As the end of 2020 draws closer, it is imperative for both organizations and individuals alike to reflect and gear up for cybersecurity and cybercrime in the new decade. Organizations and individuals should consider new and innovative approaches, but most importantly, a pro-active and deliberate approach that’s deliberately directed to identify, capture and neutralize threats is essential. Considering the frequency and sophistication of hacking and ransomware attacks in 2019, not to mention, the pandemic and urgent adoption of remote learning by organisations around the world – skilled resources and smarter measures should be of consideration in the new decade.
For this reason, I distilled 30 independent reports dedicated to cybersecurity and I have compiled the 7 most interesting projections in this article.
Internal/External Sabotage – The global proliferation of IoT (Internet of Things) and connected devices, usage of public cloud, PaaS (Platform As A Service), and IaaS (Infrastructure As A Service) greatly facilitates business and enables rapid growth. Concomitant, and often unnoticed, is the increase in an organization’s external attack surface. As you cannot protect what you don’t know, the vast proportion of these digital assets are not properly maintained, monitored, or protected in any manner. The situation is exacerbated by rogue mobile apps, fraudulent, phishing, and squatting websites, detectable by properly implemented domain security monitoring that now starts paving its road to popularity among cybersecurity professionals. As organizations upgrade their IT and leave behind a trail of obscure digital unknowns, whether in-house or external, the easier and faster it is to break in. According to CSO Online by IDG, 61% of organizations experienced an IoT security incident in 2019.
Compliance Fatigue – The mushroomed regional, national, and transnational regulatory and political climate may exacerbate compliance fatigue among cybersecurity professionals. 2020 may just be the year when current cybersecurity compliance begins to erode and start its rapid downfall. In light of the slow judicial system on one side, and insufficient cybersecurity skills and scanty budgets on another, cybersecurity professionals may start flatly disregarding the wide spectrum of superfluous regulations. Thankfully, in the UK, GDPR data subjects are empowered with a bundle of rights to control their personal data and its life-cycle.
Third Party Breaches – In 2019, many businesses displayed a high level of proficiency and specialization by concentrating all available resources to attain excellence in a particular market, playing ti their strengths. To achieve this, they outsourced most of their secondary business processes to skilled suppliers and experienced third-parties, thereby reducing costs, increasing quality, and accelerating delivery. Cybercriminals are well aware of this low-hanging fruit and will continue to purposely target this weakest link to get your data, trade secrets, and intellectual property.
Enterprise collaboration – According to ImmuniWeb, over 21 million of valid credentials were exposed on the Dark Web in 2019. The dark web is increasingly becoming popular and fashionably lucrative for rogue individuals and criminal enterprises. In 2021, we may witness new enterprise models and ways of working via the dark web. To this end, organizations may need to invest in understanding the dark web, and counter and mobile-based applications that deter or directly attack cyber-threats.
The Cloud – In July 2019, the world media reported a breach of Capital One, being presumably the largest data breach within the US financial sector and affecting approximately 100 million individuals in the United States and 6 million in Canada. Reportedly, the attacker exploited a mis-configured AWS S3 bucket to download extremely sensitive data that was left unattended. There are already signs that suggest that cloud mis-configuations will expose millions of records in 2020 and beyond. In 2020 and the foreseeable future, cloud security incidents will stay atop of data breach root causes. Furthermore, we are yet to experience an attack on the cloud providers and applications such as One Drive and Google Drive and many trusted brands for that matter. Will cybercriminals exploit this trust in 2021?
Password reuse and Phishing – Even if the passwords found or purchased by the attackers on the Dark Web are invalid, they provide a great wealth of ideas for ingenious social engineering campaigns, facilitate phishing and smart brute-forcing attacks. There are already creative and innovative methods being exploited within certain industries, e.g. fingerprint scan, and facial and voice recognition. But, even if many organizations finally managed to implement a consumable Identity and Access Management (IAM) systems, with strong password policies, MFA, and continuous monitoring for anomalies, few external systems are included in the safeguarded scope. Such grey-zone systems range from SaaS CRM and ER Such grey-zone systems range from SaaS CRM and ERP to elastic public cloud platforms. According to DBIR, phishing was responsible for 32% of data breaches and 78% of cyber espionage in 2019.
Ecommerce and targeted-ransomware – According to IBM, the average time to identify a breach in 2019 was as high as 206 days. Still, even worse, such attacks are infrequently detected both due to their sophistication and lack of skills amid the victims, eventually being suddenly reported by security researchers or journalists and flabbergasting the data owners. 2021 will see a significant increase in organized ransomware activities under the umbrella some sort of support or professional service. They are often deployed through Trojans (through an email attachment) and they are extremely difficult to detect or prepare for.
History has shown that the period from the moment when an attack is launched to until when it is detected has the most devastating impact. Organizations and individuals should consider new and innovative approaches, but most importantly, a pro-active disposition, deliberately directed to identify, capture and neutralize cyber-threats before manifestation.