2021 is here and in full swing, but with it, we have received a new set of digital security problems that need to be addressed. Ever since the pandemic of 2020, the internet has been exploding with traffic every day. Due to this increased load from both users and businesses, attackers have even more targets to prey on.
People are using the internet more than ever before and as technology works its way into more systems and gets used for simpler and simpler things, the attack surface that cybercriminals can work on is increasing exponentially. Let's have a look at some of the main trends in digital security and what you need to keep an eye out for.
A lot of companies have started bringing back staff to offices but still, there is a huge number of people who are working from home on their full-time jobs or freelancing. The problem of unsecured networks persists as home-based workers are using the same connection for both work and personal use. The fact that companies have a lot of people working from home and connecting through personal networks increases the attack surface area that the company is exposed to.
Combine this with the fact that the devices they use are not optimized for security, and this multiplies the problem exponentially. It's the need of the hour for home-based workers to secure their connections and devices and play an active part in protecting their employers as well as safeguarding their interests.
The brute force approach and distributed denial-of-service (DDoS) attacks are back in fashion. Not only are these effective against simple services delivery protocol (SSDP) and simple network management protocol (SNMP) but it is a great way to stay out of the reach of firewalls. With more attackers only interested in hindering the performance of a service provider and then blackmailing them into paying the attacker to solve the problem, this approach gets the job done.
To counter this problem businesses, need to be equipped with tools that can detect such activity before it becomes a problem, isolate the activity and then alert admins to take action.
Since these kinds of attacks don't rely on executable files they are incredibly difficult to be picked up by any filtration system you may have in place. Rather they deliver results by exploiting tools such as Powershell and since no file is executed, they can be picked up by scanning the system's hard disk either. The only solution you have to defend against this kind of attack is to be vigilant and employ behavior monitoring systems. Make sure you are getting rid of unused programs and have a constant eye on network traffic.
Even though it's one of the oldest tricks in the book, it still works. Especially during a time when the internet is full of trends and things that are happening in one area of the world gain the interest of a local audience. Phishing attacks are getting better and more difficult to spot. As more people are working from home and rely on email for communication more than before, they tend to fall for phishing attacks as well. The only way to ward of this form of attack is to keep your team well trained and well educated about safe digital habits and make it a point for everyone to have a separate dedicated work email. This is the email they should not be giving out to people and making new accounts with. It should be dedicated to working only.
Overall, you are going to be facing a lot of threats in 2021, the best thing you can do is to invest in good infrastructure and invest in training your people to properly use these systems and be aware of the threats they are up against.