This post is also available in: עברית (Hebrew)
In 2021, remote working due to COVID-19 will require that organizations better secure their new distributed networks and cloud deployments to keep their applications and data protected, claims Check Point Software Technologies in its 2021 cyber security predictions.
This means enforcing and automating threat prevention at all points of the network – from employees’ mobiles and endpoints, to IoT devices, to clouds – to stop advanced attacks from spreading rapidly across organizations, and exploiting weaknesses to breach sensitive data. Automating prevention will be critical, especially due to the ongoing cyber-skills shortage.
Among other pandemic-related predictions, the company warns that news of vaccine developments or new national restrictions will continue to be used in phishing campaigns, as they have been through 2020. The pharma companies developing vaccines will also continue to be targeted by malicious attacks from criminals or nation-states looking to exploit the situation.
Attacks will continue to disrupt remote learning activities over the coming year. The education sector experienced a 30 percent increase in weekly cyber attacks during the month of August, in the run up to the start of new semesters.
Q3 of this year saw a sharp rise in double-extortion ransomware attacks – hackers first extract large amounts of sensitive data, prior to encrypting a victim’s databases. Then attackers threaten to publish that data unless ransom demands are paid, putting extra pressure on organizations to meet hackers’ demands.
The botnet army will continue to grow: hackers have developed many malware families into botnets, to build armies of infected computers with which to launch attacks.
Cyber attacks by nation states will continue to grow, for espionage or to influence events in other countries. Microsoft reported that threat actors from just three countries launched 89 percent of nation-state hacking incidents over the past year. Over recent years, the focus has been on securing national critical infrastructure, and while this remains essential, it’s also important to recognize the impact of attacks against other state sectors, including national healthcare organizations and Government departments.
Techniques for fake video or audio are now advanced enough to be weaponized and used to create targeted content to manipulate opinions, stock prices or worse. Earlier this year, a political group in Belgium released a deepfake video of the Belgian prime minister giving a speech linking COVID-19 to environmental damage and calling for action on climate change. Many viewers believed the speech was real. At a simpler level, audio could be faked for voice phishing – so that a CEO’s voice could be forged to bypass voice authentication.
The erosion in privacy has been magnified with buggy COVID-19 contact-tracing apps, which have privacy problems, leaking data about individuals. And that’s just legitimate apps: mobile malware targeting users’ banking credentials and committing click-fraud on adverts is a major growing threat.
5G benefits and challenges: the totally connected, high-speed world promised by 5G also gives criminals and hackers opportunities to launch attacks and cause disruption by targeting that connectivity. E-health devices will collect data about users’ wellbeing, connected car services will monitor users’ movements, and smart city applications will collect information about how users live their lives. This massive volume of data from always-on, 5G devices will need to be protected against breaches, theft and tampering to ensure privacy and security against attacks, especially as a lot of this data will bypass corporate networks and their security controls.
As 5G networks roll out, the numbers of connected IoT devices will massively expand – drastically increasing networks’ vulnerability to large scale, multi-vector cyber attacks. IoT devices and their connections to networks and clouds, are still a weak link in security: it’s hard to get complete visibility of devices, and they have complex security requirements, according to continuitycentral.com.