Alexey Parfentiev
Senior Business Analyst, SearchInform
What are other key security threats except for the risk concerning remote work amid the pandemic and the upsurge of phishing related to Covid-19, charities, sellers of protective equipment, hand sanitisers? Let’s dig into the risks which had been gaining significance even before the lockdown and only took deeper roots during it.
Ransomware
Ransom attacks are on the rise and present a tremendous threat to multiple businesses denying companies access to their own data and demanding huge payment to get it back. Two large-scale ransom incidents cause FBI director Christopher Wray emphasise the need to discourage the attackers by not transferring them any money in a doubtful exchange for the data. Colonial Pipeline oil and gas transport network as well as JBS USA, one of the biggest meat producers, paid ransom up to $4.4 million and $11 million in June.
User awareness
User awareness still requires boosting. 97% of users can’t identify a phishing email. Companies begin to focus on security policies more actively than ever to successfully conform to corporate and general rules and regulations.
Healthcare sector attacks
I t’s no surprise, the pandemic affected healthcare security in a major way. Cybersecurity of this sector will receive $125 billion by 2025, which is 4 times more than it was planned to invest till 2027 back in 2019.
Multi-factor authentication
As far as many violators have learned how to bypass these authentication methods, it is recommended now to use app-based authenticators and security keys, hardware multi-factor authentication.
Machine learning
Ever-growing cybersecurity significance needs data to be analysed with implementation of machine learning. Threat patterns and violators’ behavior can be constantly learned by the program to respond to incidents proactively.
The number of SOC will increase
SOC (security operations centres) is expected to grow to $1.6 billion by 2025 from $471 million in 2020, according to Markets and markets. A security operation center is created within a company to unceasingly monitor and assess the level of corporate security. The center detects, analyses and manages incidents continuously as they occur.
The key point of SOC is to track an organisation’s activity inside and outside the perimeter in real time. SOC teams are responsible for employee and customer data control, ensure that hardware and software usage is super vised. A SOC accumulates and processes all the data sent via various communication channels within a corporate network.
Passwordless authentication
People tend to forget their passwords no matter how much they would want their details to be safe, and begin to use passwords which are easy enough to remember and too simple to break. Non-password authentication principles are provided by FIDO Alliance, where access is enabled via logging with biometric data, tokens etc.
Zero Trust
Due to having to ensure access to a big number of remote users, zero trust approach is gaining momentum. Least privilege access is required to be given to both gear and users. The security levels are to be represented by any of these 3 concepts – enhanced identity governance, micro-segmentation, network infrastructure and software defined perimeters (SDP).
Cloud security
In order to cut the costs and due to remote work necessity cloud deployment software models are becoming increasingly popular, as well as cloud security measures which have to be taken and cloud storages. Surge of cloud usage influences hacker to refocus onto cloud sometimes poor security or lack of password protection, but also it promotes further developing of predictive security, thanks to which it will be possible to identify potential threats.
GDPR compliance
GDPR compliance keeps being a popular objective. The personal data protection issue appeared to be a complicated one, the bigger the company is the more the data it processes and stores.
Higher education threats
Switching to remote studying impacted the safety of students’ data. In the US education isn’t a priority sector for cybersecurity improvement. Besides, 11% of attacks on US educational institutions are motivated by espionage.
Supply chain
The attack might stem from international espionage, state enemies, or get originated by hacktivists. The purpose is to destroy the systems, exploit the vulnerabilities, undermine the work of suppliers and contractors by making use of inadequate security practices, inserting a time bomb, compromise the assets.
IoT
The majority IoT gadgets present high risks of information security issues. Irrespective of whether it is consumer-facing or enterprise-focused, the reality is that IoT devices need better security. Manufacturers must take responsibility to protect these devices and warn users of possible cybersecurity threats. Sadly, making the sale seems to be the only priority. But the situation might improve if vendors are motivated to take IoT security more seriously. For example, regulators could fine manufacturers if found guilty of neglecting their corporate responsibilities when it comes to securing devices.
One of the biggest problems is the login and password details of connected devices. These are typically preconfigured by manufacturers. Using sophisticated tools, hackers can ‘snoop’ the Internet for these standard details and can easily gain access to them, severely compromising the user.
Another challenge is how easy it has become for manufacturers to send through updates to connected devices. Because this communication is unencrypted, patches can be installed remotely for bug fixes. While ostensibly a good thing, they do leave back doors open for malicious users to exploit.
Financial services cyberattacks
Phishing is both a remaining and growing problem depending on which sources it exploits – it’s still as prevalent via email and is increasing in number via social networks and other messaging platforms.
Malware and data breaches are among the popular security problems for financial institution as well. Boston Consulting Group found that financial services companies are 300 times more likely to face cybersecurity attacks than enterprises in other industries. Moreover, cyberattacks on financial institutions spiked by a massive 238% from the beginning of February to the end of April In 2020 cyberattacks on financial institutions were rocketed by 238% amid the COVID-19 pandemic, according to Infosecurity Magazine. Eventually, attacks cost the banking sector $18.3 million per business.
