Written by: Gábor Marosvári, Product marketing lead, Balasys
In the past year, COVID-19 has had a greater impact on work habits and security environments than any other health emergency in history.
In the past year, COVID-19 has had a greater impact on work habits and security environments than any other health emergency in history. The upcoming years will undoubtedly have their challenges, but organizations that are aware of these risks and take steps to mitigate their impact will be well-positioned to secure their future growth.
There will unquestionably be a reaction to the recent Solarwinds attack. But what will happen in the case of other cyber conflicts? As of now, more than 50 states have offensive cyber warfare capabilities. In the 2010s, experts said that there was a hidden war in cyberspace. In the 2020s, we predict that this war will become visible to the public, and that the superpowers positioning themselves in the cyberspace will cause negative effects for us all.
COVID-19 has caused a 15% rise in the number of social media users, with almost 5 billion people using the internet on a daily base. We can predict an additional 1 billion people to log on this decade. This is a massive number of potential victims for cybercriminals, who have already started to use automatization to reach their targets more effectively. AI-based attacks such as deep fake or chatbots will also be used widely to support health and cryptocurrency-related frauds, phishing, and ransomware, which have already skyrocketed.
Returning to Solarwinds, the hack was an indication of how vulnerable we are to supply chain attacks. But what might happen if the operational security of the attacker is not as professional as it was in this case? What if something goes wrong and starts a domino effect, including the massive outage of critical infrastructures? We predict that in parallel with the militarization of cyberspace, cyber operations will cause death in the physical space due to mistakes from hackers who have not accounted for the effects on supply chains.
Even if the pandemic ends this year, the home office will be here to stay. In addition to its unquestionable benefits, however, working from home also carries several risks. The legitimate demand for accessing company resources through the internet has dramatically increased. This has resulted in the introduction or extension of virtual private networks, remote access and cloud solutions, often in a hurry. It represents a completely new or increased threat surface for many companies, where not only the technology or the service, but also the client side can be attacked, something which is much harder to defend against.
Traditional phishing techniques, such as social engineering, will remain among the most effective attack methods. Caused by social distancing, separation from colleagues causes information validation challenges, and uncertainty always facilitates fraudulent attempts. Because a significant amount of business processes still strongly depends on email communication, sending seemingly legitimate mails is an effective method for malicious actors to acquire sensitive information or persuade someone to take unintended actions that can have serious consequences. Strong authentication and verifiably encrypted communication methods are highly recommended, at least for confirmation.
Zero Trust is the next logical step in the evolution of enterprise security. Cyber threats will not decrease in a post-COVID world, given the increased number of remote activities. Companies who have applied the Zero Trust principles will be able to react properly to the upcoming challenges. Or rather, to the challenges which are already here, inside our networks or in our trusted zones. These organizations will gain significant advantage over others, not just because attackers always go for the low-hanging fruit, but also because they will be more efficient in discovering and mitigating complex Advanced Persistent Threats (APTs).
The growing penetration of hybrid infrastructures is just the beginning. This trend will not stop here. Companies want to benefit from the cloud based operating model where possible (or at least they want this option to be available), which means in the next couple of years even one of the biggest taboos will be broken, namely the concept that an identity management system must always be located on-site. The advantages of a cloud-based IDM system are obvious from the customer’s perspective:
As more and more services are developed and made available to the public through APIs (either driven by business strategies or regulations, such as the PSD2), API security is becoming increasingly important for companies. In 2019, the OWASP Top 10 API Security Project was introduced, focusing solely on the most common, critical API security issues. Based on the statistics, including our own experiences, authentication and authorization of API clients will gain importance on the upcoming list. On the other hand, the growing popularity and severity of Server-Side Request Forgeries attacks raise concerns, as they can compromise even the strongest of authentications or firewalls.
Securing and managing privileged accounts has lately been a critical challenge for companies. The transition to working from home has sometimes been a forced effort, but companies have received a boost in confidence in terms of the effectiveness of their IAM and PAM strategies. Many of the existing PAM solutions promised that they can serve administrators and business managers even through remote operation. Now that the initial dust settled, companies are looking at what else these solutions can offer, and how a previous necessity can be turned into feasible business benefits. There are three main PAM areas, which are expected to be in focus in the upcoming period:
ICS (Industrial Control Systems) and OT (Operational technology) networks has been key targets for cyber criminals and nation states for the last decade, that is without question. We have witnessed serious incidents such as the cyber-attacks against the Ukrainian and US electricity networks. Without deep knowledge of cybersecurity and ICSs we would think that these attacks have ringed the bell for most companies using legacy OT devices and vulnerable ICS networks. However, seemingly, these incidents had a very little impact on the approach to cybersecurity of those who are the most vulnerable and affected. In the upcoming years, the cyber warfare will shift increasingly towards the cyber-physical systems, while the business need will further increase the exposure of unprotected OT and ICS systems.
Click here to learn more about how Balasys can help you mitigate the above challenges.
Ez a blogposzt a Creative Commons Attribution-ShareAlike 4.0 International (CC-BY-SA 4.0) License feltételei mellett licencelődik.
Bitcoin account hijacking using OSINT techniques
Researchers at Kudelski Security have managed to break Bitcoin and Ethereum wallets using a novel attack against one of the most popular asymmetric key algorithms of modern cryptography, ECDSA.
Chinese researchers: RSA is breakable. Others: Do not panic!
In a recent publication, Chinese researchers claim that there is an existing algorithm that, even with today's quantum computers, makes it possible to break the RSA algorithm, which is the fundamental basis of secure internet communication. At the same time, there are doubts about the reliability of the publication.