Cybersecurity has, and always will be, a huge cause for concern for any enterprise.
The level of digital adoption has accelerated over the years, and this has further been spurred by the COVID-19 pandemic because of the sudden focus on doing crucial processes online. This means the issue of security and network integrity has become a huge area of concern.
The fact that more and more important processes are now being held online means the impetus for threat actors to conduct malicious operations and attacks has also become greater. The year 2020 has acquired another level of significance for security experts. It is not just the year of the pandemic; it is also the year when cybersecurity threats have worsened.
According to Statista, there were 661.16 million cumulative detections of new malware in the first month of 2020. Compared with 541.17 million in 2019, that’s an 18 per cent year-on-year growth, and that’s only for new malware.
Security experts suspect that this dramatic increase can be attributed to the sudden switch of a majority of enterprises from having on-premise access to their network to remote access brought about by work-at-home arrangements. This abrupt change meant many organizations were not ready for the influx of traffic and didn’t have the infrastructure that is safe and secure.
Malicious actors know this, hence the increase in malware and ransomware. They want to take advantage of this obvious vulnerability. While some organizations and businesses would secure their networks by performing various security checks, among them breach and attack simulations or by conducting automated penetration testing, it is unfortunate that many others do not do this as a matter of security policy.
New security vulnerabilities have come up
Malicious actors always come up with new, nefarious ways to attack infrastructure so they can access an organization’s valuable information. Some of the new security vulnerabilities that have come up in 2021 are as follows.
1. COVID-19-related Phishing
If there’s one thing you can expect from all cybercriminals, it is their inventiveness. You can be sure that if they can ride on trends to get at your network then they will do that.
And that’s precisely what they have done with the pandemic.
There was a rise in phishing attacks in 2020 and this year. While phishing attacks are nothing new, using COVID-19 as a way to initiate these attacks is.
Barely a week after the World Health Organization called the health crisis “COVID-19,” cybercriminals already started deploying opportunistic attacks using that newly coined term. In fact, these attacks increased by a factor of 11. It was apparent, these malicious actors wanted to capitalize on the immediacy of the problem and on fearful people who are actively looking for information and solutions to combat the virus.
2. Malware-as-a-service (MaaS)
Another new security threat that has become prominent recently is the rise of malware-as-a-service or MaaS. This is the practice of selling malware packs that are bought off-the-shelf on the dark recesses of the internet. Imagine buying any normal software online, but the difference is that this software can be used maliciously to attack networks and IT infrastructure.
The rise of MaaS is a security threat that is most likely going to become more and more popular. This is for the very simple reason that it has significantly lowered the technological entry point to carry out attacks. Previously, if you wanted to attack networks you’ll have to do all of the grunt work. You need to find vulnerabilities, program your malicious tools to exploit these vulnerabilities, and then deploy them. Now, you can just buy malware that can already be used.
Furthermore, the creators of the malware would provide support for it just like any normal software. They will continue development, provide maintenance, and even issue patches. This means that the most nefarious malware developers will try to find ways to defeat even the highly secure MITRE ATT&CK knowledge base.
Another reason MaaS is becoming a potentially huge headache now and in the future is that it is a lucrative endeavour. Many of the MaaS products out in the wild right now are ransomware. Imagine being able to sell a product that the buyers can then use to earn money by holding networks and/or information hostage.
3. Less reliable vendors
The sudden shift to remote work or hybrid work arrangements for many organizations around the world meant they had to build or develop their infrastructure to be compatible with these new realities. For many organizations, ensuring business continuity also means they have to deploy supply chains and other solutions to ensure their business operations will run. But because many of these services are quite costly, businesses had no choice but to look for more affordable vendors who can provide the infrastructure enhancements they need. Unfortunately, there are many vendors out there who are not as security conscious as the big players in the market.
This issue is not without precedent. Many attacks and exploits that have happened in the past could be traced to vulnerabilities that are tied to supply chain system vendors who have overlooked these. Case in point is the SolarWinds breach that resulted in an unprecedented cyber attack in the US. With this incident, more people have become aware of the vulnerabilities of systems and how an exploit could wreak havoc and cause incalculable damage.
Security threats will always be there and, unfortunately, malicious actors will always look for new ways to attack the security of networks and IT infrastructure to advance their dastardly agenda. The best way an organization can protect itself is not to hunker down and be able to defend when an attack happens but to be proactive and mount a good offence. This means instituting robust breach prevention protocols and policies.
By actively looking for exploits and weaknesses in the infrastructure and plugging them as they are discovered, the organization can be assured that they are in a safer position to ensure the integrity of their information and data. Automated attack simulations and penetration testing are wonderful tools that will ensure the infrastructure is robust enough to prevent an attack from happening.