Originally Posted by Security Brief – via securitybrief.eu – November 30, 2020
Recognising emerging risks and threats is critical for defeating cyber attackers. One of the best ways organisations can spot early trends is to know whats happening on the dark web and keep up-to-date with how emerging technologies are being used by attackers, according to Kurt Hansen, co-CEO of Pure Security and Tesserent.
As the cost and frequency of cyberattacks continues to accelerate, Hansen says there are the eight trends to watch as we head into 2021:
1. Nation states will start looking at attacking businesses to generate income for their political agenda.
Nation states are launching attacks against private businesses. This activity is likely to increase in scale and velocity into 2021, as they attempt to either steal valuable intellectual property or run ransomware campaigns and email fraud in order to increase their power and national revenue. In 2020, North Korea was the first state nation to openly attack for financial gains.
2. Threat actors will leverage Artificial Intelligence
Just as security teams are using machine learning and AI to detect and block incoming attacks, criminals are learning how to use the same tools to find new vulnerabilities and attack vectors. The next generation of the cybersecurity arms race will be AI-fuelled. In 2021, we will see AI used more in cyber warfare as it’s used to launch attacks and defend against them.
3. Use of biometrics ID verification technology will accelerate
The era of username/password authentication is coming to an all-too-slow end. Biometrics and other passwordless identity verifications systems will become more popular. Well see more businesses make the step towards multi-factor authentication as well as the advent of passwordless identification.
4. 5G will drive a new wave of security innovation
With carriers around the world pushing the deployment of 5G infrastructure, we will see the number of connected devices and the volume of data they create and share increase. The Internet of things (IoT) will create new challenges for businesses who will need to monitor more endpoints and data than ever before. There are also many currently unknown and untested threats that will likely be exposed in 2021.
5. Hospitals and healthcare will get serious about cybersecurity
Following several high-profile attacks overseas, including one ransomware attack which resulted in a patient’s death, the healthcare industry will increase its focus on cybersecurity. In the past, hospitals were averse to spending money on cybersecurity, preferring to spend it on new life-saving equipment. In 2021, hospitals will increasingly see how spending on cybersecurity will also save lives.
6. Ransomware will keep being a major issue
The old saying about robbing banks because that’s where the money is rings true. In 2021, we will see a further increase in ransomware attacks. In part, this is fuelled by the rise in media exposure reporting that many SMEs in 2020 actually paid out money to regain access to their critical data. This is telling attackers that SMEs are a ripe target as bad guys, and those who previously hadn’t attempted to enter the space, are lured by the hope of success with knowledge that many businesses in 2020 actually did pay.
For this reason, it is imperative that organisations:
Employ least-privilege access permissions if you don’t need it, you don’t get it. Employ network segmentation to assist with containment. Consider application white listing to prevent unknown applications from executing. Have a robust user-awareness campaign to educate users.
7. More purpose built, secure operating systems for specific applications will emerge
Organisations all over the world are developing new operating systems that are made for specific, narrow use-cases. These new systems are built to be super-secure and will be found in healthcare, military operations, and the emerging world of autonomous vehicles. Security in 2021 will move from an afterthought and become increasingly central to development.
8. The number of vendors businesses will use, will shrink
Businesses want a trusted partner and not a collection of different vendors and partners that are hard to manage. Many businesses use in excess of 50 different vendors and partners for everything from endpoint security and penetration testing, to red teaming and security appliance deployment and management. More mid-tier businesses will look to outsource cybersecurity to experts that are across the latest techniques and have white hat hackers ready to deploy in defence.
“2021 will continue to be a cyber challenge for organisations as they continue to adapt to new ways of working during the pandemic,” says Hansen.
“They will need to rethink their cybersecurity plans. New and emerging technologies will power innovation for both criminals and defence.
“The only way to stay one step ahead of the attackers is to know what they are planning and to be prepared.”