If we've learned anything about cyberattacks in 2020, it's that nothing is off-limits and everything is fair game.
Every year is a worse one for cybersecurity. No matter how advanced defenses get, attackers’ methods and means seem to get more sophisticated.
2020, of course, was no ordinary year, and a spike in cybercrime that sought to exploit a crisis and disrupt recovery efforts truly tarred the blackhat industry as one where nothing is off-limits and everything is fair game.
Amid the strain of a global pandemic, continued attacks on hospitals and healthcare facilities took place, ransomware targeted the stalling education sector – including universities and high schools – and an attack was even detected targeting the cold supply chain of vaccination efforts.
For most businesses, the move to remote working brought heightened risk, with familiar on-premise IT networks exchanged for home wi-fi and personal devices.
As we roll toward a new year, independent cybersecurity and data privacy consultancy Bridewell Consulting issued six predictions that will impact cybersecurity in 2021.
As a result of the Covid-19 crisis, increased home and remote working, decentralized workforces, and outsourcing of skillsets are all contributing to a huge increase in connected devices. This in turn increases the number of risks associated with centralized data and infrastructures, as well as vulnerabilities around multiple access points. In 2021, cybersecurity will be even more difficult to ensure as the attack surface is bigger and the measures to implement and control security and data policies are often lacking in a remote environment.
A major concern is that we may start to see the first deaths associated with a cyberattack, as hospitals are stretched and attackers are continuing to target healthcare. The sector is particularly at risk due to the massive economic and operational impacts it is currently suffering – sadly we have already seen such a case in Germany. A homicide investigation was launched after a patient died in a Düsseldorf hospital that had its systems knocked by a cyber-attack. If this leads to a prosecution, it would be the first confirmed case in which anyone has died as the direct consequence of a cyber attack.
Another impact of remote working will be more organizations relying on IoT devices for measuring and monitoring processes. With the continued expansion of IoT, along with the rollout of 5G, cyber attackers will be relishing the growing opportunity to compromise systems and networks, as even more devices become connected to the internet. Organizations still need to adequately segregate insecure IoT and 5G-enabled devices from the rest of their network. In healthcare, for example, wearable IoT sensors enable remote patient monitoring, so unsecure devices could facilitate the misuse of sensitive patient data.
Despite these new threats, there are hopeful signs that the sophistication of defensive security will finally catch-up with its offensive counterparts due to new innovation and capabilities. Technical cyber-defense will still be of uppermost importance, along with the need to focus on detection of cyber-threats, not purely protection and prevention. Over the next year, there is likely to be an acceleration in the use of Cloud SIEM (Security Information and Event Management), with human-guided threat hunting, supported by machine learning-powered SIEM tools like Azure Sentinel, helping to uncover infiltrators before they access sensitive data.
„Is artificial intelligence less than our intelligence?“
This will be augmented by SOAR (Security Orchestration, Automation and Response) software programs that enable businesses to collect data about security threats, and automatically respond to low-level attacks. We also expect to see more use of UEBA (User and Event Behaviour Analytics) which uses machine learning and deep learning to model the behavior of users on corporate networks and detect behavior that could be the sign of a cyber attack.
Cybersecurity has been spotlighted by the World Economic Forum (WEF) as one of the biggest issues facing the aviation industry. The economic and operational impacts it is currently suffering mean this sector will be particularly at risk over the coming months. The most likely threats to aviation are from the same sorts of threats as other businesses, may they be phishing attempts, data breaches or ransomware. Although cybersecurity is being taken seriously in the boardroom, much work is still to be done to bolster aviation businesses cyber-defenses.
EC will continue to be one of the most financially damaging online crimes and one of the most popular methods for criminal groups to make money. BEC scams exploit the fact that so many of us rely on email to conduct business, both personal and professional. We’ve likely all been targeted by this kind of attack in the past – an email message that appears to come from a known source making a legitimate request, such as a supplier a company regularly deals with sending an invoice with an updated mailing address. Employees need to be constantly vigilant for this type of attack.
“During this period of high uncertainty across all sectors cyber threats are constantly evolving and with more people working remotely, the pandemic has only accelerated threats. Organizations need to be allocating more investment and resources to cybersecurity not decreasing it, as the strongest possible level of protection is more important than ever,” says Anthony Young, Director at Bridewell Consulting.