A mid-year update for Cybersecurity – 4 trends to watch

This blog was written by an independent guest blogger.

It is nearing the mid-year point of 2021, and already it can be characterized as” the year of the breach.” Many companies and institutions saw their security perimeters pierced by hackers including the mega-breaches of Solar Winds and the Colonial Pipeline.  The scale of penetration and exfiltration of data by hackers and the implications are emblematic of the urgency for stronger cybersecurity.  Although there are a variety of trends emerging in the first six months, below are four that stand out as barometers of what lies ahead.  

1. Ransomware attacks are taking center stage as Cyber-threats

There is ample evidence that ransomware has become a preferred method of cyber-attack choice by hackers in 2021. As of May 2021, there has been a 102% surge in ransomware attacks compared to the beginning of 2020, according to a report from Check Point Research.

Hackers have found ransomware ideal for exploiting the COVID-19 expanded digital landscape. The transformation of so many companies operating is a digital mode has created many more targets for extortion. One office with 4,000 employees has become 4,000 offices. In addition to an expanding attack surface, hackers are more active than before because they can get paid easier for their extortion via cryptocurrencies that are more difficult for law enforcement to trace. Criminal hacker groups are becoming more sophisticated in their phishing exploits by using machine learning tools. They are also more coordinated among each other sharing on the dark web and dark web forums.

In 2020, according to the cybersecurity firm Emsisoft, ransomware gangs attached more than 100 federal, state, and municipal agencies, upwards of 500 health care centers, 1,680 educational institutions and untold thousands of businesses. As a result of the Colonial Pipeline Ransomware attack and others, the U.S. Department of Justice and the FBI have prioritized investigating and prosecuting hackers who deploy ransomware.

The impact for the rest of 2021 will be more ransomware attacks against institutions and corporations who are less cyber secure, especially to targets that cannot afford to have operations impeded such as health care, state & local governments, educational institutions, and small and medium sized businesses.

Why Ransomware is So Dangerous and Difficult to Prevent | Manufacturing.net

2. Cyber-attacks are a real threat to commerce and economic prosperity

So far this year, cyber-attacks have grown in number and sophistication, repeating a trend of the last several years. The recent cycle of major industry and governmental cyber breaches is emblematic of growing risk. The attacks are also becoming more lethal and costly to industry. A new NIST report was released on the economic impact to the U.S. economy by breaches, and it is alarming. The report suggests that the U.S. Loses hundreds of billions to cybercrime, possibly as much as 1 % to 4 % of GDP annually. The beach stats are part of a bigger global trend. The firm Cybersecurity Ventures predicts that global cybercrime damages will reach $6 trillion annually by this end of this year. The firm’s damage cost estimation is based on historical cybercrime figures including recent year-over-year growth, a dramatic increase in hostile nation-state sponsored and organized crime gang hacking activities, and a cyberattack surface.

In both the public and private sectors, there is a growing understanding of the seriousness and sophistication of the threats.  The list of adversarial actors is a large one that include states, organized crime, terrorists, and loosely affiliated hackers. To protect economic prosperity, there has been a movement for more threat information sharing and technical coordination between industry and government to filed tools and procedures that can better protect the crown jewels of critical infrastructure.

See:  Evidence suggests that the U.S. Loses Hundreds of Billions to Cybercrime, Possibly as much as 1 % to 4 % of GDP Annually | NIST

Global Cybercrime Damages Predicted to Reach $6 Trillion Annually By 2021 (cybersecurityventures.com)

3. Emerging technologies such as 5G and artificial intelligence are impacting the digital ecosystem

Emerging technologies as tools for security and optimization of business are a trend that is being accelerated by digital transformation. A large technical cybersecurity worker gap combined with more sophisticated threats have led to the need for automation, especially via machine learning and artificial intelligence tools. Automation has become more valuable for enhancing existing cybersecurity architectures. These tools can provide for more efficient decision making by prioritizing and acting on data, especially across larger networks with many users and variables. A well-stocked automation tool chest should include horizon scanning technologies, analytics, audits, incident alert tools, diagnostics, and even self-repairing software.

The elevated sophistication of attacks, interconnectivity of devices, and the advent of 5G wireless communication speeds will result in expanded surface and faster, multi-level, synergistic attacks. Speed and lack of latency from 5G will make it easier for more attacks. Intelligent mobile malware with a focus on bypassing two-factor authentication and banking fraud. Currently enabled by machine learning algorithms and eventually artificial intelligence. Also, Fileless, living-off-the-land attacks that use steganography to encrypt and hide many types of malicious software, including video files.

On the flip side, emerging tech is also enabling cyber attackers who are using machine learning and artificial Intelligence malicious software to automate target selection, check infected environments before deploying subsequent stages of attack and avoid detection. Hackers are also using Intelligent mobile malware with a focus on bypassing two-factor authentication.  According to research from the United Nations Interregional Crime and Justice Research Institute (UNICRI), Europol, and cybersecurity firm Trend Micro, cybercriminals are rampantly leveraging AI to spread a wide range of digital threats for ill purposes. “Threat actors often misuse advanced technologies to create new kinds of malicious operations. It is said that AI systems are being developed to enhance the effectiveness of malware and disrupt anti-malware and facial recognition systems.”

4. The Internet of Things (IoT) devices will continue to present special security challenges

The Internet of Things has arrived, and it has become the internet of everything. Work from home brought on by Covid-19 has greatly expanded that growing network of devices IoT’s exponential connectivity is a mesh of networks and devices composed of trillions of sensors. The increased integration of endpoints combined with a rapidly growing and poorly controlled attack surface poses a significant cybersecurity threat. The lack of standards, visibility, and the lack of ability to determine if a device has been compromised are top challenges. IoT devices including wearables, TVs in the boardroom, and security cameras are all easy targets for kill-chain intruders. IoT complexity also magnifies cyber risk. IoT devices differ from conventional computers as they are highly specialized and are small, both in physical size and computing capacity.  

IoT is an appealing target for hackers, especially in institutions using a variety of networks and devices such as hospitals and educational institutions. There are estimates that nearly half of all companies in the United States that use an Internet of Things (IoT) network have been affected by a security breach. And by 2025, it is expected that there will be more than 30 billion IoT connections, almost 4 IoT devices per person on average connecting and interacting on these devices. Congress and the Federal government have instituted programs to increase monitoring and mitigation of IoT Threats. Last year, Congress passed The Cybersecurity Improvement Act that offers guidelines specific to the use of IoT and the management of security vulnerabilities. Securing IoT can be bettered secured by following risk frameworks, elevating encryption, and changing default passwords. The sheer number of devices connected to IoT and lack of international standards and will continue make cybersecurity of IoT to be a monumental task for the rest of 2021.

See: State of the IoT 2020: 12 billion IoT connections (iot-analytics.com)