cyber security trends in 2021 - PurpleSec

10 Cyber Security Trends You Can’t Ignore In 2021

In this article, we offer our perspective on the top 10 cyber security trends in 2021.

 

Our team of IT security experts have spent hundreds of hours researching and analyzing the emerging threat landscape in 2020 to bring forward these predictions.

 

The purpose is to explain how these threats impact businesses and individuals alike while delivering actionable steps you can take to be more secure.

 

 

Our 2021 Cyber Security Predictions

 

  1. Lockdowns Permanently Change How We Conduct Business
  2. Patch Management Will Become A Top Priority For The C-Suite
  3. Ransomware Will Continue To Be The #1 Threat
  4. Supply Chain Attacks Will Grow And Be More Targeted
  5. CMMC Will Set The Tone For Enforcing Security Standards
  6. Security Operations Center (SOC) Services Will Grow
  7. Multi-Factor Authentication Use Will Evolve
  8. The Cold War Of Cyber Security Is Here And Will Heat Up
  9. Mining, Transportation, Construction, And Energy Are Prime Targets
  10. Drive-By Wireless Attacks Will Impact Remote Workers

 

sample penetration test report pdf template

 

1. Lockdowns Permanently Change How We Conduct Business

 

As businesses have shifted their workforce to flex models or full-time work from home models, so has the attack surfaces. Threat actors take advantage of current events and changing circumstances to exploit those who are most susceptible.

 

By now you’ve likely come across an email, phone, or text message scam related to Covid-19. Or, charities that claim to be assisting front-line workers. Worse yet, those who pretend to sell protective equipment, hand sanitizer, or food.

 

In fact, cybercrime as a whole has increased by 600% since the beginning of the global pandemic.

 

coronavirus phishing email scam

 

As the world continues to wait for the future of the virus and lockdowns there’s one thing that’s certain – cybercrime will only continue to increase in 2021.

 

Lockdowns have permanently changed everything about how we conduct business.

 

The obvious benefits of reducing capital expenditures aside – productivity increased by 47% YoY despite work from home culture.

 

Further, states like Florida and Texas are attracting the largest companies and talent away from New York and California. The flexibility provided by working from home enables corporations to make these structural changes within their business operations.

 

One of the leading voices in this movement is the software giant, Salesforce. In a recent announcement, the company said they are looking to permanently reduce their office footprint.

 

Bottom line: Companies that do not require office space to be productive will never fully go back to an office setting. As a result, security needs to be a discussion when developing work from home policies.

 

While countermeasures exist to safeguard employees working from home – they’re not infallible.

 

What is a phishing attack

 

After all, it only takes one click to compromise an entire network. Continued diligence from users and investments from key stakeholders to foster a truly secure environment will be a required part of doing business in 2021.

 

Gone are the days of checking off a box for the sake of compliance. Or, assuming that industry average risk ratings are good enough. This is exactly the type of mindset threat actors are searching for when selecting their next target.

 

Dive Deeper:

 

 

2. Patch Management Will Become A Top Priority For The C-Suite

 

One of the main points of entry used by threat actors is to exploit unpatched vulnerabilities within systems. According to one survey from the Ponemon Institute, 60% of breaches in 2019 involved unpatched vulnerabilities.

 

As a result, patch management services have quickly become a topic of discussion in the C-Suite.

vulnerability patch management lifecycle

In short, patch management is a continuous process of identifying, prioritizing, remediating, and reporting on security vulnerabilities in systems. This is particularly important if your organization has a need to burn down a backlog of vulnerable systems.

 

The goal of a patch management program is to ensure good patching policies are being implemented company-wide.

 

Businesses will be turning to managed security service providers as a cost-effective way to get a better handle on vulnerable systems in order to reduce risk. Many vendors are able to provide this service without the need of installing expensive third-party tools while also saving internal resources time.

 

vulnerability management plan template

 

In addition, look for a vendor who works with you to create standardization around your patch management program. This ensures predictable and repeatable processes can be followed thereby minimizing the amount of time required to maintain the program.

 

Dive Deeper:

 

 

3. Ransomware Will Continue To Be The #1 Threat

 

global cost of ransomware attacks 2020

Ransomware is a type of malware that denies users and system administrators access to files or entire networks. Once the malware infects systems, threat actors will send a ransom note typically demanding payment in Bitcoin.

 

Ransomware made history in 2020 contributing to the first reported death related to a cyber attack.

 

In this case, a hospital in Germany was locked out of their systems and unable to treat patients. A woman in need of urgent care was rerouted to a neighboring hospital 20 miles away but did not survive.

 

Unfortunately, industry trends don’t look hopeful.

 

In a survey of 582 information security professionals, 50% say they do not believe their organization is prepared to repel a ransomware attack.

 

Adding to this, 75% of companies infected with ransomware were running up-to-date endpoint protection.

 

 

This method of attack is extremely lucrative for threat actors as sophisticated ransomware kits are widely available on the dark web.

 

Healthcare providers are one of the hardest hit and most vulnerable industries for two reasons:

 

  1. Personal Health Information (PHI) can sell for hundreds of dollars per record and is often resold to multiple threat actors.
  2. Security of health systems is typically driven by compliance and not by proper security hygiene.

 

For example, running vulnerability scans will report on Critical, High, Medium, or Low vulnerabilities. While the Critical to High vulnerabilities are often prioritized it’s actually the Medium or Low vulnerabilities that can place you at risk.

 

Network Vulnerability Assessment Dashboard - Purplesec

 

Overlooking these vulnerabilities on say a printer, medical equipment, or other connected devices is what enables threat actors to gain entry into your network.

 

As we look forward to 2021 we do not see any signs of ransomware slowing down. In fact, we expect new targeted variants to be developed with the goal of infecting specific industries: Education, Mining, Transporation, and Energy, to name a few.

 

Dive Deeper:

 

 

4. Supply Chain Attacks Will Grow And Be More Targeted

 

The recent compromise of SolarWind’s Orion platform has brought global attention to the need for businesses to make cyber security a top priority in 2021.

 

In this case, a sophisticated supply chain attack impacted over 18,000 customers including fortune 500 companies and government agencies.

 

 

We will explore this further in the article, but in short threat actors search for targets that can be easily compromised and that have a significant monetary value. Attacking a supplier to gain entry to larger organizations is one way to bypass their sophisticated security controls.

supply chain attacks - 2021 cyber security trends

 

According to a report from VMWare, 50% of cyber attacks today not only target a network, but also those connected via a supply chain. Further, in 2018, supply chain attacks increased by 78%.

 

A 2020 report conducted by Sonatype also found that supply chain attacks on open-source software surged by 430%.

 

With this type of attack, it doesn’t matter how robust your security program is if your vendor has been compromised.

 

Once threat actors have a foothold in your network, they will attempt to move laterally to escalate their privileges and gain control over your systems. Or, they’ll lie dormant for months to years at a time collecting and exfiltrating data.

 

As we look forward we see supply chain attacks continuing to pose a significant threat to organizations. One way to mitigate these attacks is by implementing Zero Trust Architecture.

 

Learn More: 5 Proven Small Business Network Security Tips

 

5. CMMC Will Set The Tone For Enforcing Security Standards

 

The Cybersecurity Maturity Model Certification (CMMC) has been a compliance standard long in the making. Built off DFARS and the NIST 800-171 framework, CMMC will require DoD suppliers to meet and maintain a number of security controls depending on the type of data they have access to or store.

 

The threat of losing government contracts is a surefire way to enforce compliance.

 

download cmmc flyer

 

In recent months, new standards have been brought forward requiring organizations to also prove that they’re working towards CMMC. This is because businesses were not being honest in their adoption of these security best practices.

 

From a business perspective who can blame them? In some industries, the margins are so thin as is that they can’t afford the investment even if they wanted. States, like Maryland, are trying to help by providing a $2,500 reimbursement for a NIST 800-1717 Gap Analysis.

 

CMMC levels

 

However, this figure doesn’t come close to covering the costs associated with performing the analysis let alone implement and maintain the required security controls.

 

While it is unfortunate that businesses have to be forced to meet certification standards, it does promote a more secure environment. It’s our prediction that CMMC is only the stepping stone towards a more unified security standard in the United States.

 

Learn More: Understanding NIST 800-171 Incident Reporting Compliance Requirements

 

6. Security Operations Center (SOC) Services Will Grow

 

Security Operation Centers (SOC) provide real-time monitoring, detection, and response in order to mitigate or prevent cyber attacks when they occur. The benefits gained from a SOC is what provide organizations with a holistic approach to security.

 

 

This is done by centralizing the display of assets, collaborating across departments and functions, and ultimately maximizing awareness to minimize costs

 

SOCs are more accessible today than they were in the past, partly due to the meteoric rise of cloud services. Another reason for its growth has been the constant drive to push security down to smaller business models.

 

Small and mid-sized organizations are investing in SOC as a service model because it’s less expensive to subscribe to a predictable monthly subscription than it is to hire and maintain an internal department.

 

In contrast, it often makes more sense for enterprises to build their own internal SOC.

 

As a result, the SOC as a service market is projected to grow to $1.6 billion by 2025 from $471 million in 2020.

 

security operation center as a service growth 2025

 

We believe that the work from home and BYOD culture has accelerated this trend in 2020 and will continue to grow YoY. In addition, security frameworks and compliance, such as CMMC, require the implementation of a SIEM and IDS/IPS.

 

As mentioned, the talent, toolsets, and program management required to run a successful SOC is simply out of reach for most small and mid sized organizations.

 

Dive Deeper:

 

 

7. Multi-Factor Authentication Use Will Evolve

 

When it comes to authentication, multi-factor authentication (MFA) is often seen as the gold standard. However, we’ve covered several stories this year in our Weekly Ingest series of how threat actors are bypassing the methods used to authenticate.

 

More specifically, any authentication done through SMS or phone calls.

 

For example, in early November Microsoft urged users to stop using phone-based MFA and instead recommend using app-based authenticators and security keys.

 

 

While SMS does have some security built-in, the messages sent are not encrypted. This means threat actors can perform an automated man in the middle attack to grab the one-time passcode in plain text.

 

Online banking is one of the most at-risk industries as authentication is typically done through SMS. In a recent report, a massive banking fraud operation was exposed which compromised 16,000 devices causing over $10 million in damages.

 

Given this risk, organizations will begin to turn towards application-based MFA wherever possible such as Google Authenticator. We also highly recommend using a hardware MFA like YubiKey.

 

Learn More: Bypassing MFA & Web Application Security Threats In Retail

 

8. The Cold War Of Cyber Security Is Here And Will Heat Up

 

The massive data breach of the federal government and private sector that began as early as March 2020 is only the beginning. The Cold war of cyber security was already among us, however, this has set the stage for something far greater.

 

 

This recent compromise has widespread implications that, at this point in time, can only be speculated on. In truth, it will take years to uncover the true impact of this attack, who was responsible, what systems were compromised, and what data was accessed/exfiltrated.

 

What we do know is that US government agencies were targeted along with many fortunate 500 companies using the monitoring platform, SolarWinds. It’s likely that in 2021 significant investments will be made into aging government IT systems and that some sort of retaliation will take place.

 

 

Countries such as China have begun to retrain their army in cyber security schools with plans to become the world’s leader by 2027. Meanwhile, the deficit of trained security professionals in the US has been noted by top officials at the Department of Homeland Security as a national security risk.

 

Recently, Great Britain’s Prime Minister Boris Johnson held a virtual event expressing the need to boos the countries cyber attack capacity.

 

Key points of our infrastructure such as the electric grid and telecommunications are also highly susceptible to the threat of an attack. With a click of a button, an entire country could be sent to the stone age from thousands of miles away.

 

As cyber warfare continues to heat up it’s clear that training security professionals will become more valuable than building nuclear weapons.

 

Learn More: Understanding Advanced Persistent Threat (APT) Groups

 

9. Mining, Transportation, Construction, And Energy Are Prime Targets

 

Threat actors have much to consider when evaluating the targets they go after. They need to weigh the level of effort verse the reward.

 

A bank may be a valuable target, but the amount of resources required to breach their systems are out of reach for most. However, targeting a small business that can’t afford a $1,000 ransom payment isn’t particularly lucrative either.

 

Instead, threat actors look for industries that are not as tightly regulated and have significant monetary value.

 

When we look at the current economic landscape, and industries poised to benefit greatly from the coming recession, we see 4 key targets for threat actors:

 

  1. Mining
  2. Transportation
  3. Construction
  4. Energy

 

Mining

 

Mining sectors are a very misunderstood market by most investors. Prices of gold, silver, copper, nickel, uranium, lithium, and other industrial or precious metals have and will continue to increase.

 

We see this upward movement because supply chains are extremely constrained. This is due to increased YoY demand coupled with a lack of investments into the exploration of new reserves. Mines are also notoriously expensive to operate and can take years to ramp up into full production.

 

Prices of commodities are also at an all time low. As the adage goes, “the cure for low prices is low prices.”

 

35% of all US dollars in existence have been printed in 10 months

 

Added to this is the fact that the dollar is on pace for its worst 4th-quarter performance in 17 years.  Further, 35% of all US dollars were created in the last 10 months.

 

These are perfect conditions for prices of commodities to rise in 2021.

 

Transportation

 

Transportation is an obvious sector that has been under threat of cyber attacks in the past.

 

The pandemic has changed everything about how we operate and delivery services are not showing any signs of slowing down. Amazon, Walmart, Costco, Chewy, and other large online retailers have seen stock prices soar since March as online shopping has risen with nearly $1 out of every $5 spent online.

 

Disruptions in these supply lines mean more than not getting your Amazon package delivered on time. For some, it’s the only way people can access fresh foods or life-saving medicines.

 

Construction

 

Construction projects in the US will increase under the new administration. The aim being to fix our deteriorating infrastructure and to provide higher-paying jobs with benefits that lower-level service sector jobs lack.

 

It’s estimated that $2 trillion will be invested by the federal government, which will require construction companies to comply with CMMC.

 

Energy

 

Energy sectors will also rebound as the world economy opens up in 2021. Oil and natural gas companies have already begun to consolidate in the market. Exxon and Chevron recently discussed merging, which would make it one of the largest corporate mergers ever.

 

Eventually, demand will increase and those who manage to survive the downturn will benefit greatly.

 

While green energy initiatives do threaten to take over the energy sector, it’s not likely to happen anytime soon. In a best-case scenario, it will take years for the US to remove its dependency on oil, natural gas, or nuclear power. In fact, the green movement will further increase energy usage.

 

10. Drive-By Wireless Attacks Will Impact Remote Workers

 

Work from home culture is here to stay making residential areas a valuable target for threat actors. Microsoft reports that the volume of IoT attacks in the first half of 2020 rose by 35% compared to the second half of 2019.

Wireless Penetration Testing - Types Of Penetration Testing

 

From a level of effort perspective, these types of attacks are relatively easy for threat actors to pull off. Yes, they do need to be within physical proximity (approximately 65 feet) of the target.

 

However, the equipment is less than $200 and the configuration of the device is something that could be learned on YouTube in a matter of hours.

 

For example, a deauthenication attack on unsecured wireless networks can ultimately provide threat actors with a hashed password of your network that can be brute-forced offline. Once the password is cracked, the threat actor can use their access to your network to gain command and control over your connected devices.

 

We expect these attacks to continue to rise – especially in apartment complexes where a large number of users can be targeted at once.

 

Read More: How To Perform A Successful Wireless Penetration Test

 

Wrapping Up

 

We expect investments in cyber security to become a top priority for businesses in 2021. Looking further ahead we see security becoming a normal cost of doing business.

 

The Cybersecurity Maturity Model Certification (CMMC) will lay the groundwork for an enforceable and standardized security framework in the United States.

 

While the doom and gloom of recent data breaches sound disheartening – it doesn’t have to be. There a number of proactive steps you can take to mitigate and prevent cyber attacks.

 

PurpleSec is here to help deliver a custom tailored plan to meet your organization’s needs. Contact us today and speak with a cyber security expert.

 

IT Security Policy Template download

 

Related Articles

 

Jason Firch, MBA

Jason is a veteran IT operations manager, digital marketer, as well as the co-founder and CEO of PurpleSec, with nearly a decade of experience in business management and operations. When he's not studying for his CISSP or contributing to the PurpleSec blog you'll find Jason helping nonprofits with their online marketing.

No Comments

Post a Comment

Comment
Name
Email
Website