2021 will also be a year of no normality. The consequences of the global pandemic are going deep into the mindset of the society, changing also the landscape of cybersecurity trends. In Logstail, we want to discuss the top cybersecurity trends for 2021 in order to inform the companies and organizations and help them to take the appropriate measures to protects their assets. Let’s begin!
We have already uploaded a blog article to inform you about the new teleworking reality from the beginning of the pandemic. The businesses are still continuing to shift their workforce to more flexible means of work from home models. The problem with this situation is that the attack surface also rapidly changed. The malicious users are taking advantage to exploit the new threat landscape by various means. New social engineering targets, new phishing attacks targeting users who are striving to adapt to the new situation. Email, phone calls, text messages, various forms of scams related to Covid-19 (masks for example) have seen a dramatic increase during last year. And for those who love numbers, cybercrime as a whole has increased by 600% since the beginning of the global pandemic!! The solution to mitigate the problem is to work in a secure environment, secure devices with strong passwords, keep computers, mobile devices, and software updated, use Virtual Private Networking (VPN) to connect to the organization’s resources, use two-factor authentication (2FA) to protect our online accounts and regularly take a backup of your work. Also, don’t forget to read our article!
Ransomware is a very dangerous situation. Users click on a malicious URL and get compromised by installing ransomware. The result is that they end with their valuable data being encrypted and only the malicious user has the key to decrypt the files. The next step for the malicious user is to communicate with the victim and demand payment, usually in the form of cryptocurrency (more often Bitcoin).
These types of attacks can become really dangerous if they target a sensitive domain like healthcare. There is a confirmed case where a hospital in Germany was infected with ransomware and eventually locked out of their systems, being unable to treat their patients. This situation resulted in a patient losing their life because of this unavailability of services. The pandemic is also contributing to this unwilling situation. People who are remotely working may not be security savvy, leaving their computers unprotected from sophisticated attacks. Because do not forget that in order to work from home, you need to use a VPN (Virtual Private Network) software, which virtually brings your device to the internal network of your company. So now your computer is vulnerable to attacks targeting your company.
The simple solution to get protected is to always keep a backup from your work. But as obvious as it seems, many companies fall victims. In a survey of a group of information security professionals, half of them admit that their organization is not adequately prepared to successfully mitigate a ransomware attack.
Supply Chain Attacks
We have recently highlighted the importance of software supply chain attacks in today’s world in our blog. A software supply chain attack is an attack when a threat actor is able to change the code of third-party software that an organization or an individual is using. The tricky point here is that the compromise and implant of malicious code are accomplished before the software is delivered to the company target. And the potential methods can vary like hijacking software updates or update servers, injecting malicious code into legitimate applications, or injecting malicious code into third-party code libraries. And once they gain a foothold in the organization, they are leveraging the compromised software to steal confidential data, gain access to a network and perform nefarious activities. These attacks have a tendency to target specific organizations, and for this reason, when they are successful, we read about them in the news. In other words, the attack is accomplished by a Nation-State Actor or Advanced Persistent Threats (APT). Everyone has heard about the infamous SolarWinds attack which has brought global attention to the need for businesses to make cybersecurity a top priority in 2021. We are convinced that supply chain attacks will continue to pose a significant threat to organizations during 2021. One way to mitigate these attacks is by implementing Zero Trust Architecture, which is a relatively new approach.
Monitoring, SIEM, SOC
Security Monitoring is becoming a necessity. Not only OWASP which has recognized logging and monitoring as a top security risk but also the reality of the threat landscape brings Security Monitoring to the foreground. In Logstail we often highlight this reality not only because of the nature of the service we provide but also from the feedback that we get from our customers.
Security Incident and Event Management (SIEM) software and Security Operation Centers (SOC) are great tools to mitigate the security monitoring problem, but they are complex tools that need experienced personnel to offer their full potential. If they fine-tuned, they can provide real-time monitoring, detection, and response, eventually providing the organization a holistic approach to cybersecurity.
SIEM can centralize, correlate and provide alerts by collecting events from log files coming from the devices of the organization. In other words, they can provide a comprehensive situation awareness in cyberspace, otherwise impossible if someone would try to do it manually.
SIEM is more accessible today than they were in the past, because of the use of cloud services and of course because of the necessity for its existence and the constant drive to push security down to Small and Medium Enterprises (SME).
Critical infrastructures and Smart Grid are the backbones of any nation. An incident has the potential to paralyze a society. And of course, the bad reputation that will follow for the victim will have a negative impact. The official list of critical infrastructures or Operators of Essential Services in Energy, Transport, Banking, Financial market infrastructures, Health, Water, and Digital infrastructures. These domains are the first priority for every nation in order to become cyber resilient. But if something is valuable, then it will attract a variety of threat actors, from sophisticated hackers to Nation State-sponsored actors.
That’s why we observe that often the conflict has moved from the physical domain to the cyber domain. The countries which invest in their cybersecurity are those that can protect their citizens in the event of a serious cyber attack.
And it is not only the public sector but also the private companies. Transportation, construction, and energy companies are all very attractive targets for hackers because they have a lot to gain. Also as they move almost all of their services and activities to the digital domain, they open the door to cyberattacks. This trend will significantly increase in 2021.
In Logstail we are concerned about the continuous rise of cyber threats in 2021. Malicious actors are becoming more sophisticated in their quest to compromise systems and gain unauthorized access. We are offering the full range of services required to effectively mitigate these types of attacks. Incident response and consulting, penetration testing, and red team operations, are altogether aiming to help our customers mitigate their cyber incidents.
And on top of these, we offer to our customers our brand new platform! Our cloud-hosted solution with advanced features brings the functionality of centralized monitoring to your hands. Convert your data into actionable insights and maximize the performance of your infrastructure or be notified of potential problems and take the appropriate actions. Sign-up for a free demo in order to realize the power of Logstail!