Blog Cyberthreats Targeting Organisations and How We Can Protect Against Them
By null / 4 Mar 2021 / Topics: Virtualization Data center Digital transformation
In 2021 and beyond, cybersecurity experts predict that cybercriminals will find new and innovative ways to attack businesses and individuals. Find out how you can protect against evolving cybersecurity threats.
What was the driving force behind your organisation’s digital transformation in 2020? Was it your CEO, CIO, CTO or CISO? Or, was it COVID-19? The pandemic notably pushed a massive shift toward remote workforces for organisational survival. Many businesses had to embrace the cloud to empower their end users with anywhere access to data and resources.
However, with increased cloud reliance comes a greater risk of data exposure. No matter how advanced defenses get, attackers’ methods and means seem to get more sophisticated.
Throughout 2020, the COVID-19 pandemic created something of a new playground for hackers. In response, many organisations began to reassess parameters like identity security, ransomware, supply chain, data loss prevention, endpoint protection, social engineering and more. A greater focus was also placed on enhancing their cybersecurity program execution and fast-tracking digital transformation initiatives.
In 2021 and beyond, cybersecurity experts predict that cybercriminals will find new and innovative ways to attack individuals, their homes and devices. Hackers will exploit vulnerabilities found in the gaps between people, their devices and the corporate network.
Some of the key items that can pose a significant threat to an organisation are:
- Threats inside the organisation
- Social engineering attacks
- Known and unknown vulnerabilities for line of business applications
- Ransomware
Again, there are numerous threats that can cause significant impact to an organisation’s security posture and the key to success is to educate your end users and create awareness across the business. Remember, human resources are the first line of defense against cyberthreats.
Insider threats
Insider threat is one of the greatest drivers of security risks as a malicious actor from inside the organisation utilises credentials to gain unauthorized access to an organization’s critical assets or data. The more mobile and remote a workforce is, the more likely that an employee may cause an accidental breach by opening a phishing email or giving away their credentials without thinking.
At the same time, workers themselves might see ways to benefit from the wealth of data that they can now access without the same type of supervision. Verizon’s data breach report found that insider threat cases now account for about 30% of breaches and other security incidents. The threat from malicious insider activity is an increasing concern and will continue to be so in 2021.
Social engineering attacks
Social engineering, a non-technical strategy that relies on human interaction and often involves deceiving people into breaching standard security practices, will also increase in the new year. In fact, Microsoft reports that social engineering attacks have jumped to 20,000–30,000 a day in the United States alone. Criminal groups are gaining monetary success with their social engineering attacks as they tend to improve their engineering techniques and procedures.
Social engineering attacks like spear phishing, phishing or fraudulent communications that use personal information to gain trust and coax employees into sharing sensitive data, will only become more prevalent and dangerous. End-user training is the key to prevent and minimise the threat surface.
Vulnerability exposure
Every year, thousands of new vulnerabilities are discovered that require organisations to patch their operating systems and line of business applications — and reconfigure their security settings across the network. Any endpoint connected to the internet is exposed to internet-facing vulnerabilities.
Organisations with ineffective and outdated cybersecurity posture are at risk as the days are gone when endpoint detection and response solutions along with perimeter defenses were sufficient to do the job.
In addition to these practices, businesses will need to implement vulnerability management to effectively identify, categorise, prioritise and resolve vulnerabilities in an operating system, line of business applications, web browsers and end-user applications.
To prepare and address known and unknown vulnerabilities, consider these best practices from the Cybersecurity & Infrastructure Security Agency (CISA):
- Perform regularly scheduled vulnerability scanning and establish a patching policy.
- Implement strict password controls.
- Use two-factor authentication
- Enable Network Level Authentication (NLA) and disable Server Message Block v1 (SMBv1).
Ransomware on the rise
Ransomware attacks are controlled by skilled, adaptable criminals who are usually motivated by financial gain, and spend weeks, months or even years identifying and overcoming organisation defenses to maximise the impact of their attacks. Cybercriminals are commencing to concentrate resources on more lucrative targets as opposed to spray and pray. Ransomware will get worse with new twists, data stealing prior to encryption, malware packaging with other threats and very specific targeting.
Additionally, there are three main entering points that can be leveraged to penetrate a device or system:
- Email phishing
- Social media phishing
- Exploit kits
All three mechanisms are focused on convincing the user to click a malicious URL or download malicious content. The only way to protect against human-operated ransomware attacks is to identify suspicious links, continuously scan for vulnerabilities, keep software up to date and ensure your organisation has a strong cybersecurity posture with an adequate cybersecurity awareness program for end users.
Proactive approach to cybersecurity
In the coming year, more attacks will occur on home computers and networks, with bad actors even using home offices as criminal hubs by taking advantage of unpatched systems and architecture weaknesses. The rush to “cloud everything” will cause many security holes, challenges, misconfigurations and outages. With a more proactive security strategy in 2021, organisations can incur fewer breaches, identify security events faster, and minimise attack damages more effectively and efficiently than those who wait for trends to take root.
Embracing cybersecurity practices in advance can help your business gain strategic advantage, differentiate itself from the competition and shift from a reactive to a proactive cybersecurity state of mind.
Here are some of the basic and relatively inexpensive ways to protect against cyberattacks and improve security:
- Firewall
- Password-less authentication
- Cybersecurity frameworks
- Multifactor authentication
- Vault to store secrets
- Full-disk encryption
- Geo-fencing
- Information security programs
- End user awareness
No one is invulnerable to breaches, but we can all take precautionary measures to improve cybersecurity for our organisations.
About the Author:
Riaz Javed
Lead Architect
Riaz is a technology evangelist experienced in cloud architecture and security, currently working as a lead architect. His technical proficiency is followed by years of consulting experience, advising both internal and external stakeholders/customers locally and internationally on strategic technology selection and adoption, along with delivery of solutions across a range of business units. Riaz also speaks at community forums and IT conferences, including Microsoft Ignite, IT/Dev Connections, Collab365, SharePoint Saturday, European SharePoint Conference, Modern Workplace Conference, SharePoint Conference, aOS and more. Riaz has been awarded Microsoft’s Most Valuable Professional (MVP) Award for his contributions to Microsoft Azure and Office Apps & Services.
