Published by:
| Cyber Resilience, Industry & Updates,

The Threat Landscape: 10 Insights from Data Connect’s Cyber Security Experts

Drawing on extensive research and deep industry insights, Data Connect’s cyber security experts have compiled a list of key trends and predictions they expect to see over the coming months in the world of cyber security threats.  The anticipated trends encompass a wide array of developments including the adoption of ZTNA, a move towards passwordless and changes to supply chains.

 

1) Attackers Utilising Post-Quantum Encryption to Hide Malicious Files

With the rise of Post-Quantum encryption, attackers have discovered innovative methods to hide malicious files. This encryption technique, now becoming standard for Chrome-based browsers, poses significant challenges for cyber security professionals. Currently, it is enabled by default in Chrome-based browsers and is extremely difficult or even impossible to inspect. The intricacy and robustness of Post-Quantum encryption render it nearly impossible to examine encrypted files with existing technologies. This trend highlights the urgent need for advancements in inspection tools and techniques to keep pace with new encryption standards. The cyber security community is anticipated to invest significantly in research and development to counter these advanced concealment strategies.

2) The Growing Threat of Deepfake Spear Phishing Attacks 

Deepfake technology has progressed to a level where it can be effectively utilised in spear phishing attacks. These attacks employ AI-generated audio and video to mimic trusted individuals, making them highly convincing and challenging to identify. As deepfake technology becomes more widely available, we expect an increase in such attacks. Organisations must invest in training and awareness programs to help employees detect and respond to deepfake threats. Training on awareness and email security will need significant enhancement to tackle the challenges posed by AI-generated phishing email campaigns.

 

3) The Move Towards Passwordless Access

The shift to passwordless access is growing as organisations aim to boost security and user experience. Passkeys, which use the site’s URL as an ID, ensure users are on the correct website, preventing redirection to fake sites. Supported by software or hardware authenticators like Yubikeys, these devices store private keys and connect to the user’s device via USB, NFC, or Bluetooth. Secure access requires proximity between the authenticator and device. Logging in with a passkey involves a deliberate action, such as a fingerprint or PIN, using asymmetric encryption. This method reduces password breaches and simplifies authentication, becoming a popular choice for protecting data and managing access.

 

4) State Sponsored Attacks Against Commercial Entities in the UK/ Europe Utilising Multi-Vector Attack Techniques

State-sponsored cyber attacks are increasingly focusing on commercial entities in the UK and Europe, utilising complex multi-vector strategies. These attacks often integrate various methods like phishing, malware, and DDoS attacks to penetrate security defences. Due to the advanced nature and resources of state-sponsored attacks, companies need to implement comprehensive security strategies that encompass threat intelligence, incident response, and strong defence mechanisms to effectively counter these threats.

 

5) Rise in Exploitation of Cloud Misconfigurations

As organisations increasingly adopt cloud technologies and migrate their operations to cloud environments, the complexity of managing these systems grows. This complexity often leads to misconfigurations, which can create vulnerabilities that cyber criminals are eager to exploit. Cloud misconfigurations can occur in various forms, such as improper access controls, unsecured data storage, or mismanaged network settings, all of which can expose sensitive data and critical systems to unauthorised access. As more companies move to the cloud, the likelihood of these misconfigurations increases, providing attackers with ample opportunities to exploit these weaknesses.

Malicious actors are becoming more sophisticated in identifying and targeting these vulnerabilities, often using automated tools to scan for misconfigured cloud resources. This trend underscores the urgent need for organisations to implement robust cloud security practices, including regular audits, continuous monitoring, and comprehensive training for IT staff to ensure that cloud environments are configured securely and remain resilient against potential threats.

 

6) Movements in to SASE offerings to achieve ZTNA, as more companies continue the trend of cloud adoption

The rise of Secure Access Service Edge (SASE) and Zero Trust Network Access (ZTNA) is a direct response to the growing threat of cloud misconfigurations. SASE combines network security functions with wide area networking (WAN) capabilities, providing a unified approach to secure cloud adoption. By implementing a robust SASE architecture, organisations can minimise the impact of cloud misconfigurations and proactively address security challenges. Granular access controls and consistent policy enforcement within the SASE framework can significantly reduce the attack surface and limit the potential damage caused by misconfigurations. SASE also provides a unified platform for monitoring and responding to security threats, including those arising from cloud misconfigurations.

This trend reflects the growing need for scalable, flexible, and secure network solutions that can support remote work and cloud-based operations. As more companies migrate to the cloud, the demand for SASE offerings is expected to increase.

 

7) Companies insisting on Cyber Essentials Plus for tender and scoping requirements instead of the basic level, Cyber Essentials

We believe that Cyber Essentials Plus (CE+) certification is going to become a standard requirement for many companies when tendering or scoping projects. Unlike the basic Cyber Essentials (CE) certification, CE+ involves a more rigorous assessment, including hands-on technical verification.

This trend highlights the growing emphasis on higher security standards and the need for demonstrable security practices. Companies seeking to do business in certain sectors may need to achieve CE+ certification to meet client requirements and stand out in competitive markets. Learn more about Cyber Essentials Plus certification process.

 

8) Continued Rise in Supply Chain Attacks

The aforementioned point aligns closely with this prediction, as many organisations are beginning to prioritise supply chain risk assessments. Supply chain attacks have been increasing over the past few years and are expected to persist, targeting the interconnected networks of suppliers and partners. These attacks exploit vulnerabilities in third-party systems to infiltrate primary targets, often causing extensive damage.

Organisations must bolster their supply chain security by thoroughly vetting third-party vendors, enforcing stringent security protocols, and continuously monitoring for potential threats. Collaboration and information sharing among supply chain partners are also essential in mitigating these risks.

 

9) Continued Rise in Zero Day Exploits, Particularly for Remote Working

Zero-day exploits remain a significant threat, especially in the context of remote working. These exploits take advantage of unknown vulnerabilities in software and hardware, making them difficult to detect and defend against.

As remote working becomes more prevalent, the attack surface for zero-day exploits expands. Companies must ensure they have robust patch management processes, threat detection systems, and incident response plans to address these vulnerabilities promptly. Learn more about essential security tips for remote workers.

 

10) Working Towards Ransomware Resilience

Whilst it isn’t new, it’s important to mention ransomware as it continuous to be a problem for organisations.  In the NCSC’s Annual Review released in December 2024, it stated “ransomware remains one of the most pervasive cyber threats to UK organisations”.

A previous shift in tactics by threat actors was to stop encrypting infected devices, instead concentrating on data exfiltration, then threatening to release the data if the ransom isn’t paid. How governing bodies and organisations handle the aftermath is a big debate right now, with a new proposal by the UK Government planning to ban all national infrastructure and public sectors from paying the ransom. The justification for this proposal is that it will deter threat actors from targeting these sectors, as there will be no financial gain.

 

Data Connect SOC Team: Proactive Threat Intelligence

The Data Connect SOC Team is constantly vigilant, monitoring and analysing emerging cyber security trends to stay ahead of potential threats. We provide a comprehensive 24/7 service, ensuring that our customers  are protected around the clock. Our dedicated team consists of highly skilled professionals who are committed to delivering exceptional security solutions.

By leveraging cutting-edge technology and combining it with human expertise, we offer a robust defence against cyber attacks. Our proactive approach enables us to anticipate and mitigate risks before they can impact your organisation, ensuring a secure and resilient digital environment.

If you would like to find out more, you can get in touch here.

 

Share this post

Related Posts

Passwords Are Out, It’s Time for Passwordless With Passkeys in 2025!

Passwords Are Out, It’s Time for Passwordless With Passkeys in 2025! If you haven’t already started using these for your business and personal apps then...

Charity Cyber Essentials Awareness Month

Charity Cyber Essentials Awareness Month     Proud Certification Body and Cyber Advisor At Data Connect, we are proud to be a Certification Body, Assured...

The Ransomware Ecosystem: RaaS, Extortion and the Impact on Your Business

The Ransomware Ecosystem:  RaaS, Extortion and the Impact on Your Business   “Ransomware continues to be the most significant, serious and organised cyber crime threat faced by the UK.” – James Babbage, NCA Director ...

Cyber Resilience, November 16, 2023

Get in touch

SPEAK WITH AN EXPERT

01423 425 498

Related Posts

Passwords Are Out, It’s Time for Passwordless With Passkeys in 2025!

Passwords Are Out, It’s Time for Passwordless With Passkeys in 2025! If you haven’t already started using these for your business and personal apps then...

Charity Cyber Essentials Awareness Month

Charity Cyber Essentials Awareness Month     Proud Certification Body and Cyber Advisor At Data Connect, we are proud to be a Certification Body, Assured...

The Ransomware Ecosystem: RaaS, Extortion and the Impact on Your Business

The Ransomware Ecosystem:  RaaS, Extortion and the Impact on Your Business   “Ransomware continues to be the most significant, serious and organised cyber crime threat faced by the UK.” – James Babbage, NCA Director ...

Cyber Resilience, November 16, 2023