Cybersecurity Threats to Lookout for in 2021 (H2)

3 Layers Technologies have Partnered with CYBOWALL to Provide Their Clients AI-based Threat Detection to Combat Emerging Cyber-Attacks

As of early 2021, 3 Layers Technologies, a value-add service provider focusing on Network Security, Optimization, and Cybersecurity, started marketing and reselling CYBOWALL to clients in the Philippines region.
Read More

Utilizing SOC Automation to Enhance Threat Detection

The goal of SOC automation is to augment the SOC team to speed up the time from detection to remediation. Most SOCs face a lack of manpower which makes it overwhelming, if not impossible, to handle the number of alerts the SOC sees each day. By automating aspects of the SOC, the SOC team can...
Read More

Can AI Solve the Lack of Manpower & Expertise in Cybersecurity?

The use of  Artificial Intelligent (AI), and Machine Learning (ML), can help improve security by increasing the volume of data that can be analyzed - a particularly powerful aspect in threat detection. This would undoubtedly reduce the likelihood and impact of cyber events. Once deployed correctly, AI and ML
Read More

User & Entity Behavior Analytics (UEBA), Explained

User and Entity Behavior Analytics, or UBEA, uses large datasets to model typical and atypical behaviors of humans and machines within a network. This means that UEBA...
Read More

Ballsiest Hacks of 2021 (so far…)

As you’ll see in this article, even successful companies like Facebook, LinkedIn, and Twitter that have deep pockets to hire top industry talents and invest in adequate cybersecurity technological solutions, are vulnerable to the rising trend of data breaches.
Read More

Top 10 Innovations in Cybersecurity

The shortage of skilled security personnel, complex compliance requirements, incessantly evolution of cyberattacks, and perilous insider threats continue to be the most prominent ongoing cybersecurity challenges. In this article, we will discuss the recent innovations that aim to solve these challenges.
Read More

Midsized Israeli Organizations Are at High Risk of Cyber-Attacks

Recent events show that one in every five businesses in Israel is experiencing cyber-attacks, but the organizations that are hit the hardest are midsized businesses. The reason for it being that they rarely invest in full-stack cybersecurity protection, and as such are having difficulty recovering from such breaches. Hackers find small businesses to be easy prey as they have minimal defenses that can be easily broken into.
Read More

The Benefits of AI in Combating Cybersecurity Threats

with automated techniques to generate whenever cyber threats are detected, offloading ongoing work from SOC Operators / Analysts.
Read More

Matrix IT Will Market Cybowall Security

Matrix IT has teamed up with Cybowall - an Israeli cybersecurity start-up that provides an end-to-end, AI-based, information security solution against cyber-attacks and monitoring for network breaches. Matrix Software Products division will market Cybowall's security solution amongst its customers starting from July.
Read More

Cybersecurity Threats to Lookout for in 2021 (H2)

The word “disruption” adequately describes the experiences of countless organizations amid COVID-19 - no one could have predicted its impact on business, technology and cybersecurity. Here, we’ll analyze the emerging threat landscape that’s come as a result, and what cybersecurity trends pose the most risk in 2021 and beyond.
Read More

The fact that the technology landscape is constantly changing isn’t a new phenomenon, but it’s certainly been taken to new heights in the last year. The word “disruption” adequately describes the experiences of countless organizations amid COVID-19 – no one could have predicted its impact on business, technology and cybersecurity. Here, we’ll analyze the emerging threat landscape that’s come as a result, and what cybersecurity trends pose the most risk in 2021 and beyond.

1. The Effects of Remote Working

As a result of the social distancing measures put in place to combat the coronavirus pandemic, around 50% of the population worked from home over the course of 2020 – and that number looks set to continue as the world continues to combat the virus in 2021. There is no doubt that remote working has a range of benefits for both employees and their organizations – but it’s also an issue for cybersecurity. when employees work from home, devices no longer sit within the boundaries of a well-defined perimeter. This means that existing network security controls such as firewalls are unable to provide the same level of protection.

2. Cloud Breaches

It is also true that the Covid-19 pandemic caused many businesses to alter the way they work and switch to cloud-based solutions. Just as with remote working, moving to the cloud can be a major positive – however, doing it too quickly and not taking the time to get the details right can leave your business vulnerable to cyber-attacks.

Many organizations simply did not have the kind of IT expertise to manage this kind of migration effectively, and this leads to misconfigurations and other issues that can leave systems with security weaknesses.

3. IoT Attacks

By observing the system, criminals find weak links in the processes. For example, a company might be using an automated invoicing tool, which could itself be vulnerable.

A growing number of businesses and organizations are implementing Internet of Things (IoT) applications and devices to enhance customer service, capture data and manage internal infrastructure.

The problem here is that many IoT devices are not designed with security in minutes.

4. Attacks on Business Processes

Not all vulnerabilities that businesses need to be aware of relate to applications – in fact, in 2021, cybercriminals are increasingly finding weaknesses in the process flow of business operations. Here the cybercriminals take advantage of operational weaknesses in the system for financial gain.

5. Brute Force Frustrations

The attackers behind many cybersecurity trends recognize the potential of distributed denial-of-service (DDoS) in bringing down corporate networks. The second half of 2020 saw a 12% uptick in DDoS attack efforts, especially those using the simple services delivery protocol (SSDP) and the simple network management protocol (SNMP).

By using botnet swarms, attackers were able to amplify IP requests and overwhelm enterprise networks, in turn slowing response times or entirely sidelining services. SNMP exploits are even more worrisome since this protocol connects and manages common corporate devices, including modems, printers, switches, routers and servers. Compromise of SNMP services puts attackers largely beyond the reach of firewalls and exposes all enterprise services to risk.

6. Fileless Frameworks

Fileless malware and ransomware attacks continue to plague entities in 2021. These threats are designed to bypass familiar detection controls and infiltrate key systems by ‘living off the land’ — using approved platforms or software tools that already exist within corporate networks.

This approach allows attackers to get around common detection methods that scan for malicious file attachments or catalog the creation of new files. What’s more, the use of existing system tools means malicious actors don’t have to design their own attack framework. That decreases the time required for malware development. Attackers in 2021 are likely to use fileless malware to compromise service providers rather than specific groups. Afterward, they can use their existing infrastructure to attack downstream clients.

7. Social Engineering & Cryptocurrency

In an attack that uses social engineering, not only the technology is at focus. Social engineering targets the human aspect. Phishing is a prominent example of it. Social engineering can occur in any form sensitive information can be gathered – In an email, face to face or even via a phone call.

Sim swapping is an attack where the bad actor gains access to the SIM card from the victim. Due to clever social engineering, the mobile carrier is tricked into thinking that the bad actor is the real customer.If successful, the bad actor gets the control of the SIM card and receives the text messages and phone calls. This attack is also used to gain access to social media accounts or cryptocurrency wallets.

8. Polyglot Files

Polyglot files are a valid form of multiple different file types. A file can be both: Opened as image with an image viewer or run like JavaScript within the browser. This method is used in advertising fraud already. It could get worse once there are no more skills required to build such malware. Specialized services could offer the creation of such files in return for a payment – source.

Polyglot malware isn’t limited to the web. In a case, a malicious JAR file was appended to the end of a windows installer file (.MSI).  Security solutions that rely on the Microsoft Windows code signing validation can be bypassed with this – source.

9. Identity Theft in COVID-19 Times

In the United States alone, the number of identity theft cases has doubled from 2019 to 2020 according to a blog post by the Federal Trade Commission (FTC). The FTC received roughly 1.400.000 cases of identity theft in 2020. There were lots of repeated cases of cybercriminals who target people that are affected by the COVID-19 pandemic financially.

Cybercriminals abused the government unemployment benefits meant for jobless people affected by the pandemic. The fraudsters filled claims using information from other people. There were 12,900 reports about identity theft regarding unemployment benefits in 2019. In 2020, there were 394,280 cases. That’s a surge of over 30.000%!

10. Deepfakes, Not Just for Fun

With the use of artificial intelligence (AI), an image or video of a person is taken to display an activity that didn’t happen. This is known as a deepfake. While deepfakes can be fun and amusing, they have a decidedly dark side and are a threat to be taken seriously.

Thinking of online identities, deepfakes could be used to fraudulently verify an identity or even creating accounts on behalf of another person. The technology has also been used to create fake videos of celebrities in compromising situations. As technology usually gets more sophisticated over the years, we believe that the quality of deepfakes will do so as well.

How to Combat Emerging Threats?

With so many threats coming at us from every which way, you need a robust cyber security solution who can detect and stop attacks in its tracks. Cybowall is a non-intrusive, agentless solution that continuously monitors your network across all protocols and extends to all endpoints. It combines multiple cybersecurity tools and capabilities in one solution to monitor and protect IT networks in real-time, detecting and reacting to threats as they arise, providing a unified defense platform against a continuously evolving threat landscape.

Using its Attack Hunter, Cybowall uses machine learning to detect and autonomously learn new attacks by clustering together a series of IOCs into a static super-class event – GIOC. That allows the Attack Hunter to filter and correlate massive amounts of alerts into few designated cyber-attacks. It uses consistent datasets that are better suitable for machine learning AI algorithms to detect and learn new attack.

To learn more and to book a demo click here.