It’s a scenario that business owners dread. They hear from a member of their team that they clicked an attachment in an email, and now their computer is displaying a message telling them that their files are encrypted. Your company has been hit by ransomware, and you need to work extremely fast to stop a crippling outage.
Unfortunately, this is a story that plays out every day throughout the country, and there is no sign of the trend slowing. The Covid-19 pandemic has had a greater impact on work habits and security environments in the past year than any other crisis in memory. For cyber-criminals, the millions of people now working from home presents an excellent opportunity. According to new research by cybersecurity firm Nexor, U.K. businesses have lost over £6.2 million to cyber scams over the past year - with a 31% increase in cases during the height of the pandemic (May-June).
So, what threats can we expect to see for the year ahead? Will cyber criminals move their attention to new fields, or will they remain focused on capitalising from the pandemic? That remains to be seen, but we believe many of the cyber challenges faced by businesses in the wake of the pandemic will remain long after it is predicted to subside in 2021.
Based on research from security experts and our knowledge of the cyber security landscape, here are 5 cyber threats we believe will face the business community in the next 12 months.
Attacks on remote workers remain
To help prevent the spread of the virus, we saw a vast rise in the number of individuals moving from centralised office locations to their homes to work. This, in turn, has contributed to an increase in the use of remote work enabling technology, such as email, video conferencing, VPN and remote desktops (RDP). The trouble is, lots of businesses had never had their staff work in this way before so the transition had to be carried out quickly. Combining this with limited resources and experience meant they could not achieve an adequate level of protection. Sadly, both issues therefore created an expanding attack vector in which criminals understood the weak points and how capitalise on them.
In 2021, business leaders and IT departments need to recognise that these attacks on home workers will remain. Indeed, Bitdefender researchers agree and have also commented that securing remote workers will become a major focus for companies in the year ahead. In fact, it will be crucial as remote workers will continue to present a unique set of opportunities for bad actors: “Insufficiently secured personal devices and home routers, transfer of sensitive information over unsecured or unsanctioned channels (such as instant messaging apps, personal e-mail addresses and cloud-based document processors) will play a key role in data breaches and leaks.”
The cloud is a new attack field
Although attacks against cloud services were already happening, the amount of businesses quickly adopting and moving parts of their IT to the cloud has caught the attention of cyber criminals in 2020. For example, the National Security Agency released a statement in December warning that threat actors have developed new methods to leverage vulnerabilities in on-premises network access to compromise the cloud.
The threat on the cloud is expected to take flight in the next year, as more and more businesses choose to move all of their business processes to the cloud – a Gartner analysis of 2021 cloud priorities names “distributed cloud” as a future focus for the business environment which will have substantial security implications. Distributed cloud is the migration of business processes to the public and private cloud – or hybrid cloud. To help tackle the growing threats on cloud services, Gartner have said budget allocations to cloud security will double as businesses look to protect cloud buildouts in the year ahead.
Insider threats
In the past, ‘insider threats’ have been thought of as disgruntled employees who walk out with important, sensitive information in their bags. With so many staff now scattered across the country, and the ability to access documents and files from anywhere, the risk of this threat is drastically heightened. According to Forrester researchers, the remote working trend will drive an uptick in insider threats. In their 2021 predictions guide, they explain how 25 percent of data breaches are already tied to insider threats and in 2021, that percentage is expected to jump to 33 percent.
Perhaps more worryingly, Forcepoint, a US cybersecurity company have warned of an ‘insider-as-a-service’ model, which is expected to grow throughout the year. This is where organised recruitment infiltrators offer up highly targeted means for individuals to become trusted employees so they can gather sensitive IP. Myrna Soto, Chief Strategy and Trust Officer for Forcepoint explains: “These ‘bad actors,’ literally, will become deep undercover agents who fly through the interview process and pass all the hurdles your HR and security teams have in place to stop them”.
Best practices for insider threat prevention are always developing as the nature of threats evolve. And although nothing is ever fool proof, many experts from worldwide federal agencies recommend the implementation of an insider threat mitigation strategy. This they say can act as a powerful combatant to insider threats.
“The biggest threat will come from where you least expect”
– Myrna Soto, Chief Strategy and Trust Officer, ForcePoint
Inbox bullseye
Inboxes have long since served as a key area of vulnerability in the defence against cybercrime. However, phishing emails traditionally have been easy to spot because of typos, poor wording, or lack of authenticity. It was only spear phishing emails, a specialised type of attack whereby the email is fabricated for a specific person or organisation, that were sophisticated enough to be effective. Unfortunately, the pandemic and new ‘work from home’ normal has not helped, serving as a catalyst for the evolution of phishing emails. Cyber criminals have now moved their focus to creating mass phishing emails that lack typos, use reader specific jargon and abuse the legitimate logos the organisation they are hoping to appear as. What’s more – some of the most recent attempts have quickly leveraged popular topics in the media to prey on those feeling vulnerable. After declining in 2019, Symantec found phishing increase in 2020 to account for 1 in every 4,200 emails.
Looking to the future, attackers will most likely fine tune their messages but also mine information from company websites and social media networks to help with the success of phishing attempts. Researchers also warn that enterprises ought to expect a “major increase” in spear phishing attacks in 2021 – all due automation. “Cyber criminals have already started to create tools that can automate the manual aspects of spear phishing. By combining such tools with programs that scan data from social media networks and company websites, phishers can send thousands of detailed, believable spear phishing emails, with content customized to each victim.” explain Watchdog in a recent blog post. “This will dramatically increase the volume of spear phishing emails attackers can send at once, which will improve their success rate. On the bright side, these automated, volumetric spear phishing campaigns will likely be less sophisticated and easier to spot than the traditional, manually generated variety.”
Ransomware extortion continues
As more phishing emails hit the inboxes of individuals, even more ransomware payloads are going to be delivered. However, as we saw in 2020, many cyber criminals are moving their focus to a double extortion strategy. This includes stealing proprietary or data and threatening to publish it – as it can help maximise profits. Luckily for these bad actors, the technical barriers to pull these crimes off are lower than ever thanks to established players selling ransomware-as-a-service options. As you can imagine, this has helped in and will continue to super-fuel the explosion of double ransomware extortion.
In the first half of last year, the Maze group was responsible for about half of these incidents, but then they confirmed they were retiring. The trouble is, with Egregor, Conti and DoppelPaymer, there is no shortage of groups looking to fill this gap in 2021 and abuse the situation to target businesses.
How can you protect your business?
In the current climate, there is high uncertainty across all sectors, and with more people working remotely, cyber threats have only been accelerated. As we head through the next year, organisations must adapt their approaches to cybersecurity and data protection as cyber criminals continue to improve their technology and attack strategies. They must look to increase resource and investment to cyber security, not decrease it, as the strongest level of protection has never been more crucial regardless whether remote working is here to stay or not.
That’s where the help of a Managed IT Provider such as one from the entrust IT Group can help. We have a host of security solutions designed to protect against some of the most prevalent threats expected in 2021. For instance, all our cloud services are encrypted, including our flagship Hosted Desktop, an excellent solution for secure remote working, and Hosted Application products. We can also provide advice on and help implement the best antivirus and antimalware protection software that will help keep nasty phishing attempts and ransomware out of the inboxes of employees.
Finally, as security is extremely important to us as a group, we decided to obtain and maintain ISO 27001 accreditation. That is the international standard published by the International Standardization Organization (ISO), and it describes how to manage information security in a company. All of our UK based data centres have their own ISO 27001 certification as well, ensuring the best protection at all times.
If you think you could benefit from our help, why not get in touch with a member of the team on 0330 002 0045 or email enquiries@entrustit.co.uk. Many businesses who sought help in the height of the pandemic have already seen the advantages first hand of external help, ensuring their employees and business stays protected now and in the future.
Looking to become a cyber security champion? Our free guide to staying safe online can help with that – and it’s free! >>
