The global economy is in a slump. But believe it or not, now could be a good time to invest in technology priorities. Here are the cybersecurity trends in 2021 that you should prepare for today.
You may already have streamlined processes. You had certain technology tools and systems in place to get things done. It all was working fine. Yet 2020 brought many challenges to the way business functions. The technology you relied on in the past may not be the best answer to your current business needs, especially when it comes to protecting your business data.
You might have been putting off cloud migration, as most of your employees worked onsite, or you resisted remote working out of concern that employee productivity would suffer. Perhaps your business didn’t want to secure a “Bring Your Own Device” workplace. Well, 2020 and the COVID-19 pandemic changed that for most of us.
Now, you need to rethink how your employees report for work. You could be facing any of 2020’s familiar challenges such as:
- a server that could support your teams overburdened by remote workers;
- a reliance on email document exchange causing difficulties with version control and accountability;
- not having enough software licenses to accommodate employees working from home;
- employees lacking the technology to get work done offsite;
- securing those ‘BYOD’ devices – and being aware of those devices.
Businesses need to act now to address their new technology needs in 2021. Keep reading to learn more about the potential cyber threats we are facing today and will continue to face in years to come.
Stepping Up Your Cyber Game
Some businesses are struggling to keep their doors open. Others are waiting out the current situation to see how things shake out. Then there are those that are rolling the dice and betting on a rebound. Improving cybersecurity can be a foundation for future business success.
Plans may have already been in place to invest in a SIEM or endpoint protection platform. Continuing the digital transformation journey, when everyone is adapting already, could make sense. Reduce negative impacts by making the change while employees are working remotely.
Your business may also invest in data backups and disaster recovery solutions. Didn’t have business continuity plans in place? You’ve likely realized their importance now. These plans prepare your business for data breaches, ransomware attacks, power outages, or natural disasters. Contracting for cloud data backup pays off when you can recover quickly and cut damage done.
Starting a partnership with a managed security service provider (MSSP) is also helpful. An MSSP (like Cybriant) gets to know your business and its systems and needs. We can help identify opportunities for greater efficiencies in your overall security plan.
Cybersecurity Trends 2021
2020 has proven to us so far that we can predict what will come next year, but based on what we’ve experienced this year so far, here are our best predictions on the cybersecurity trends in 2021.
#1. Coronavirus May Still Be Around
Security teams already have enough to worry about with COVID-19 sending everyone home to work. Too bad cybercriminals are such opportunistic creeps: they’re even taking advantage of the global health pandemic to scam the unsuspecting.
Cybercriminals are nimble crooks who capitalize on current events. As soon as there is a fresh news story or angle for their attacks, they adapt quickly. Right now, they’re taking advantage of the coronavirus. As businesses change the way they work, bad actors see an opportunity to find new entry points. They’ll try any means to phish for sensitive data, breach systems, or deliver malware.
#2. Cybersecurity Skills Shortage
Remember all the reports that stated that the cybersecurity skills gap will widen to 3.5 million positions by the year 2021? Well, they were right!
A recent study from (ISC)2 claimed the global security workforce needs to increase by a staggering 145% to cope with a surge in hiring demand. In Europe, this has come particularly in smaller companies with one-99 employees, as well as those with over 500 employees.
Unsurprisingly, over half (51%) of cybersecurity professionals said their organization is at moderate or extreme risk due to staff shortages.
This is the #1 reason to consider outsourcing some or all of your security needs. Here are 9 Unique Reasons to Outsource Cyber Security Monitoring.
#3. Cyberattacks using Artificial Intelligence (AI)
Hackers are outpacing many organizations when it comes to the technology and hacking techniques used to attack them. Hackers can mimic human behavior with AI. At Cybriant, we fight back by using AI and computer learning tools to stop any attacks prior to their execution. We use static and dynamic AI protection to detect, mitigate, remediate, and roll back based on any potential attacks.
Our MDR service is an integrated state of continuous detection and remediation. Learn more here: https://cybriant.com/mdr/
#4. Supply Chain Compliance
If you are a Department of Defense contractor, you have definitely heard about CMMC – Cybersecurity Maturity Model Certification. While the initial implementation will be within the Department of Defense, it’s possible that they could be used as an example for the rest of the government suppliers.
There are still many questions about CMMC. If you work with any third-party suppliers and you hold the DoD contract, it may be worthwhile to have a conversation about your CMMC plan. Learn more here: https://cybriant.com/cmmc/
#5. Phishing Emails
Email remains the number-one means of a cyberattack. Cybercriminals are increasingly sophisticated and always motivated. Today, companies from any industry of any size can face a targeted threat.
Whether it’s a phishing attack or a malicious attachment, these bad actors prey on human nature. They’ll target your staff’s heightened fear and desire to help or tap into the near-Pavlovian response to urgency or a “steal of a deal.” Right now, they’re looking to benefit from worldwide anxiety about the coronavirus pandemic. While businesses grapple with remote work processes, cybercriminals find new weaknesses.
The fact remains that your employees will click on phishing emails, no matter how much training you force on them. We highly recommend MDR plus security training. It’s like the net for tightrope walkers – there to save you just in case you slip up.
#6. The Nigerian Price is Back
Scams aren’t new; it’s a matter of how they’re packaged. In the past, a Nigerian prince wanted to send you millions. Now, many governments are giving out money in the form of economic stimulus payments. The scammers leaped right in. Scam emails ask for bank information to pay relief funds directly, or the emails request other personal data you don’t want to reveal to a criminal.
Fake bank, telephone, or insurance company phishing emails are another problem. These ask for personal and financial information, lure the user into opening malicious links or attachments, or seek remote access to the user’s device. Emails impersonating healthcare organizations are also common. The CDC, WHO, and other healthcare organizations aren’t reaching out directly.
Downloading a “Safety Measures” pdf or the like could introduce malware or take an employee to a malicious site. A fake virus tracking app is set up to deliver malware. The ”COVID19 Tracker” app infects a device and demands $250 in Bitcoin. Emails offering fake news about someone infected in the area are another tactic. Sometimes, cybercrooks target businesses with a communication saying there’s a shipping problem caused by COVID. Saying a package is held up, the email encourages clicking on a malicious file or link to remedy the problem.
Hackers are even gaining access to corporate email addresses or relying on a close approximation to fool the busy reader. Then, they send links or attachments promising to outline company coronavirus policies. Often, these will ask the user to log in to view the necessary documentation. If the user doesn’t question the communication, bad actors capture employee’s access information.
Training is important, but hackers have gotten really, really good at these types of emails. MDR is your best bet.
#7. 5G Cybersecurity Concerns
5G is the fifth generation of mobile networks and technologies, providing remarkably fast speeds that are set to help consumers, businesses, and government.
CISA Director Christopher Krebs wrote in a recent report that he saw 5G development as the “single biggest critical infrastructure build the world has seen in 25 years,” highlighting the need to build security into a system that will support essential services.
“Given 5G’s scope, the stakes for safeguarding our networks could not be higher,” Krebs wrote. “The vulnerabilities that will come with 5G deployment are broad and range from insider threats to cyber espionage and attacks from sophisticated nation-states.”
“Now more than ever, trust in our services and the underpinning equipment is paramount,” he added
#8. Quantum Computing
In October 2019, researchers at Google announced to great fanfare that their embryonic quantum computer had solved a problem that would overwhelm the best supercomputers. Some said the milestone, known as quantum supremacy, marked the dawn of the age of quantum computing. Read more.
Whether this was actually “the dawn of the age of quantum computing” or just a benchmark in quantum computing’s rich history, the fact remains that quantum computing is constantly being developed and researched and could be a real possibility in the near future.
According to American Scientist, Cybersecurity researchers and analysts are rightly worried that a new type of computer, based on quantum physics rather than more standard electronics, could break most modern cryptography. The effect would be to render communications as insecure as if they weren’t encoded at all.
Fortunately, the threat so far is hypothetical. The quantum computers that exist today are not capable of breaking any commonly used encryption methods. Significant technical advances are required before they will be able to break the strong codes in widespread use around the internet, according to a 2018 report from the National Academies of Sciences, Engineering, and Medicine.
Still, there is cause for concern. The cryptography underpinning modern internet communications and e-commerce could someday succumb to a quantum attack. To understand the risk and what can be done about it, it’s important to look more closely at digital cryptography and how it’s used—and broken.
#9. Ongoing Election Concerns
To say the 2020 Presidential Election is making news globally would be putting it lightly. Nation-state attackers are gearing up and preparing their tools.
According to a Gallup poll in February 2020, 59% of Americans say they are not confident in the honesty of U.S. elections. Read the full report here. Perhaps it is just media hype causing this posture. However, plans have been in place since 2017 to improve the voting scenarios for 2020.
The Department of Homeland Security’s top election security official, Chris Krebs, ticked off a slew of accomplishments during an address at an online version of the annual Black Hat cybersecurity conference. They include an extensive cybersecurity testing program for state and local election offices and digital sensors that can alert DHS about hacking attempts at thousands of county election offices.
“It’s night and day compared to what existed in 2016,” Krebs said. He said he’s confident that “2020 will be the most protected and most secure election in modern history.”
We can only wait and see….and prepare. Recorded Future posted five reasons we should be concerned about ransomware during the 2020 Election.
#10. Cloud Security & Cloud Jacking
Cloud security has been a concern since “the cloud” was created. It’s an incredible platform especially since it can grow at the pace of today’s digital business, but it also creates some of cybersecurity’s greatest challenges.
What is Cloud Jacking? Cloud Jacking or Cloud Hijacking is a way that even a novice user uses a simple automated exploit script and takes complete control of your cloud infrastructure.
An example of this in action is found within the world of botnets in which an existing series of compromised computing resources are used to create an exploit map of the cloud. Source
According to the 2020 Sophos Threat Report, they state that misconfigurations will drive the majority of incidents. And of course, if the right (or wrong) administrator’s computer is even briefly infected with credential-stealing malware, it’s possible that administrator’s API key or cloud computing management credentials will be stolen and leveraged to perform further attacks, using the cloud instance managed by the admin.
Take a look at what recently happened with AWS. KnowBe4 announced a lesser-known variety of Amazon-themed phishing emails that are focused on business accounts rather than personal accounts. This sub-genre (for lack of a better term) of Amazon-themed phishing targets the Amazon AWS accounts of organizations (as opposed to the personal Amazon accounts of individual users).
AWS accounts are potentially attractive targets for bad actors as they could contain a wealth of exploitable data. Compromised AWS accounts could also be exploited by criminals who would have their own need for a robust, reliable cloud computing services platform. That such a platform might come free of charge only sweetens the pot.
#11. More Ransomware Strains
Not too long ago, we reported on the top ransomware threats in 2020. Cybercriminals use the current ransomware threats and build on them to make them even more powerful.
Cybersecurity Ventures has predicted that, globally, businesses in 2021 will fall victim to a ransomware attack every 11 seconds, down from every 14 seconds in 2019. That figure is based on historical cybercrime figures. It is estimated that the cost of ransomware to businesses will top $20 billion in 2021 and that global damages related to cybercrime will reach $6 trillion. Yes, that is with a “T.” Source.
With the enemies that are creating bigger and better tools, it makes sense to prepare for the future.
Prepare Now for 2021
We typically recommend taking it back to the basics – People, Process, and Technolgy when creating your security strategy. Our team uses the NIST Cybersecurity Foundation for any and all technology decisions – and we recommend this foundation to our clients as well.
We have found that most threats fall under 4 main categories – advanced persistent threats, compromised endpoints, poor patch management, and technical vulnerabilities. Our PREtect service covers all these threats in one simple service. PREtect includes 24/7 managed SIEM, Managed Detection and Remediation (MDR), and Comprehensive vulnerability management. These three services cover the first four levels of NIST CSF – including Identify, Protect, Detect, and Respond.
Learn more about PRetect here: https://cybriant.com/pretect/
Now is also the perfect time of the year to schedule your security risk assessments, mobile security risk assessments, penetration tests, etc. Learn more about our assessment services here.
Security Training for All (Plus MDR)
People are the core of your business success. At the same time, they can also represent a real security threat. According to Experian, only 45% of companies have mandatory cybersecurity training.
Yet your staff needs to understand the many ways in which they can put your business at risk. IT can’t be the only team making cybersecurity a priority.
In educating employees about potential cybersecurity issues:
- Impress the importance of caution and questioning the source of any communication with links or attachments. Hovering over URLs can show where the link leads. Grammatical and spelling errors are often a red flag, too.
- Require the use of MDR and consider 24/7 monitoring
- Explain why you have an acceptable-use policy. Talk about what could happen if they decide to download that one app from the Web to their work device.
- Warn them about installing random USB drives hoping to connect the stray device to its owner. Dropping thumb drive devices is a common way cybercriminals gain illicit access.
- Emphasize the importance of physical security, too. A stolen unencrypted laptop or someone accessing an on-site computer can lead to a breach.
- Provide them with a way to report suspicious emails, communications, and potential compromise.
Even after you’ve taken the above advice to educate employees, there are still risks. Some of these emails are very convincing. People are busy, working fast, tired, and overly trusting. Additionally, these particular scams are targeting our preoccupation and fears around the coronavirus. It only takes one bad click to breach your system, which is why we highly recommend an MDR service.