18 Mar Technical Threats to Watch in 2021
This blog post is the second in a 2-part series. To read part one, “Technical Trends You Can Expect to See in 2021”, please click here.
IT Security Threats to Watch in 2021
In 2020, there were some major hacks, truly clever and audacious intrusions, accusations of state sponsored incursions, etc. This will not change. As companies get bigger and more complex interconnection between operations, the easier it will become for vulnerabilities to appear and for hackers to exploit. Automated hacker toolkits will make it easier for them to identify points of incursion where they can maximise their efforts. Over 90% of all attacks that are successful involve users and their accounts, so there is no surprise that this is still the biggest single target for hackers.
So, where are key security threats going to be coming to us from this year?
Business Email Compromise (BEC)
This has been a great little earner for the hackers, on average 86% of businesses that were breached were carried through email attacks. CEO fraud, phishing and spam are the most common breaches that we see, whether for money or getting a poor, unsuspecting individual to click on a link, go to a site or pass on their credentials unknowingly.
This has been happening for what seems like forever and is constantly evolving. The shift nowadays is to expose the theft of company data on social media or threaten to give competitors or the public access to a company’s sensitive data if they do not pay. Hackers have cottoned on to the fact that most organisations have backup solutions that can mitigate the risk of common ransomware attacks and have shifted their posture accordingly. The UK is the second most targeted country in the world for ransomware attacks.
Additional attack vectors are emerging too, with DDoS (distributed denial of service) and IoT compromises leading the way.
Although not a classic threat vector, it can certainly lead to vulnerabilities occurring and increasing that risk or exposure. With a remote workforce, people get frustrated when systems don’t function as needed. They may try their own solutions, tweaks or something that will bypass the problem. Sometimes Support can exacerbate that issue, where privileged credentials are ‘lent’ to use elevated privileges for some reason. These credentials may, later, be used to circumvent other issues, without Support’s knowledge. Colleagues may also experience the same problem and the credentials are passed onto them. It is easy for privilege accounts to be handed around but without real knowledge of what this means. Forbes describes it as the threat that keeps on giving, citing that more than 5,000 personal devices connecting to corporate networks every day without adequate IT security controls… A figure that I think is on the low side.
Growth of Insider Threats
Shadow IT leads nicely into the growth of insider threats. Again, whether malicious or not, employees will always try to circumvent security to achieve something. Sometimes, it could be simply wanting to send an email that gets blocked. Trying several methods may prove successful. Having now found a gap, perhaps more sensitive information can be sent outside of the organisation without being detected.
High Profile Hacking
There will be a lot more high-profile attacks occurring in 2021, more state-sponsored attacks, and we could see some big-name companies take a severe hit or even go down. Not just because of the attack, but of the data, personal or otherwise, that is stolen. Lawsuits from both ordinary people, companies and even countries mean that insurance and GRC (governance, risk, and compliance) are crucial weapons in mitigating the costs of these attacks. It is truly hard to prevent a dedicated targeted attack, a robust remediation and accountability strategy must be taken.
So, to round out my ramblings, there is a lot within the IT security that hasn’t changed. The needs of the business are still the needs of the business, the threats are the same threats that we faced last year, with more bells and whistles. The key difference is where the businesses are running their operations now and how automation and intelligence will be used to exploit them.
Looking through the positives of this tragic pandemic, businesses have been forced to change. It has taken no prisoners; companies have had to adapt to a new way of thinking. Some were already there; some were on the journey and others hadn’t started. Apart from a few exceptional circumstances, all organisations are looking to the online services to support their business.
I go back to my original question; can you imagine if there was a world with no cloud services?
Simon King is the Head of Technical at Infinigate UK. Simon has brought 25+ years of security knowledge to Infinigate. He manages our Professional Services team, oversees Customer Support, and is the ISO for the Infinigate Group.