During a year in which the global health crisis brought immeasurable change to our personal and professional lives, it has been hard to determine which has spread faster — the coronavirus itself or the cybersecurity threats that attempt to exploit it. Analysts say cyberattacks have increased by 600 percent since the start of the pandemic as malicious actors seek to capitalize on widespread fear and uncertainty.
Expect more of the same in 2021 as cyber crooks continue to refine techniques for exploiting diminished security practices in a work-from-home world.
Remote workers are inviting targets because they lack many of the digital protections that exist in a secure office environment. According to one recent study, 85 percent of CISOs admit they sacrificed cybersecurity to quickly enable remote work on a mass scale.
Remote workers have been particularly vulnerable to increased incidence of ransomware. New research from Check Point finds that ransomware attacks in the U.S. have doubled in the past three months and now claim a new victim every 10 seconds!
Remote operations will remain the No. 1 attack vector in 2021, and some analysts predict attacks on remote workers will rise by 40 percent or more next year. That’s why securing the remote workforce should be the top priority for cybersecurity professionals during 2021.
Following are some of the threats likely to dominate the security landscape:
Automated hacks. Threat actors are increasingly using AI and ML to accelerate attacks on networks and systems. ML engines are trained with data from successful attacks. In a recent experiment, researchers set up a honeypot — a server for a fake online financial firm — and exposed usernames and passwords in a dark web market. As researchers monitored the fake site, a single automated bot broke in, scanned the network, collected credentials, siphoned off data and created new user accounts so attackers could gain access later. The bot accomplished all of this in only 15 seconds.
Ransomware-as-a-Service. Threat actors are increasingly offering ransomware and the infrastructure to deploy it through a cloud-based subscription model, making it simple for anyone to launch an attack. These services can be acquired through the dark web for about $50 a month. A new Booz Allen Hamilton report says cybercriminal groups are planning to create venture capital organizations that would finance the development of malware, tools and frameworks for sale on the dark web.
Edge attacks. Edge computing is a decentralized computing architecture featuring a series of “micro” data centers that bring data processing and storage closer to the user to improve response times and conserve bandwidth. Lacking the security features of traditional data centers, these edge centers are vulnerable to being hijacked by botnets for use in distributed denial-of-service attacks.
ML/AI poisoning. Machine learning (ML) and artificial intelligence (AI) systems learn to make decisions by analyzing data and finding patterns. In poisoning attacks, malicious actors inject false data into ML or AI programs to confuse the pattern-recognition algorithm. This could be used to circumvent security measures, steal data, compromise networks and undermine AI systems.
NTP hacking. The Network Time Protocol (NTP) is an Internet protocol that synchronizes computer clock times between networked systems. Attackers can use spoofed synchronization packets to disrupt time-dependent services such as database transactions, email communications, scheduled data backups and order processing.
Threat actors are continually refining their tactics for circumventing security measures and infiltrating networks. That’s why organizations must remain continually vigilant. Give us a call to learn more about emerging threats and the steps you can take to protect your data, your users and your business.