Security threats evolve just as fast as the technologies used to stop them. New and modified attack strategies are constantly in the works. To make matters worse, the attack surface within corporate networks is expanding. The push to work from home increased vulnerable points of entry by introducing multitudes of new endpoint devices. The move to cloud-based services and infrastructure has further resulted in a broader and more challenging landscape to defend.

On August 15, the Clop ransomware group announced on their leak website the breach of South Staffordshire Water, a privately owned UK water supply company. This attack is yet another example of ransomware gangs targeting critical infrastructure expecting to receive a big payout, which is reminiscent of hundreds of previous incidents, including the well-known Colonial Pipeline and JBS attacks.

Malware has come a long way since it first made the scene in the late 1990s, with news of viruses infecting random personal computers worldwide. These days, of course, attackers have moved beyond these humble roots. Now they deploy a variety of innovative techniques to extract large amounts of money from businesses around the world. A similar development is taking place with malware’s upstart cousin – the emergence of malicious packages being uploaded to package registries.

Snyk security researchers continually monitor open source ecosystems for malicious packages, utilizing static analysis techniques to identify and flag suspicious packages. Each malicious package is identified upon publication to the package manager and swiftly added to the Snyk Vulnerability Database. During recent research, the team found 12 unique pieces of malware belonging to the same actor.

Malware attacks are escalating. For example, there were 57 million IoT malware attacks in the first half of 2022, a staggering 77% increase year to date. Unfortunately, traditional signature-based antivirus and sand-boxing technologies are insufficient against today’s sophisticated attacks. In particular, advanced persistent threat (APT) viruses, Trojan malware and zero-day malware often evade these defenses.

In the event of a cyber attack, how confident are you that your Azure SQL data is safe and recoverable? As a commitment to cyber-proofing the cloud, we’re pleased to introduce new security enhancements to our previously-announced Azure SQL protection. Now, businesses and government agencies can further minimize the risk of data loss in Azure SQL databases and Managed Instances.

As we pass the halfway point of 2022, it’s worth taking a look at the current trends which have been present within the cyber security world and what to look out for in the future. Being aware of trends allows organisations to plan for the future and put processes or defences in place before they’re required.

Rubrik Security Cloud gives you the power to secure your data wherever it lives - across enterprise, cloud, and SaaS. Now you can protect your data, monitor data risk, and recover data and applications, to keep your business resilient in the face of cyber attacks and operational failures.