Alarming Cybersecurity Updates for the Close of 2021!

img blog Alarming Cybersecurity Updates Close of 2021 r1

In excerpts from an article by ForbesChuck Brooks wrote, “Just when we thought it could not get much worse from a cybersecurity stat perspective, it did. A significant reason why cybercrime and breaches are rising is that most people just view it as someone else’s problem. Securing our digital identities and data is everyone’s problem and it is a global one.”

He went on to list the latest twists in the cyber security plot…

Ransomware, Here, There, Everywhere And More Of It!

“A Cybersecurity Ventures analysis predicts that there will be a new attack every 2 seconds as ransomware perpetrators progressively refine their malware payloads and related extortion activities.

The current state of cyber-affairs is an especially alarming one because ransomware attacks are growing not only in numbers, but also in the financial and reputational costs to businesses and organizations.

The Supply Chain, A Weak Link For Hackers To Exploit

A new study by cybersecurity company BlueVoyant shows that the supply chain is a magnet for cyber breaches. “A whopping 97% of firms have been impacted by a cybersecurity breach in their supply chain, and 93% admitted that they have suffered a direct cybersecurity breach because of weaknesses in their supply chain.

The supply chain (both public and commercial) poses an undue risk of sabotage to, or subversion of, the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of information and communications technology or services. It requires enacting a risk management process that identifies vulnerable systems (especially legacy) and gains visibility into all the elements of the supply chain.

IOT as a Prime Target For Breaches

Cyber-physical systems (OT/IT), and the integration of millions of devices in our lives, has created a IoT cybersecurity challenge for people, business, and governments. Each IoT device represents an attack surface that can be an avenue into your data for hackers. 

A Comcast report found that the average household is hit with 104 threats every month. The most vulnerable devices include laptops, computers, smartphones and tablets, networked cameras, storage devices, and streaming video devices.

Using a comprehensive risk management approach to understand and mitigate the threats of the Internet of Things can be of major help in that regard by helping to mitigate security gaps. Being more cybersecurity ready should be a priority pursuit for everyone connected.”

In excerpts from an article by Check Point, they wrote…

Phishing Continues to Be a Problem

“It’s usually easier to trick an employee into handing over sensitive data (like login credentials) or running a piece of malware on a company computer than it is to accomplish these goals through other means. As a result, phishing will continue to be a problem in 2021 and into the future as long as it remains effective. However, the changing nature of work in the wake of the COVID-19 pandemic has its impacts on phishing as well.

For example, the surge in remote work caused by the COVID-19 pandemic drove many organizations to adopt online collaboration such as Zoom, Slack, etc. The focus on email in phishing awareness training means that employees often do not consider it a threat on these platforms, and workers often believe that only legitimate users can access these platforms, which is not always true.

As a result, phishing attacks on these platforms are more likely to be effective than via email, where employees are more likely to be on their guard and companies may have anti-phishing solutions in place. Cybercriminals have noticed this, and the use of non-email collaboration platforms for phishing has become more common

Exploitation of Remote Work

In 2020, the COVID-19 pandemic forced organizations to pivot suddenly to a mostly or wholly remote workforce. Within a matter of weeks, companies with no existing telework programs needed to adapt and update the infrastructure required to allow their employees to work from home.

With the end of the pandemic in sight [we hope], many organizations have no intention of returning to a fully on-site workforce. The benefits of remote work – to the company and its employees – have inspired many to allow at least part-time telework for many of their employees.

However, the rush to remote work programs left security gaps that are actively exploited by cybercriminals. In 2021, companies will continue to face new security threats made possible by widespread telework, including:

Exploitation of Remote Access Solutions: Employees working from home need access to the corporate network. As a result, the use of virtual private networks (VPNs) and the remote desktop protocol (RDP) has exploded during the pandemic. Cybercriminals have taken advantage of this, exploiting poor password security and VPN vulnerabilities to access corporate networks, steal data, and plant ransomware.

Thread Hijacking Attacks: In a thread hijacking attack, an attacker with access to an employee’s email or other messaging account will respond to an existing conversation. These responses will contain malicious attachments or links to phishing sites and are designed to expand the attacker’s access within an enterprise network. With the rise of remote work, the frequency and success rate of these attacks has grown as employees increasingly communicate using alternative platforms and cybercriminals are more successful at gaining access to email accounts.

Vulnerable and Compromised Endpoints: With remote work, employees are working from computers outside the corporate perimeter and the cyber defenses deployed there. Additionally, these devices are less likely to be up-to-date on patches and compliant with corporate policy. As a result, they are easy targets for exploitation by cybercriminals.

As long as insecure remote work remains common, these threats will continue to be a problem. With extended or permanent telework programs comes the need to design and implement effective solutions to secure the remote workforce.

Cloud Adoption Outpaces Security

Cloud adoption has been rapidly rising for years and exploded as a result of the COVID-19 pandemic. With a remote workforce, companies needed the accessibility, flexibility, and scalability offered by cloud-based solutions.

However, while many companies are moving rapidly to the cloud, security is lagging behind. Cloud infrastructure is very different from an on-premise data center, and these differences introduce unique security challenges. Many organizations are still working to understand these differences, leaving their cloud deployments at risk.

For 75% of enterprises, the security of their public cloud infrastructure is a significant concern. Learning how to secure systems hosted on shared servers in vendor-specific environments is challenging, especially when most companies are using services provided by multiple different vendors. In 2021, the failure to implement effective cloud security will remain a major problem, and, according to Gartner, 99% of cloud security incidents through 2025 will be the customer’s fault.

The Rise of Double-Extortion Ransomware

Ransomware has been a growing threat in recent years. A number of high-profile attacks demonstrated to cybercriminals that ransomware was profitable, driving a rapid increase in cybercrime groups operating this malware. On average, ransomware claims a new victim every ten seconds worldwide, and ransomware costs businesses around $20 billion in 2020, an increase of 75% over the previous year.

The ransomware industry has also experienced numerous innovations in recent years. Ransomware as a Service (RaaS) operators develop and sell ransomware, expanding their reach and providing less sophisticated threat actors with access to high-quality malware.

Another recent trend is the “double extortion” ransomware campaign. Instead of simply encrypting files and demanding a ransom for their recovery, ransomware groups now steal sensitive and valuable [personal] data from their victims as well. If the target organization does not pay the ransom, this data is posted online or sold to the highest bidder.

In 2021, ransomware attacks continue to grow in popularity, and more groups are switching to the “double extortion” model. For example, the relatively new DarkSide group uses this technique and has carried off attacks like the one against Colonial Pipeline that was deemed a national emergency in the U.S.

An Epidemic of Healthcare Cyberattacks

During the COVID-19 crisis, the healthcare sector became more vital than ever. Hospitals and other healthcare providers around the world were overrun with patients as a result of the pandemic.

In many cases, the focus on patient care took away focus and resources from cybersecurity in these organizations. As a result, an industry that already struggled with cybersecurity was left even more vulnerable to cyberattacks. In 2020, cybercriminals noticed and took advantage of this. 

In Q4 2020, Check Point Research reported that cyberattacks against hospitals had increased by 45% worldwide. While, in some areas, the emergence of COVID-19 vaccines has reduced COVID-related hospitalizations and the strain on these organizations, the exploitation of these organizations by cybercriminals and nation state attackers is likely to continue to be a major problem.

A New Focus on Mobile Devices

The popularity of corporate mobile devices and bring your own device (BYOD) policies has been steadily growing in recent years. Employees can be more productive when permitted to use the devices that they are most comfortable with.

With the growth of remote work, this trend is unlikely to reverse itself. Employees working from home, or from anywhere, are more likely to use mobile devices than those working from the office. With the increased use of mobile devices for business purposes comes new cybersecurity risks. Cybercriminals are increasingly targeting these devices in their attacks, and many businesses lack the same level of security on their mobile devices as they have on traditional computers.

Additionally, corporate cybersecurity awareness for mobile devices lags behind as well. For example, 46% of companies report that they have had at least one employee install a malicious mobile application. As these mobile devices are increasingly used to store corporate data and access business applications, mobile malware poses a growing threat to corporate cybersecurity.

A More Sophisticated Cyber Threat Landscape

Cyber security is a cat and mouse game between cyber attackers and defenders. As cyberattackers develop new tools and techniques, cyber defenders create solutions for identifying and blocking them. This inspires cybercriminals to innovate to bypass or overcome these defenses, and so on.

As cyber threat actors become more professional and organized, the sophistication of their attacks has increased as well. Today, companies face Generation V cyber threats, which include large-scale, multivector attacks across an entire organization or industry. These attacks are enabled by leaks of advanced hacking tools – such as the ShadowBrokers leak that enabled the creation of WannaCry [ransomware] or the theft of FireEye’s suite of penetration testing tools.

Many organizations have security architectures composed of many point security products designed to protect against earlier generations of cyber threats. These solutions are difficult to manage and lack the security unification and threat intelligence needed to protect against large-scale automated attacks.

Growing Numbers of Zero-Day Attacks

zero day attack is one in which a vulnerability is exploited before a patch is available or widely deployed. These attacks can be especially damaging because traditional cyber defense strategies are ineffective at protecting against them. Many of these strategies rely on signature-based detection, which only works if a signature for the malware is publicly available.

Large-scale and highly damaging zero day attacks are becoming more common for a few different reasons. The number of publicly-reported vulnerabilities is growing rapidly, with over 23,000 discovered each year. This far outstrips many organizations’ ability to apply updates and patches, meaning that more vulnerabilities are being left open for longer.

Additionally, cybercriminals can often develop an exploit for a vulnerability faster than a patch can be developed, published, and widely applied. Cybercriminals can typically develop an exploit within a week, but most companies take an average of 102 days to apply a patch.

2021 has already seen large-scale attacks exploiting zero-day vulnerabilities, like the DearCry and Hafnium malware variants taking advantage of vulnerabilities in Microsoft Exchange. This trend is likely to continue.

Managing the 2021 Cyber Threat Landscape

In 2021, companies faced a number of major cyber security challenges. However, this year also presents opportunities for significant security growth. 2020 demonstrated how businesses need to adapt to the modern world, and 2021 provided an opportunity to design and build security for the future.”

You can never be 100% protected from cyber security threats, but you can make it much more difficult for cyber criminals to gain access to your systems and data.  

In excerpts from an article by CIPHER, they wrote about The Top 10 Personal Cyber Security Tips to help protect your devices, your data and yourself.   

CIPHER suggested that you… 

1. Keep Your Software Up to Date

One of the most important cyber security tips to mitigate ransomware is patching outdated software, both operating systems, and applications. This helps remove critical vulnerabilities that hackers use to access your devices. Here are a few quick tips to get you started:

  • Turn on automatic system updates for your device
  • Make sure your desktop web browser uses automatic security updates
  • Keep your web browser plugins like Flash, Java, etc. updated

2. Use Anti-Virus Protection & Firewall

Anti-virus (AV) protection software has been the most prevalent solution to fight malicious attacks. AV software blocks malware and other malicious viruses from entering your device and compromising your data. Use anti-virus software from trusted vendors and only run one AV tool on your device.

Using a firewall is also important when defending your data against malicious attacks. A firewall helps screen out hackers, viruses, and other malicious activity that occurs over the Internet and determines what traffic is allowed to enter your device. 

Windows and Mac OS X come with their respective firewalls, aptly named Windows Firewall and Mac Firewall. Your router should also have a firewall built in to prevent attacks on your network.

3. Use Strong Passwords & Use a Password Management Tool

You’ve probably heard that strong passwords are critical to online security. The truth is passwords are important in keeping hackers out of your data! According to the National Institute of Standards and Technology’s (NIST):

  • Don’t use the same password twice.
  • The password should contain at least one lowercase letter, one uppercase letter, one number, and four symbols but not the following &%#@_.
  • Choose something that is easy to remember and never leave a password hint out in the open or make it publicly available for hackers to see
  • Reset your password when you forget it. And, change it once per year as a general refresh.

If you want to make it easier to manage your passwords, try using a password management tool or password account vault, [like Keeper], with some great advanced password features.

4. Use Two-Factor or Multi-Factor Authentication

Two-factor or multi-factor authentication is a service that adds additional layers of security to the standard password method of online identification. Without two-factor authentication, you would normally enter a username and password. But, with two-factor, you would be prompted to enter one additional authentication method such as a Personal Identification Code, another password or even fingerprint. With multi-factor authentication, you would be prompted to enter more than two additional authentication methods after entering your username and password.

According to NIST, an SMS delivery should not be used during two-factor authentication because malware can be used to attack mobile phone networks and can compromise data during the process. 

5. Learn about Phishing Scams – be very suspicious of emails, phone calls, and flyers

We recently blogged that phishing scams are nastier than ever this year. In a phishing scheme attempt, the attacker poses as someone or something to trick the recipient into divulging credentials, clicking a malicious link, or opening an attachment that infects the user’s system with malware, trojan, or zero-day vulnerability exploits. This often leads to a ransomware attack. In fact, 90% of ransomware attacks originate from phishing attempts.

A few important cyber security tips to remember about phishing schemes include:

  1. Don’t open email from people you don’t know
  2. Know which links are safe and which are not – hover over a link to discover where it directs to
  3. Be suspicious of the emails sent to you in general – look and see where it came from and if there are grammatical errors
  4. Malicious links can come from friends who have been infected too. So, be extra careful!

6. Protect Your Sensitive Personal Identifiable Information (PII)

Personal Identifiable Information (PII) is any information that can be used by a cybercriminal to identify or locate an individual. PII includes information such as name, address, phone numbers, data of birth, Social Security Number, IP address, location details, or any other physical or digital identity data. Your credit card information should be protected by companies if they follow the PCI DSS standards.

In the new “always-on” world of social media, you should be very cautious about the information you include online. It is recommended that you only show the very minimum about yourself on social media. Consider reviewing your privacy settings across all your social media accounts, particularly Facebook. Adding your home address, birthdate, or any other PII information will dramatically increase your risk of a security breach. Hackers use this information to their advantage!

7. Use Your Mobile Devices Securely

According to McAfee Labs, your mobile device is now a target to more than 1.5 million new incidents of mobile malware. Here are some quick tips for mobile device security:

  1. Create a Difficult Mobile Passcode – Not Your Birthdate or Bank PIN
  2. Install Apps from Trusted Sources
  3. Keep Your Device Updated – Hackers Use Vulnerabilities in Unpatched Older Operating Systems
  4. Avoid sending PII or sensitive information over text message or email
  5. Leverage Find my iPhone or the Android Device Manager to prevent loss or theft
  6. Perform regular mobile backups using iCloud or Enabling Backup & Sync from Android

8. Backup Your Data Regularly

Backing up your data regularly is an overlooked step in personal online security. The top IT and security managers follow a simple rule called the 3-2-1 backup rule. Essentially, you will keep three copies of your data on two different types of media (local and external hard drive) and one copy in an off-site location (cloud storage).

If you become a victim of ransomware or malware, the only way to restore your data is to erase your systems and restore with a recently performed backup.

9. Don’t Use Public Wi-Fi

Don’t use a public Wi-Fi without using a Virtual Private Network (VPN). By using VPN software, the traffic between your device and the VPN server is encrypted. This means it’s much more difficult for a cybercriminal to obtain access to your data on your device. 

10. Review Your Online Accounts & Credit Reports Regularly for Changes

With the recent Equifax breach, it’s more important than ever for consumers to safeguard their online accounts and monitor their credit reports. A credit freeze is the most effective way for you to protect your personal credit information from cyber criminals right now. Essentially, it allows you to lock your credit and use a personal identification number (PIN) that only you will know. You can then use this PIN when you need to apply for credit.

Top Causes of Security Breaches

Hacking, phishing, and malware incidents are becoming the number one cause of security breaches today. But, what’s more troubling, these hacking attempts are the result of human errors in some way. Education and awareness are critically important in the fight against cybercriminal activity and preventing security breaches.

We hope you found these personal cyber security tips and the knowledge of how personal security breaches occur to be helpful in mitigating your risk from a security incident.”

As TitanFile wrote, “Cybercrime is undoubtedly one of the fastest-growing crimes in the world and it continues to impact businesses from all industries. Unless you want your company or firm’s name to end up in the headlines as a result of a security breach, you need to pay more attention to cybersecurity.”