparently described the ransomware attack scenario, reported on the biggest challenges and gave valuable insights into the partnership with InfoGuard’s CSIRT. His advice to other companies and security managers:

  • Encourage internal security awareness training
  • Rely on 24/7 network monitoring
  • Establish a solid backup infrastructure
  • Separate IT from OT applications
  • Constantly improve network and security architecture

And the most important thing is to know that you have a professional partner by your side that, in addition to the necessary expertise, can also provide the resources you need for emergency situations. And this is exactly where InfoGuard comes in with the Incident Response Retainer. Our specialists have a wealth of experience and expertise. Our goal is to make impacted companies capable of action and get them operationally up and running again as soon as possible.

2. Azure attack target: Cloud compromises

Cyber incidents in the Azure environment, primarily in the area of what is known as business email compromise, are currently increasing at an exponential rate. Studies show that many IT administrators are (right now) overwhelmed by the complexity of the MS Cloud solutions and are unable to cope. During a business email compromise, attackers are able to gain access to a company's email account. Criminals' ultimate goal is financial gain, for example by forging legitimate invoices or altering account numbers to make bank transfers.

Our InfoGuard Cloud experts are currently seeing a lot of cloud compromises and are convinced that...

  • ...the number of hacked accounts in Switzerland is very high.
  • ... over 90 % of companies would not recognise hidden mailbox rules.
  • ... now is the right time to review the Azure configuration.

In order to ensure that our customers are not among the many well-known victims, we are offer dedicated hunting sessions in the complete Azure environment. With our One-Time Hunting Light, misconfigurations can be detected. Do you also want to take advantage of this and have your Azure configuration checked?

3. Phishing attacks

Phishing attacks are one of the biggest, most frequent threats to businesses of all sizes. In 2022, the number of attacks is likely to continue to increase dramatically. At the same time, new techniques and increasingly perfidious, dangerous attack methods are complicating Swiss companies' security arrangements. People often talk about the human vulnerability in connection with phishing. Unfortunately, this is with good reason. That’s why it should be a top priority to make employees aware of cyber risks. What is going on in your company? In a specially designed Phishing poster, our experts have compiled valuable tips and tricks on how to recognise phishing emails more effectively and avoid being caught out by cyber criminals.

4. Cybercrime as a service

Cyber security incidents are escalating at an alarming rate and can have a profound impact on the day-to-day functioning of society and both the online and offline economy. The main problem is that Cyber Crime is BIG BUSINESS. In this area too, the marketing of malware, criminals are operating more and more professionally. Malware can easily be bought or rented, as required. As if this were not enough, they are even offering technical support! With malware, cybercriminals have created a new, lucrative business model. Unfortunately, the indications are that the market will continue to grow in 2022. It goes without saying that companies must safeguard their technical infrastructure and have a tested emergency scenario and concept up and ready to go. In addition, it is advisable to constantly optimise the process, as follows:

  • Review procedures & tools, check contact lists for being up-to-date

  • Review for improvement potential

  • Carrying out exercises, tests and training

We undertake everything to ensure that you and your company are secure

Admittedly, these forecasts and trends all sound a bit gloomy. The good news is that although the methods used by cybercriminals are rapidly and constantly evolving, so are security strategies and solutions. This was convincingly demonstrated by the 27 presentations by cyber security experts at the 10th InfoGuard Innovation Day. InfoGuard is always by your side with our comprehensive expertise.

Save the date - for the InfoGuard Security Lounge

Success brings obligations. True to this motto, there will be another InfoGuard Innovation Day next year, probably once again in late January. More detailed information at a later date. The next event highlight is the legendary InfoGuard Security Lounge, taking place on Wednesday afternoon, 29 June 2022. Put this date in your diary today. – and register now. We look forward to seeing you there!