The worldwide 2020 pandemic has forever changed the configuration of businesses. With mobility hindered by stay-at-home orders and other social restrictions, the majority of business processes had to be migrated to the cloud to enable employees to access work files wherever they choose to work.
These changes drove IT departments to recalibrate their cybersecurity priorities and strategies. After all, remote staff who use less secure devices and connections are more vulnerable to cyberattacks than those who use a typically more secure on-premise IT infrastructure.
In 2021, businesses must step up to protect not just internal systems but remote networks as well. But what cybersecurity threats should they be prepared for?
Threat 1: Old but smarter tricks
Known cyber threats such as phishing and ransomware will continue to plague businesses, and they're predicted to become even more sophisticated. Phishers are now using automated tools to mine data from social networks and company websites in order to send personalized emails to their targets. These kinds of hazards are expected to keep growing in number and frequency.
Apart from using personal information, phishers are also leveraging current events to get their victim’s attention. We’ve seen this in the surge of phishing emails at the beginning of the pandemic. Cybercriminals took advantage of victims’ unfamiliarity with the COVID-19 virus to send fake newsletters containing supposedly useful information about it, but which actually contained malicious links or files. Employees who were shifting to remote work setups were also targeted. They received emails purportedly containing company protocol for remote work, login credentials for remote work apps, and mandatory health surveys, among others.
While we can expect cybercriminals to get smarter by the year, we can also assume that they will not abandon tried-and-tested attacks that users still fall for. Companies should be prepared to tackle upgraded versions of their old enemies by implementing cybersecurity solutions proven to keep these attacks at bay.
Threat 2: Fileless malware
Unlike traditional attacks that install malicious files into a device, fileless malware attacks use existing system software, protocols, and apps to install and execute malicious activities. When a user clicks on a compromised link, for instance, the website to which the URL redirects can launch a fileless malware attack that goes straight to the computer’s memory. This malware will then piggyback on whitelisted applications or system tools like Powershell to avoid detection, as most security applications employ a trust model that exempts whitelisted programs from being monitored. Safely hidden, it can initiate malicious processes. It can escalate privileges, run a task in the background, or export information, among other things.
According to technology conglomerate Cisco, fileless malware was the top critical endpoint threat in the first half of 2020. Security company ESET predicts that such threats will not only continue in 2021 but will also be used in increasingly complex and larger-scale attacks. And for good reason: fileless malware is ten times more likely to infect a machine than file-based malware. As such, organizations must invest in stricter detection and response technologies.
Threat 3: Cloud and remote service attacks
Incidentally, the pandemic also forced companies to quickly adopt new cloud services and remote access tools to keep operations going. However, many small- to medium-sized businesses (SMBs) didn’t have an IT department or IT experts who can properly configure these solutions. On top of this, some organizations didn’t have the time or money to vet available tools or partner with proven vendors, so they went for free software alternatives of questionable quality.
Cybercriminals exploited — and will continue to exploit — misconfigurations and weakly protected server applications, containers, and cloud storage. To combat this threat, Gartner recommends that businesses include a cloud workload protection platform (CWPP) in their cybersecurity strategies. CWPPs are technology solutions with various capabilities such as vulnerability management and system integrity monitoring, and they also enable administrators to view and manage security controls across multiple public cloud environments from a single console.
As cybercriminals improve their attack strategies and use more sophisticated tools, your organization must level up and strengthen its cybersecurity data protection. System-level protection like firewalls and antivirus software are not enough to combat modern cyberthreats. Partner with Complete IT for a comprehensive cybersecurity strategy that is sure to protect your most valuable assets. Schedule a no-obligation consultation with one of our business technology experts today.