2020 has been a year of learning for businesses on many levels. From enabling global remote practically overnight to switching to cloud-based applications and infrastructure – the list of learnings has been long. But none have managed to make quite a dent as much as the dramatic rise in malicious attacks on cloud and on-site networks. If anything, 2020 has been the year of the pandemic as well as large-scale, well-publicized security breaches.
According to RiskBased, just the first half of 2020 saw nearly 36 billion records exposed in data breaches. Verizon showed that 45% of breaches involved hacking, 17% were malware-based and 22% were phishing attacks. Suffice to say that the need for comprehensive cybersecurity planning and management has never been quite this palpable.
The financial cost of data breaches is only the tip of the iceberg with IBM estimating the average cost to be around $3.86 million in 2020 with an average lifecycle of around 280 days from identification to containment. Even a minor breach can leave businesses with exposed sensitive information that can leave users vulnerable to identity theft, financial damage, ruin the reputation of your business and leave you liable for compliance violations. Companies like IT Support Vermont can help businesses locally to adjust to the quickly changing cyber-attack landscape to try and adapt their technologies, processes, and policies.
Cybersecurity threats are only expected to evolve and grow increasingly difficult to identify and eliminate. So, without further ado…,
Here is our list of 7 Cybersecurity Threats Enterprise IT Should Watch Out for in 2021:
- Work-From-Home Attacks
Home environments are typically way less secure than corporate environments and mixing personal and business computing on personal devices can spell disaster for your company’s security. Targeting data center or enterprise employees through their home networks can provide easy access for attackers always probing for weakest points of entry. With a majority of the workforce expected to remain remote for the foreseeable future, companies are forced to provide anywhere, anytime access to data. It remains up to businesses to ensure the security of the data both in motion and at rest even as it remains highly accessible.
- Fileless Attacks and Living Off the Land
Living off the land (LotL) attacks, including fileless attacks, typically use the victim’s own computing environment to deliver the attack. This enables them to get rid of file-based payloads and generation of new files that can be tracked and eliminated easily. This is what makes fileless attacks very hard to detect through conventional detection and prevention methods, such as antivirus programs.
The attacks typically originate with mailed links to malicious websites wherein attackers use spoofing and social engineering tactics to infiltrate user systems. Cybercriminals can use system tools to access the system memory and retrieve and implement payloads.
- Attacks That Originate in the Cloud
Think traffic coming you’re your own company’s cloud is safer than traffic routed through the Internet? Think again. Hackers are increasingly looking to exploit traditionally ‘trusted sources’, such as, connections running between your cloud applications and on-premise data stores. Such breaches can lead to exposure of credentials, stolen resources for crypto mining, and more. Since the cloud infrastructures are typically outsourced, it takes time to detect these attacks on the targeted on-premise systems and identify breaches.
- Supply Chain Attacks – One word – SolarWinds.
Thanks to the sheer success and publicity of the hack, attacks against enterprise systems using their own technology providers are here to stay for some time. This presents a manifold security risk for enterprises as fixing loops in the supply chain is a long and difficult task as it involves protecting the business environment of not just their own infrastructure, but ensuring total compliance and security in the environments of all software providers, technology suppliers, contractors, managed services vendors, and other third parties feeding into their infrastructure.
- Mobile Device Attacks
We have noticed an increasing spate of malware attacks against mobile devices, whether they are embedded through app downloads, mobile websites, or the more conventional routes of phishing emails and text messages. These attacks typically result in the breach of personal information, location data, financial data, passwords and more.
- Management Layer Attacks
The management layer is the holy grail of attack sites against enterprises as it typically provides access to attackers across the system. The success of the SolarWinds hack could in fact be attributed to the attacker’s decision to go after the network management layer. This sets a dangerous precedent for follow-up attacks that can typically target anything from enterprise batch environments or backup systems.
- AI based Attack
Artificial intelligence, or AI, promises highly scalable solutions that can be fully automated and tailored top specific needs of users. Unfortunately for us, this applies to malware production and distribution as well. Attackers are beginning to move away from traditional one-person attacks to try and use AI to automate phishing attacks by learning about personal behaviours of their targets. AI can create highly sophisticated and virtually untraceable malware; phishing emails, build exploitative software development kits, discover novel ways of corporate network penetration and more.
Deepfakes are nother worrisome trend of AI-powered attacks. Deepfakes typically use a mix of machine learning and artificial intelligence (AI) techniques to manipulate existing footage (such as, images or video) to made-up contexts, such as, build a seemingly real photograph of a person existing in a time and place that they actually have never been. Deepfakes can be used to penetrate frauds through synthetic identities, and many illegitimate organizations are even starting to offer deepfake-as-a-service.
Navigating evolving security risks through 2021 and beyond is set to be one of the most critical business challenges facing organizations across the world and comprehensive cyber security strategies must be at the forefront of all business decisions. After all, the best defence against malicious attacks is a good offence and typically it costs only a fraction of the immense losses resulting from data breaches and failure to protect sensitive information entrusted to your business.
If your current IT vendor is not up to the task of handling the enormous security challenges facing your business, consider reaching out to Cloud Services Vermont to find an IT partner who has the knowledge and resources to provide comprehensive security for your business.
About Steve Loyer:
Steve Loyer is the president and CEO of Tech Group, LLC., an IT Support Vermont company. With over 25 years of sales and service experience in network and network security solutions, Steve has earned technical and sales certificates from Microsoft, Cisco, Hewlett Packard, Citrix, Sonicwall, Symantec, McAfee, Barracuda and American Power Conversion. Steve graduated from Vermont Technical College with a degree in Electrical and Electronics Engineering Technology. Recently he wrote a blog on Why You Should Outsource Cyber Security Services.