In 2020, we experienced a phenomenal rise in at-home workers and shoppers. Because of Covid-19, suddenly everyone worked, shopped, and socialized remotely. As IT professionals, we also experienced significant fear over the state of our end-user and mobile security. Suddenly, our top concerns involved end-user cybersecurity issues such as up-to-date malware protection, encryption, virtual private networks, password protection, and identity management.
The worry over remote access security is well justified, said TierPoint’s CSO Paul Mazzucco, because home-based workers often lack the layers of security that exist in office networks. That leaves organizations vulnerable to simple employee mistakes, such as clicking on malware attachments, exposing login credentials to a phish, or being taken in by bogus invoices. So, IT departments everywhere got a crash course in cybersecurity for remote workers.
A lot of other things happened in 2020, of course. Following is a review of the key cybersecurity threats, technologies, and trends from the year past.
Top 2020 cybersecurity threats
Following are the key cybersecurity concerns and technology trends in 2020:
Ransomware has been a top threat since 2017 and this year was no different. In fact, ransomware attacks increased 40% to 199.7 million cases globally in Q3 of this year. U.S. organizations suffered 145.2 million ransomware hits in Q3– a 139% increase.
This year also brought us more sophisticated ransomware. It used to be simple: encrypt a victim’s data and demand a bitcoin. Now, ransomware can lock up your entire corporate network, along with attached backups, and the perpetrators might threaten to sell your data on the Dark Web if you don’t pay up. They might sell it even if you do pay the ransom. Worse, today’s cyber-criminals can buy ransomware-as-a-service or as a pre-packaged kit. So, anyone from a novice hacker to an international crime gang can launch a ransomware campaign.
Cybercriminals use artificial intelligence (AI) to create smarter, faster, self-adapting attacks capable of learning to evade anti-malware and other security software, finding and stealing sensitive data, and remaining undetected for weeks or months at a time. AI is also used in crimes that depend on social engineering. The rise of deepfakes—or fraudulent videos, audio, and photos– is a good example. AI with machine learning has been used in business scams. For instance, AI can learn an executive’s voice—often taken from legitimate online podcasts or videos—and replicate it in order to trick a subordinate into transfer corporate funds to another account or wiring them to “the boss” in Nigeria. Deepfake technology can also convincingly modify photos and videos for nefarious purposes. Fortunately, AI can also help the good guys. Technological advances in AI and machine learning provide faster and more accurate threat detection capabilities.
Attack of the intelligent bots
The latest generation of “smart bots” use AI and machine learning to mimic human behaviors, including misspelled words and random mouse movements. This can enable a hacker to slip through a firewall and launch an application layer attack—the level that handles HTTP requests or SQL queries. Here are some of our thoughts on the rise of bots:
- The Next Generation of Bot Attacks
- Which Cybersecurity Threats Keep This CSO Up at Night—and Which Don’t
5G security risks
As 5G becomes increasingly available, CIOs and CISOs worry about the potential security risks of 5G networks. 5G architecture uses software-defined networking (SDN) to create multiple “slices” of bandwidth for different types of traffic. 5G also relies on short-distance transmission across a network of small base stations located on buildings, traffic lights, etc. Using both SDN and base station locations, a hacker could potentially target a base station close to a selected victim and identify traffic specific to that company. SDN also, however, enables more granular policy-based security, which can defend against such attacks.
Remote working risks
While not a threat per se, the boom in usage of collaborative applications is making it easier for criminals to access confidential data. Remote workers now use Zoom, WebEx, Skype, Slack, and various teamwork applications to share a variety of enterprise information, including recordings of private meetings. With so much sensitive information available in unsecured cloud applications, it’s no surprise that cybercriminals target them. Read our blog posts on remote workforce and cybersecurity:
- Adapting IT Services for a Remote Workforce: A COVID-19 Pandemic FAQ
- Managing Cybersecurity Tools for Your Remote Employees
The biggest cybersecurity priorities in 2020
End-user security moved to center stage in 2020 as remote and mobile work became the de facto standard—and is expected to be popular through 2021. The first security challenge that CISOs faced was ensuring that home-based workers had up-to-date anti-virus software and encrypted virtual private networks on their laptops and home desktops. They then moved onto other important end-user cybersecurity defenses, including multifactor authentication, identity and access management (IAM), and role-based access management tools. Adoption of these solutions increased in 2020.
- IAM authenticates all end users, devices, and applications before permitting them access to IT systems.
- Role-based access tools restrict end-user access rights and permissions, to limit the amount of damage that any one individual can do with stolen credentials. No single set of credentials should provide a hacker with the “keys to the kingdom.”
- Advanced cloud-based multi-factor authentication methods such as facial recognition and fingerprints also improve end-user security without overly burdening users.
Many IT departments partner with managed security services providers to improve their cybersecurity. IT departments are frequently ill-equipped to take on the work of evaluating, deploying, configuring, and integrating enterprise security solutions. Security services providers take on security tasks that are outside of an IT department’s capabilities, whether that’s monitoring network security, providing cloud-based security applications, conducting vulnerability testing, or managing all of a company’s security applications and processes. Security services providers typically have in-depth knowledge of the latest cybersecurity threats and technologies.
A security services provider such as TierPoint can help you craft a cyber-security strategy and evaluate, deploy, and manage cyber-security solutions. We provide proactive security services that include advanced detection and remediation technologies capable of protecting all your IT environments. Here are some of our thoughts on other trends in cybersecurity:
- A Strategy to Overcome Cloud Computing Risks
- What You Need to Know About Cloud Security Architecture
Bolster your cybersecurity strategy for 2021
Learn more about IT security technologies and strategic planning by reading our Strategic Guide to IT Security. Learn how TierPoint can help improve your IT security with IT security compliance and management services. Contact us to learn more.