Cybersecurity Threats to Lookout for in 2021 (H2)
3 Layers Technologies have Partnered with CYBOWALL to Provide Their Clients AI-based Threat Detection to Combat Emerging Cyber-Attacks
The fact that the technology landscape is constantly changing isn’t a new phenomenon, but it’s certainly been taken to new heights in the last year. The word “disruption” adequately describes the experiences of countless organizations amid COVID-19 – no one could have predicted its impact on business, technology and cybersecurity. Here, we’ll analyze the emerging threat landscape that’s come as a result, and what cybersecurity trends pose the most risk in 2021 and beyond.
1. The Effects of Remote Working
As a result of the social distancing measures put in place to combat the coronavirus pandemic, around 50% of the population worked from home over the course of 2020 – and that number looks set to continue as the world continues to combat the virus in 2021. There is no doubt that remote working has a range of benefits for both employees and their organizations – but it’s also an issue for cybersecurity. when employees work from home, devices no longer sit within the boundaries of a well-defined perimeter. This means that existing network security controls such as firewalls are unable to provide the same level of protection.
2. Cloud Breaches
It is also true that the Covid-19 pandemic caused many businesses to alter the way they work and switch to cloud-based solutions. Just as with remote working, moving to the cloud can be a major positive – however, doing it too quickly and not taking the time to get the details right can leave your business vulnerable to cyber-attacks.
Many organizations simply did not have the kind of IT expertise to manage this kind of migration effectively, and this leads to misconfigurations and other issues that can leave systems with security weaknesses.
3. IoT Attacks
By observing the system, criminals find weak links in the processes. For example, a company might be using an automated invoicing tool, which could itself be vulnerable.
A growing number of businesses and organizations are implementing Internet of Things (IoT) applications and devices to enhance customer service, capture data and manage internal infrastructure.
The problem here is that many IoT devices are not designed with security in minutes.
4. Attacks on Business Processes
Not all vulnerabilities that businesses need to be aware of relate to applications – in fact, in 2021, cybercriminals are increasingly finding weaknesses in the process flow of business operations. Here the cybercriminals take advantage of operational weaknesses in the system for financial gain.
5. Brute Force Frustrations
The attackers behind many cybersecurity trends recognize the potential of distributed denial-of-service (DDoS) in bringing down corporate networks. The second half of 2020 saw a 12% uptick in DDoS attack efforts, especially those using the simple services delivery protocol (SSDP) and the simple network management protocol (SNMP).
By using botnet swarms, attackers were able to amplify IP requests and overwhelm enterprise networks, in turn slowing response times or entirely sidelining services. SNMP exploits are even more worrisome since this protocol connects and manages common corporate devices, including modems, printers, switches, routers and servers. Compromise of SNMP services puts attackers largely beyond the reach of firewalls and exposes all enterprise services to risk.
6. Fileless Frameworks
Fileless malware and ransomware attacks continue to plague entities in 2021. These threats are designed to bypass familiar detection controls and infiltrate key systems by ‘living off the land’ — using approved platforms or software tools that already exist within corporate networks.
This approach allows attackers to get around common detection methods that scan for malicious file attachments or catalog the creation of new files. What’s more, the use of existing system tools means malicious actors don’t have to design their own attack framework. That decreases the time required for malware development. Attackers in 2021 are likely to use fileless malware to compromise service providers rather than specific groups. Afterward, they can use their existing infrastructure to attack downstream clients.
7. Social Engineering & Cryptocurrency
In an attack that uses social engineering, not only the technology is at focus. Social engineering targets the human aspect. Phishing is a prominent example of it. Social engineering can occur in any form sensitive information can be gathered – In an email, face to face or even via a phone call.
Sim swapping is an attack where the bad actor gains access to the SIM card from the victim. Due to clever social engineering, the mobile carrier is tricked into thinking that the bad actor is the real customer.If successful, the bad actor gets the control of the SIM card and receives the text messages and phone calls. This attack is also used to gain access to social media accounts or cryptocurrency wallets.
8. Polyglot Files
Polyglot malware isn’t limited to the web. In a case, a malicious JAR file was appended to the end of a windows installer file (.MSI). Security solutions that rely on the Microsoft Windows code signing validation can be bypassed with this – source.
9. Identity Theft in COVID-19 Times
In the United States alone, the number of identity theft cases has doubled from 2019 to 2020 according to a blog post by the Federal Trade Commission (FTC). The FTC received roughly 1.400.000 cases of identity theft in 2020. There were lots of repeated cases of cybercriminals who target people that are affected by the COVID-19 pandemic financially.
Cybercriminals abused the government unemployment benefits meant for jobless people affected by the pandemic. The fraudsters filled claims using information from other people. There were 12,900 reports about identity theft regarding unemployment benefits in 2019. In 2020, there were 394,280 cases. That’s a surge of over 30.000%!
10. Deepfakes, Not Just for Fun
With the use of artificial intelligence (AI), an image or video of a person is taken to display an activity that didn’t happen. This is known as a deepfake. While deepfakes can be fun and amusing, they have a decidedly dark side and are a threat to be taken seriously.
Thinking of online identities, deepfakes could be used to fraudulently verify an identity or even creating accounts on behalf of another person. The technology has also been used to create fake videos of celebrities in compromising situations. As technology usually gets more sophisticated over the years, we believe that the quality of deepfakes will do so as well.
How to Combat Emerging Threats?
With so many threats coming at us from every which way, you need a robust cyber security solution who can detect and stop attacks in its tracks. Cybowall is a non-intrusive, agentless solution that continuously monitors your network across all protocols and extends to all endpoints. It combines multiple cybersecurity tools and capabilities in one solution to monitor and protect IT networks in real-time, detecting and reacting to threats as they arise, providing a unified defense platform against a continuously evolving threat landscape.
Using its Attack Hunter, Cybowall uses machine learning to detect and autonomously learn new attacks by clustering together a series of IOCs into a static super-class event – GIOC. That allows the Attack Hunter to filter and correlate massive amounts of alerts into few designated cyber-attacks. It uses consistent datasets that are better suitable for machine learning AI algorithms to detect and learn new attack.
To learn more and to book a demo click here.