January 4, 2021
Many of us are looking forward to putting 2020 behind us. As we turn our attention to 2021, it’s critical that organizations in all verticals take time to prepare themselves for the challenges and potential cybersecurity attacks 2021 is likely to bring.
Familiar Attacks with a Twist
In 2021, many organizations are likely to encounter attacks they are already familiar with, such as cloud-based attacks and social-engineering based attacks (including phishing scams) designed to trick users into downloading malware or ransomware. However, the twist lies in who is likely to be behind many of these tried-and-true attacks. Once the realm of lone attackers, attacks and the people behind them, are becoming increasingly sophisticated. Malicious actors are becoming incredibly organized, and many have begun running their illegal operations like corporate businesses with teams of employees creating new forms of malware and targeting organizations on a mass scale.
Malicious organizations are also increasingly automating these attacks, and many attackers are using the pandemic to take advantage of workers’ lack of familiarity with remote work applications or re-vamping the Nigerian prince scam by offering fraudulent government stimulus checks instead of a share in a vast fortune.
This increased sophistication is disconcerting, and organizations need to be prepared to effectively fend off incredibly organized increasingly sophisticated attacks.
With more organizations than ever turning to the cloud, particularly to support remote workers, attackers are likely to continue to focus their attention here as well. Though cloud infrastructure is relatively secure by design, users need to implement additional cybersecurity features and ensure those features are correctly configured in order to best protect their data and network. Depending on how quickly your organization had to pivot to cloud-based services during the pandemic, your internal IT team may not have the necessary knowledge to correctly configure these solutions or may not have had a chance to properly vet tools before they were implemented. Depending on how the pandemic has affected your bottom line, you may be tempted to substitute solutions from known and trusted vendors for free alternatives of questionable quality and security.
Not every organization has taken appropriate steps to safeguard their cloud storage, so many attackers view the cloud as prime targets that offer a large attack surface. Should an attacker manage to compromise even one service offered by your cloud provider, they may be able to use that compromised asset to gain access to networks that use that tool or asset, creating a supply chain attack spread across multiple organizations. Successful attacks of this nature are typically able to sidestep security measures at the organizational level by infiltrating higher levels within the supply network, allowing them to deploy malicious payloads via the tools and services your organization trusts and relies on. A misconfigured cloud only amplifies this risk, exposing more surfaces to attackers.
Cloud misconfigurations are a common root cause of data breaches, so organizations must assess their current configurations and take any necessary steps to secure their cloud. A vulnerability assessment and pen (penetration) test can help your organization identify deficiencies in your current security posture so they can be corrected before they are used against you. You should also have an up-to-date incident response plan and a plan for conducting security forensics and compromise assessments should an attacker gain access to your system in order to discover how they did so, what data was accessed, if the intruder still has access to your systems, and begin formulating a plan for preventing similar attacks moving forward.
Social Engineering Based Attacks
Social engineering refers to any attack that involves manipulating people into giving up confidential information or granting access to sensitive areas of the network. With more employees working remote than ever before, these attacks will likely only continue to increase in 2021.
One thing you can do to help safeguard your workers and your digital assets is run regular cybersecurity training that educates your employees on how to spot potential social engineering and know who to report possible social engineering attacks to.
In its most basic form, phishing involves using a fake identity associated with a trusted person or institution (such as your boss or your bank) to trick victims into handing over sensitive information (such as passwords or credit card details), downloading malware onto their computer, or visiting a website that contains malware.
An alarming report by OpenText found that one in five respondents had received a phishing email related to COVID-19. Work from home has dramatically increased the number of emails individuals are sending and receiving, with the average survey respondent receiving 70 emails per day (up 34% from 2019). More emails mean more attack opportunities since having to deal with more emails on a daily basis takes its toll, increasing the brainpower necessary to differentiate between legitimate correspondences and fraudulent requests.
Malware & Ransomware
Malware is one of the broadest terms related to cyberattacks and refers to any form of malicious software designed to harm a computer or prevent users from accessing their systems or files. This harm can include stealing sensitive information, but also deleting or encrypting data, monitoring the user’s activities without their knowledge or consent, or hijacking core computer functions. Common forms of malware include worms, spyware, viruses, and Trojan horses.
Ransomware is a subset of malware that involves the attacker locking a victim out of their computer and refusing to return control unless the ransom is paid.
One of the simplest steps you can take to protect your organization against malware and ransomware is to keep your computer software up to date. When software manufacturers discover flaws in their programs that leave their customers vulnerable, they release patches, tiny programs designed to address the issue and close the gap. However, you are only protected by these patches if you download them.
You should also ensure that old, unused software (sometimes called legacy apps) are removed from your network. This prevents attackers from using old, out of date software that you no longer use to gain access to your network. If you are no longer using a program, it’s unlikely you are checking it regularly to ensure it is up-to-date and includes any security patches released by its manufacturer. Depending on how old the software is, the manufacturer may not be keeping it up to date either, which means any vulnerabilities in that software haven’t been patched.
Healthcare & Finance Industries Likely to Experience More Frequent Attacks
Finance has always been a tempting target for attackers, but the recent pandemic has also increased the number of attacks targeting healthcare organizations.
From February to April of 2020, attacks against the financial sector increased 238% globally, with ransomware attacks growing nine-fold in the same period. The primary attack vector for those ransomware attacks was phishing emails.
Attacks involving financial institutions traditionally targeted customers, with attackers using tactics such as creating look-alike banking websites or using phishing emails that appear to originate from the bank in an attempt to trick users into providing login information. However, attackers have recently begun to shift their strategy to the financial institutions themselves instead of consumers and looking for security holes in payment systems (such as point of sale software) and stock markets. This trend has also seen attackers shift their attention to mobile devices, targeting alternative payment systems such as Apple Pay and Google Pay in order to steal users’ credit card information or use fake or stolen credit cards to purchase items through these apps.
According to a new report by Black Book Market Research, data breaches in the healthcare industry are likely to triple in volume in 2021. Of the 2464 security professionals interviewed across 704 healthcare provider organizations, nearly 75% of health system, hospital, and physician organizations included in the survey reported that their infrastructure was unprepared to respond to attacks.
This number is incredibly disconcerting, particularly since the study also revealed that 90% of health and hospital employees now working remote because of COVID-19 were not provided with updated security guidelines or training on accessing sensitive patient data from home.
This disturbing revelation comes as healthcare cybersecurity and IT infrastructure has become more complicated in the face of the pandemic, with security departments scrambling to keep up with the demand for remote services from patients and physicians while simultaneously keeping the surge of security risks at bay.
Many healthcare organizations understand how unprepared they are on a cybersecurity front and are turning to trusted third parties like Bird Rock Systems to provide managed services that have been tailored to the needs of the healthcare industry or help them recruit qualified professionals to fill any open security roles.
Remote Workers Will be Increasingly Targeted
Another big trend to watch for in 2021 is increased attacks on remote workers. Between the increased number of emails presenting new attack vectors, the rise in scams offering fraudulent stimulus checks, and the fact that organizations may not be prepared to best safeguard their remote employees and the sensitive systems and data those employees are accessing via under secured home networks, the forecast for 2021 is grim.
Remote work has caused many in-person events and meetings to be repurposed as webinars and video calls. Attackers are taking advantage of this shift and will likely continue to do so as long as the pandemic. The number of fake Zoom invites, particularly those that rely heavily on scare tactics by pretending to be quarterly reviews or “crucial” all-hands meetings with HR and payroll playing on the fear of layoffs, have risen sharply over the course of the pandemic.
Another common video conferencing scam involves sending potential victims emails claiming their Zoom or other video conferencing account has been suspended and needs to be re-activated or that they missed a critical meeting that needs to be rescheduled. Both forms of this scam are designed to get unsuspecting users to download malware onto their device or steal your video conferencing platform credentials. Stealing your username and password for one video conferencing platform also gives attackers an idea of what other username and password combinations you may be using (particularly if you use your work email address to log in to multiple work-related products and services).
Concerned about What 2021 Will Bring? Bird Rock Systems is Here for You
One of the best things you can do to safeguard your organization is to partner with security experts who have the skills and knowledge you need. Bird Rock Systems has specialized in assessing, building, and managing enterprise information security for more than 16 years. Our extensive engineering experience has allowed us to develop a wide range of rock-solid security strategies that can be tailored to respond to your evolving business needs and challenges.
Bird Rock Systems is a leading provider of cybersecurity services. We’re able to tailor our security specialties to address emerging threats and manage risks. Businesses of all sizes are confident relying on Bird Rock Systems to help protect their most sensitive and valuable digital assets. Our team includes security subject matter experts that specialize in addressing the risks of today and preparing for the threats of tomorrow.
If your organization is concerned about the rapidly emerging security threats 2021 is poised to bring, please contact our team today. Our experienced team is here to help you prepare a readiness plan that is modern, responsive, and forward-thinking.
Stay in the Know on Changes in the Channel
Our once-monthly newsletter is curated for people working in the IT industry. Get your copy today.
Yes, Security is Still Important a Year into the Pandemic
As we mark the first anniversary of the COVID-19 pandemic, remote work and remote learning have both become the norm. Unfortunately, this shift to remote learning brings with it a myriad of cybersecurity concerns that need to be addressed in order to keep your...
Opportunities Being Created by the Biden Administration’s IT Infrastructure Push
President Joe Biden plans on investing $10 billion in US IT infrastructure and security as part of his proposed $1.9 trillion COVID-19 relief plan. In the wake of the devastating and far-reaching SolarWinds attack, it has become clear that the United States needs to...
Starlink is Now Offering Internet Service Across North America (& What That Means for the Future of Broadband)
Having access to fast, reliable, and affordable broadband has become essential, particularly during the ongoing global pandemic. However, according to the FCC’s Eighth Broadband Progress Report, 19 million Americans (approximately 6% of the population) still lack...