Samsung SDS Selects “Cloud” as Top Issue in Corporate Cybersecurity of 2023
+ Selected five major cybersecurity threats including cloud security threat, user account extortion, sophistication of ransomware, SW supply chain attack, and hacking using AI
+ Offers exceptional global security services for responding to security threats
Samsung SDS selected “cloud security” as top issue of concern in corporate cybersecurity of this year.
The company analyzed key cybersecurity issues, cloud transition, and IT operation cases of last year and announced five major cybersecurity threats of 2023, which include ① cloud security threat, ② attacks extorting user accounts, ③ sophistication of ransomware, ④ attacks exploiting vulnerabilities in software supply chain, and ⑤ intelligent hacking attacks using AI.
① Cloud security threat
With the increasing scope of corporate security management driven by the migration of key data and infrastructure to the cloud and the common use of multi/hybrid cloud environments, threats targeting security settings and loopholes in the system are on the rise.
In response to such increasing cloud security threats, Samsung SDS is offering a comprehensive cloud security service based on CNAPP* that can protect all areas including application, data, and infrastructure within clouds.
※ CNAPP: Cloud Native Application Protection Platform
② Attacks extorting user accounts
Attacks extorting user accounts to penetrate into the internal networks of companies to gain access to key information are also expected to grow this year.
Using the comprehensive authentication and account management solution provided by Samsung SDS, companies can detect abnormal activities by analyzing the location/time of access to user device and the type of device, while strengthening account security through MFA* that combines multiple authentication methods such as biometric verification and OTP.
※ MFA: Multi-Factor Authentication
③ Sophistication of ransomware
Ransomware attacks that infect systems to encrypt data and threaten to leak data for ransom payment are expected to become more sophisticated. Hacking attacks are expanding onto clouds, and malicious ransomware designed to destruct data is also being found.
To respond to the evolving forms of ransomware, Samsung SDS is providing EDR* solution for detecting malignant codes and restoring data back to its state before the infection, and is planning to additionally offer IRM* function used to detect abnormal activities within companies.
※ EDR: Endpoint Detection & Response, IRM: Insider Risk Management
④ Attacks exploiting vulnerabilities in software supply chain
Attacks exploiting vulnerabilities in software supply chain* are also expected to continuously increase. Such attacks that induce installation of malicious programs disguised in normal files can infect many companies using various software. In particular, as security risks are also increasing from the use of code sharing sites and open source software, measures to respond to such risks are needed.
※ Software supply chain: the entire process of software development, deployment, and installation
Samsung SDS is providing a solution for detecting security vulnerabilities by analyzing open source version data, through which companies can prevent the penetration of malignant codes and address vulnerabilities in software supply chains.
⑤ Intelligent hacking attacks using AI
Lastly, cyberattacks using AI technologies are also becoming increasingly sophisticated. In particular, files created through deepfake technology which fabricates videos and voice files by using AI are being used in financial crimes for extorting proof of identity, and thus precaution is needed in handling such files.
SangKyung Byun, Vice President and Leader of Security Technology Office at Samsung SDS, said, “Due to the use of clouds and acceleration of digital transformation, infrastructures and data that companies need to protect are increasing.” He added, “Samsung SDS will provide robust security services so that our customers can enhance visibility on their IT assets, automatically detect/respond to threats in accordance with security risk level, and strengthen cyber resilience to swiftly recover from infections.”
Meanwhile, Samsung SDS is offering an unparalleled level of security service including consulting, diagnosis, vulnerability management, and security control in more than 100 countries. In recognition of such exceptional services, the company has been chosen as a major player in cloud security service for two consecutive years in the IDC MarketScape report.