New Year's Eve is a lot of fun, sometimes too much fun (but hey, we're not pointing fingers!). Amidst all the holiday festivities, though, it can be easy to let your cybersecurity guard down. The new year is undoubtedly a time to celebrate, but it's also more important than ever to plan for how you'll deal with the changing threat landscape. We've got you covered with a selection of the top cybersecurity threats to be aware of in 2021, plus a few tips for preventative actions you can take to improve your organization's security standings.
Insider Attacks
Would you believe that more than half of security breaches are now caused by employees inside the impacted organization? It's true–not necessarily because these employees are determined to cause harm, but rather due to negligence. According to a report by DTEX, In 2020, we saw a 450% increase in obfuscation activities compared to 2019. 56% of the companies surveyed reported remote workers intentionally bypassing the corporate VPN to obfuscate activities. Within these incidents, a clear majority of the behaviors – 70% – were malicious, including at least one attempt to circumvent another security control to exfiltrate data without detection.
The growing threat is mainly due to an increasingly mobile workforce. Employees bring a diverse set of their own devices and smartphones onto the corporate network, especially during the pandemic.
Businesses of every size need to be aware of the potential insider risks in the year ahead. We highly recommend boot camp training for all employees to address the need for:
- Awareness of potential threats
- Protecting against inadvertent errors
- Guarding personal information
- Showing caution on social media
- Keeping software and security patches up-to-date
- Responding quickly to incidents
Simultaneously, though, while Dtex's respondents focused on inadvertent insider threats, respondents in an August 2017 SANS Institute study ranked malicious insiders as more threatening than negligent staff (40% compared to 36%).
The takeaway: develop and implement a security plan that addresses removable media policies, user privileges, malware protection, physical security, and more.
Internet of Things Vulnerabilities
This holiday season, kids used Google Home to call Santa, and Alexa ads peppered the airwaves. But will 2021 be the year bad actors take advantage of the increasing acceptance of Internet of Things (IoT) devices? While regulation efforts stall in the U.S., we can look to the EU's General Data Protection Regulation to see what success they have in enforcing IoT security.
In the meantime, the additional 5 million new IoT devices added daily, per Gartner, means an additional 5 million new security vulnerabilities each day. Factors include:
- Device manufacturers with little cybersecurity expertise
- Power and storage constraints limiting available security mechanisms
- Cumbersome update procedures
- Lack of user awareness
Since the IoT extends to vehicle manufacturing, medical devices, industrial operations, and many commercial uses, it's only a matter of time before an IoT event leads to leaked personal information or more dire consequences.
The takeaway: institute security procedures and policies that cover IoT devices and incorporate IoT security in employee training programs.
Cyber Criminals Take Over New Access Points
IoT devices aren't the only entry point ripe for exploitation by motivated cybercriminals. Chatbots are becoming increasingly popular, and our reliance on mobile messaging could provide fresh opportunities for bad actors to impersonate legitimate users and take over accounts.
It will only become more difficult for businesses to distinguish individual users from false bots or aggregated user profiles, and that's something to be vigilant about.
The takeaway: Businesses must work diligently to ensure their data remains secure and compliant with regulations, industry standards, and user privacy requirements. At the same time, procedures and protocols should be introduced to verify authenticity more proactively.
Want to set your organization up for a more secure 2021? Schedule your free RedTeam consultation, and let's talk through your unique security needs and challenges.
Bad Actors Deploy Big Data
Massive data breach announcements are becoming a regular fixture in the news cycle. In 2020, there were large-scale breaches of sensitive healthcare information, retail, social media data, and more.
It's far too likely that the breached Personally Identifiable Information (PII) data will become available on the dark Internet. This will enable sophisticated cybercriminals — leveraging Big Data algorithms powered by machine learning and artificial intelligence — to launch more detailed, focused (and thus convincing) social engineering and spear-phishing operations.
The takeaway: We pay a lot of attention to preventing data breaches, but a less complicated step is to ensure effective password use. Developing complex, individualized passwords should be par for the course.
Critical Infrastructure Is Tested
In October of 2017, the FBI and DHS warned of persistent threat activity targeting US critical infrastructure. The warning to energy, nuclear, water, aviation, and construction sectors highlighted the fact that there are many high-value targets for politically motivated attackers (as we demonstrated firsthand in our Hacking The Grid segment with Business Insider).
Power grids and manufacturing plantsa in Europe have already suffered attacks, and this may be the year the US sees its first significant cyberattack on critical operation facilities.
The takeaway: The digital ecosystem relies on critical infrastructure organizations effectively securing applications, networks, devices, and physical premises. Penetration testing to identify vulnerabilities and take protective action can make a big difference.
Looking to Get Rich on Ransomware
Cybercriminals aren't all going to be looking to reinvent the wheel. The success of ransomware attacks is likely to prompt a continuation of this form of attack. Healthcare entities remain one of the highest value targets, with patient data, insurance information, and payment details accessible in a single environment.
Access to less expensive artificial intelligence and machine learning will enable cybercriminals to conduct their attacks in more intelligent and automated ways.
The takeaway: Cyber threat detection and threat classification can also benefit from the same AI and machine learning tools. At the same time, it makes sense to plan for how your business will react to a scheme attempting to extract payment.
Rethinking Password Protections
It's not so much a threat, but another trend on the horizon could be the retirement of the single, complex password. In 2017, 81 percent of hacking-related breaches involved stolen or weak credentials. So it's not surprising to know that a more recent study in 2020 identified that this trend has NOT declined. Enterprises must take note that how network credentials are managed directly reflects overall security for their environments. Perhaps the year will mark the actual decline of the traditional password in favor of two-factor authentication, which would be a win for security forces everywhere. Some security experts even predict more organizations adopting behavioral biometrics for authentication.
Nevertheless, any shift in authentication practices will occur in lockstep with increasingly sophisticated attempts to subvert the security techniques.
The takeaway: Even as you could be considering two-factor, biometric, or infrared technology in your user authentications, don't let existing lax passwords leave your network open to bad actors.
The good news? With our ongoing focus on exposing cyber, social, and physical vulnerabilities and training you to detect, prevent, and mitigate, RedTeam will continue to stay abreast of the latest in cybersecurity and share the information you need to know to secure your networks, applications, people and facilities right here on this blog.
10-Point Offensive Security Checklist
Download Free Resource Download Free Resource