The start of 2021 has already been a rollercoaster, from the vaccine rollout providing light at the end of the tunnel, through to countries being thrust into new lockdowns. One thing is for sure, working from home is a norm that is unlikely to change in the near future, so it is imperative businesses learn from 2020 and update their threat models to address the new threat landscape.
Bitdefender’s business threat landscape report revealed that the “new normal” may have left businesses vulnerable to potential breaches, as they rushed to accommodate a remote workforce. From infrastructure misconfigurations to unpatched vulnerabilities and APT-hackers for hire, organizations had a tough year balancing workforce migration and changes in the threat landscape.
Let’s take a look at some threats which businesses need to take note of this year.
Home Networks and Remote Employees Regarded as Risks
There are a number of threats that came with the shift to working from home. Vulnerable, unpatched, or improperly secured home network devices, such as IoTs, routers and other personal devices, that now share the same network as work laptops, could potentially be used by attackers as gateways into an employee's home network.
Inadvertent transfer of sensitive information, over unsecured or unsanctioned channels (such as instant messaging apps, personal e-mail addresses and other cloud-based services) could also lead to potential data breaches and leaks. With employees potentially sharing access to work devices with other family members, the risk of inadvertent loss, tampering or sharing of sensitive data with unauthorized parties also poses a risk for organizations.
While it's crucial that businesses implement technical defenses and new security and operational procedures, companies also need to invest in their 'human' firewalls, and train them to effectively secure their networks and devices. Using employees as the first line of defense means providing additional guidance and instructions that will enable them to harden the security of their internet-connected home network devices, and even strengthen their ability to detect social engineering schemes, such as phishing or fraud, which might put the business at risk.
Capitalising on Trending Media Topics Through Phishing
The COVID-19 outbreak and work-from-home ‘new normal’ also served as a catalyst for the evolution of phishing emails. Traditionally, phishing emails were easy to spot because of typos, poor wording, and lack of authenticity. Only spear-phishing emails, which directly targeted specific individuals and organizations, were sophisticated enough to create a sense of legitimacy. However, when the pandemic hit, cyber-criminals focused on creating phishing emails that had none of these obvious flags. They now use reader-specific jargon, and even abuse legitimate logos of the organizations or companies they’re impersonating.
The continuing effect of the pandemic will also put additional strain on inboxes and spam filtering technologies. Many are still falling victim to COVID-themed malware and fraudulent offers, arriving by spam and phishing. Promising miracle alternative cures or revolutionary treatments, fraudsters are taking the opportunity to ask for credit card information, under any pretence, including the promise of a COVID-19 vaccine delivered to the victim’s door. Now more than ever, remote employees and internet users will have to exercise vigilance whenever they receive messages promising amazing deals, discounts, or exclusive information. Especially when made under some time constraint or implying potential punitive measures from inaction.
Supply Chain, Industrial Espionage and Advanced Persistent Threats
Threat actors will focus more on supply chain attacks rather than going directly after bigger targets. Similar to recent “cold chain” attacks on organizations that provide transportation for COVID-19 vaccines, or attacks on regulators that handle vaccine documentation, supply chain attacks will likely become more popular throughout 2021. Either for political or economic reasons, supply chain attacks may potentially affect even industry verticals that have rarely been hit by this type of attack in the past.
No One Wants to Repeat 2020
2020 was hard enough the first time around and although the world is moving in the right direction for recovery, there is still a way to go and lessons to be learnt. This year, we have experience on our side and the knowledge of how others recovered from potential incidents in 2020. So provided we’re willing to learn and adapt, we can plan and respond better.
Businesses must continue to batten down the hatches, strengthen their cybersecurity posture and gain visibility across their infrastructure. This will allow for timely identification of threats and keep potential attackers from causing irreparable damages. Security is often as strong as its weakest link, and identifying that link can make the world of difference in terms of business continuity. Training employees, augmenting existing security stacks with visibility tools, and even turning to managed detection and response services that can help with threat hunting can be part of your security strategy for 2021.