2020 hasn’t been a nice stroll in a park in the field of cybersecurity either. Luckily, organizations are increasingly acknowledging cyber threats, and preparing for them. We asked some experts what is going to be under the spotlight in 2021.
Dave Hatter: Zero-Trust
Dave Hatter is a cybersecurity consultant at intrustIT.
Mobile device security will be a rapidly growing product category because more people are using mobile devices more regularly, and for more purposes, making them an attractive and often insecure target. New attacks will also spur this category.
Cybersecurity spending will continue to increase as cybercrime continues to rise in frequency, damage and cost, and because of new laws like GDPR and CCPA that have harsh penalties.
Zero Trust networking will slowly but surely become more important than traditional perimeter-based network defense as more people work remotely. Microsoft wrote “Traditional perimeter-based network defense is obsolete—transform to a Zero Trust model“.
Internet of Things (IoT), aka “smart” devices, will be an ever larger privacy and security dumpster fire as IoT vendors rush insecure products to market and consumers purchase ever more of these devices and connect them to the same networks that they use for work with little concern for how to configure them properly or how to keep them secure.
Spear phishing will surge thanks to automation and the ongoing success of these attacks.
5G vulnerabilities will be exploited, and thanks to the speed 5G brings to the table, more attacks will be launched from IoT devices.
Thanks to the COVID-19 pandemic forcing many to work remotely, attacks will continue to focus on remote workers. In some cases, attackers will use the insecurity of these environments to build crime hubs and botnets.
Multi-factor Authentication (MFA) will continue to gain traction as people see that any account without MFA will be hacked.
Ransomware will get even worse with larger ransom demands and larger impacts thanks to nasty new malware and data exfiltration.
Harley Geiger: Politically motivated cyber attacks will stay mainstream
Harley Geiger is Director of Public Policy at Rapid7.
The United States is firmly in a new era of political discourse in which cyber espionage, sabotage, and disinformation have a growing impact. This will certainly not end with the 2020 election. Many attacks are seemingly designed to undermine confidence in American societal cohesion and democratic processes, rather than change the outcome of a single election cycle. As a result, the need for strong cybersecurity practices is increasing for lesser-known organizations that affect politics on a more local level, extending well beyond national campaigns, government agencies, or traditional targets of for-profit attacks. How media outlets and social networks report on and disseminate hacked material and cyber attacks (such as not rushing to attribution and declining to act as a force multiplier for attackers) will also continue taking on growing importance. While these patterns started before 2021, we should expect them from day one in 2021 through the year. Please prepare accordingly.
The key message is that people and organizations, regardless of partisan affiliation, associated with US politics and policy should take steps to secure themselves against politically motivated attacks and breaches. While this is not a new risk, we have seen breached materials — as well as questionable claims of hacking activity — take on increasing prominence in political discourse over the last half decade. The 2020 Hunter Biden and 2016 John Podesta breaches became major campaign issues, and the National Republican Congressional Committee suffered a significant breach during the 2018 midterm campaigns.
The FBI and CISA warned in October 2020 that Iran targeted voter registration data (with at least partial success) for the purpose of voter intimidation. Only a week ago, CISA warned that US policy think tanks are presently being targeted. There are many other examples of attacks and warnings — a pretty good list is available here.
While multi-factor authentication, strong network passwords, and secure backup are a good start, there is no single solution for organizations to prepare themselves due to the diversity of attack methods.
However, we believe all at-risk organizations should take basic defensive steps, as well as additional steps commensurate with their risk level. This problem is here to stay.
Bentsi Ben-Atar: COVID-19 will dominate in cybersecurity
Bentsi Ben-Atar works as chief marketing officer at Sepio Systems. After graduating from Tel Aviv University, he joined the technology unit of the Israeli Army Intelligence Corps. In 1998, he co-founded WebSilicon, which specialized in delivering advanced networking and security systems.
Although vaccines are being administered in growing numbers, 2021 will still be mainly dominated by COVID-19 related issues. The healthcare industry is fully aware of the fact that they are a highly sought-after target, but amid this pandemic there are far too many security gaps to fill.
With respect to cyber related threats, I believe that potential attackers will make significant efforts to disrupt this very challenging logistics operation.
I will not be surprised if a logistics center holding vaccines will be attacked by a special ransomware, taking control over its energy and cooling systems, and threatening to take them down if the ransom is not paid.
As these centers are on high-alert and disconnected from the Internet, I believe that such an attack will be manifested by using manipulated devices that are inserted through an internal abuser or even through the supply chain.
Additionally, other examples of possible threats could be data theft (mainly IP related), carried out by competing companies and state sponsored activities, or harvesting specific patient information, which could harm the clinical process… Imagine the effect of publishing the online list of patients that received a Placebo.
Jean Loup P. G. Le Roux: cyber weapons and skill gap
Jean Loup P. G. Le Roux is a cybersecurity expert.
Cloud-based threats are going to be super important. Because now we have cloud for everything. It’s going to be threats not only for the typical confidentiality aspect but also for availability. We’ve seen recently with G-Suit being down when all the organizations that rely on the cloud, and their productivity was down to zero.
Privacy is going to become a discipline. You have regulations and legislations around the world, and data privacy is becoming a discipline, and it’s going to require separate skills from traditional cybersecurity. There’s some overlap but it’s not going to be the same people who can do typical cyber and privacy.
We are still going to need humans. You’ve seen a wave of ransomware attacks. This is going to get worse, probably. The way to counter this is again humans – your best line of defence. Investing in training, awareness campaigns, the typical phishing tests — all of that is still pertinent. You can put as much technology as you want, but humans are still a central piece of the game.
Cyber weapons are going to proliferate and are going to be basically out of control.
That’s a new trend. They used to be restricted to very few people basically, well-controlled by public ministries. Now you have private actors building cyber weapons that are not regulated. We’ve seen an example recently, when the Mexican cartels gained access to some Israeli military grade cyberweapons.
IoT, OT (operational tech), and ICS (industrial control systems) are going to be subject to more attacks. One of the aggravating factors is that 5G is going to connect more things together. You have internet-connected smart sex toys now, and we’ve seen attacks on them. If that kind of product is subject to attacks, all other internet-connected things are going to become a subject as well; the attack surface is going to increase.
Following the push by COVID-19 to remote work, many companies were not prepared to have so many people working remotely and doing pretty much everything remote from home. From a network perspective, they were not ready to have so many people connected to a VPN, they were not ready for so many things to be done out of the corporate network. We’re transitioning to zero-trust network access. We are going to get rid of much of the perimetric approach. It started disappearing by everything going to the cloud. We are going to assume that the network can’t be trusted. We are going to put remote workers in a big bucket, in a big network zone, which we won’t trust, because they will be travelling, accessing from their 4G modem, uncle’s home, etc. That’s going to put more emphasis at the control at data level. We will protect the data itself. It means that we will have to do better cryptography, better data protection.
The skill gap is going to stay an issue. There’s a paradox. I’ve been hearing for the past decade that we need more brains, more talents. We are still facing the gap. Universities have tried to increase the number of graduates but we are facing the same gap. And it’s still very difficult to crack the cybersecurity industry. To become an expert in cybersecurity you basically need to be an expert in cybersecurity.