The sudden shift in telecommuting caught many organizations by surprise — and unprepared. This opened up many vulnerabilities in cybersecurity that many cybercriminals exploited and continue to attack. Technology company HP sees a wide range of security threats that will put companies at a disadvantage.
In its 2021 predictions, HP predicts that human-operated ransomware, thread hijacking, unintentional insider threats, business email compromise, and whaling attacks will see an increase this year.
“COVID-19 has weakened organizational security. Remote access inefficiencies, VPN (virtual private networks) vulnerabilities, and a shortage of staff that can help the business adapt mean data is now less secure,” said Joanna Burkey, chief information security officer, HP. “We can expect to see hackers identifying and taking advantage of any holes in processes that were created, and still exist after everyone left the office.”
Based on reports from various cybersecurity firms, ransomware increased significantly in 2020. This year, HP sees a continued trend specifically citing “ransomware-as-service attacks,” an evolution from taking data hostage to releasing data to the public.
HP said malware delivered by email, such as Emotet, TrickBot and Dridex are often a precursor to human-operated ransomware attacks.
“To maximize the impact of an attack, threat actors use their access to compromised systems to deepen their foothold into victims’ networks. Many crews use offensive security tools to gain control of a victim’s domain controllers, which are often the best point in a network to deploy ransomware,” said Dr. Ian Pratt, global head of Security for Personal Systems.
While large enterprises are likely the main targets because of the amount of data they possess, HP also said that the public sector also needs to be wary of this threat. The company warns of “double extortion” wherein threat actors may not fulfill its “promise” and still release any data in public even if a ransom was paid.
Phishing to whaling
“The most innovative mass phishing technique we see is email thread hijacking, which is used by the Emotet botnet,” Dr. Pratt said. The technique automates the creation of spear-phishing lures by stealing email data from compromised systems. This data is then used to reply to conversations with messages containing malware, making them appear very convincing.”
“Thanks to everything relying on strong authentication, as opposed to in-person presence, there is more opportunity for hackers to engage in social engineering to trick employees into divulging credentials.”
Because most communications are now done on the cloud and many people increased the urge to share anything, from trivial to crucial, on social media, cybercriminals now have a gold mine of potential victims. Business email compromise, for one, will become a major entry point since companies are using email extensively since work from home started. And now that the COVID-19 vaccine is available, cybercriminals will exploit people’s hunger for information to lure them into falling into social engineering tactics.
Hackers will tailor attacks to target specific verticals — in particular, critical infrastructure, pharma and healthcare, industrial IoT (Internet of Things), and education. One of the most at-risk verticals in 2021 will be healthcare.
“Healthcare has been a perfect target — society depends on it and these organizations are typically under-resourced, change-averse, and slow to innovate. Education also fits this criterion and could be another prime target,” said Justine Bone, CEO at MedSec.
However, this threat extends beyond hospitals and doctor’s surgeries into more critical areas. Pharmaceutical companies and research facilities will be at risk.
HP said that organizations now realize the potential of zero-trust security in organizations. Bone described zero trust as “the best defensive approach for enabling remote working. Quality authentication methods are a key enabler of zero trust, which is why technologies such as biometrics will be expected by end-users in the future.”
As the new work environment becomes more and more complex than before, a new innovative approach to cybersecurity is needed, according to HP.
“Hardware-enforced technologies like micro-virtualization are transparent to the end-user, this means they can click on email attachments and download files as they normally would, but are safe in the knowledge that if anything is malicious, it is rendered harmless,” Pratt said. “This protection-first approach leaves hackers with nothing to steal and no way to persist, helping organizations to deal with the variety of threats 2021 and beyond will throw at them.”