New Year, New Cybersecurity Threats
Articles by: Richey May, Jan 18, 2021
After the extensive challenges we had to rise to meet in 2020, many of us are looking at 2021 as a chance to start over, start fresh, and do things better. New year, new you is the mantra! But to really make the changes count, we know we need to keep an eye on the ever-changing risk landscape to protect our businesses and digital assets. After all, we have learned that if we don’t stay ahead of cybercriminals, we could lose more ground than we did last year. So, it’s a good time to assess the latest trends and targets for cybercrime in 2021.
As was the case in 2020, many of the expected threats coming in 2021 are focused around the need to set up work-from-home solutions for employees, due to the pandemic. The same scams and hacks and other cyber-attack tools are becoming more advanced and sophisticated, meaning end-point security is going to be a continued requirement to protect the assets of employees working from home. The other major area we all got introduced to was cybersecurity supply chain attacks, as noted in mid-December with the Solarwinds Orion incident. Below is a roundup of the threats, as reported by ThreatPost.com, KrebsOnSecurity.com, and by Info-Security Magazine.
As we already know, remote employees open up a wide range of vulnerabilities cybercriminals use to gain access to company information. This includes the potential that employees will bypass security requirements without thinking about the threat that it may pose – such as skipping the VPN, discussing sensitive information over vulnerable chat apps, or working on projects through non-secure cloud sites.
Phishing, spearphishing, ransomware, and other email-based attacks are continuing to grow and become more targeted and automated. They are increasingly made to look like they come from inside the organization or another trusted source, making it harder to prevent employees from trusting and responding to these attacks. In addition, file-less attacks – that is, attacks that use a malicious web-link rather than file-based method of dropping malware – are growing. While these types of attacks aren’t new, they are growing and exploiting numerous system tools being used in the new, remote-work model.
An insidious new development in ways cyber-attackers access your corporate information is attacking the hiring process to inject spies into an organization’s personnel. This involves methods to green-light a bad actor through the interview and background check processes, making them seem like a trusted employee. And if this sounds far-fetched to you, remember that a full 25 percent of data breaches in 2020 come from insiders; that number is expected to rise in 2021, to as much as 33 percent.
Sleight of Hand
Attacks made to look like they come from inside your organization can often be easy to spot and easy to manage with the right training and security systems in place. But what if, instead, your service provider is attacked to give a cybercriminal access to your business through what has previously been a trusted organization? An example of this can be seen in how an attacker can gain access to a title company’s system to divert a down-payment on a mortgage from the buyer to a fraudulent bank account. Similarly, a bad actor can potentially gain access to your processes, such as invoicing, and insert malware that changes the bank account being used for payments from your customers.
Supply Chain Attack
In mid-December several companies including Microsoft, FireEye, and the US Security and Exchange Commission all made announcements relating to a state sponsored attack against network monitoring tool Orion made by Solarwinds. As we’ve learned, the attack enabled the use of embedded malicious code to access the networks of both public and private organizations. While the case is still unfolding, it appears the attackers were trying to gain access to government secrets and source code for key technology firms.
As the reality and impact of this attack continues to unfold what we are reminded of is that the continued move to the cloud and default reliance on “best in class” technologies requires a pointed focused on third party vendor risk. This issue is expected to continue as some companies learn more about who all was impacted. No matter what, we can expect regulators and other audit bodies to focus more on third-party vendor and supply chain risk.
There are numerous iterations of these issues, any one of which can be confusing to an IT team or corporate management organization unprepared to deal with these ever-shifting and new threats. As things continue to shift and move forward in 2021, keeping track of these and new threats can be frustrating. By working with a team of cybersecurity experts like ours, you can relax knowing that we’ve got your back and are on top of what you need to keep your business secure and running strong.