Home » Security Bloggers Network » State of Cybersecurity 2020-21, III

State of Cybersecurity 2020-21, III

by Felipe Ruiz on November 23, 2020

This post is the third
and last part of the State of Cybersecurity 2020-21.
Of course,
to close the subject,
we have to emphasize the year
that is soon to come,
and for which many people in the field of cybersecurity
are making some predictions.

Let’s start with some of them:

For some years now,
Cybersecurity Ventures’ researchers
have proposed that
the global annual cost of cybercrime
by 2021 will be $6 trillion.
This would double the value reported in 2015.
They also predicted that ransomware,
by 2021,
worldwide,
will cost 57 times more than five years ago,
reaching $20 billion,
and with a new victim every 5 seconds.
In terms of global spending on cybersecurity services and products,
in 2004,
it was worth $3.5 billion,
which grew approximately 35 times in 13 years.
In the next five years,
from 2017 onwards,
this value is predicted
to exceed $1 trillion on a cumulative basis.

Apparently,
based on ENISA’s report,
we’ll continue to see an increase in malware activity
in the coming years.
These cyber threats are regularly improving their characteristics,
including,
for example,
new propagation mechanisms.
File types like disc image files
(i.e., IMG, ISO)
are becoming famous for spreading malware,
apart from the typical XLS, PDF, DOC and ZIP files.
Once the malware is installed,
it allows recognition and movement
on the victim’s systems
and affects their operation or steals data.

On the other hand,
there are omens about the expansion of attacks
on the mobile sector.
Users are now more and more dependent on it,
even in their businesses.
“Fraudulent apps,
SIMJacking and operating systems exploits
make these devices the weakest link.”
Similarly,
there are current warnings
about the possible growing impact of attacks on companies
via IoT devices.
These machines are increasing in number
and have the reputation of not being up to date
in terms of security.
They can mean easy entry points into companies’ networks
for cybercriminals.

Highly planned and targeted ransomware attacks
on the public sector,
especially government and healthcare organizations,
may keep their expansion during the COVID-19 pandemic.
We’ll undoubtedly continue to observe
what is currently presented in ENISA
as an emerging trend:
“Attackers […] spending more time
gathering intelligence about their victims,
knowing exactly what to encrypt,
achieving maximum disruption and higher ransoms.”

Sponsorships Available

For more information on what’s currently representing a trend
among cybercriminals
and may continue to do so
in the near future,
we invite you to check the first post of this series.
At this point,
we want to highlight some preventive approaches
that we believe will continue being trends
in the coming year.

Korpa

Photo by Jr Korpa
on Unsplash.

Some preventive trends in 2021

Shift to the left

A crucial suggestion for your organization’s security,
which we at Fluid Attacks never get tired of sharing,
is to shift the ‘security element’ to the left.
In short,
this means that
any company creating or using software
(almost all of them today)
should think about its security
and apply it from the beginning.
This methodology belongs to the DevSecOps
approach.
There,
security testing must be continuous
—covering the whole software development lifecycle (SDLC)—,
and ensures significant savings in time and money.
Then,
for the next year,
many businesses should move away
from the approach of searching for
and identifying vulnerabilities in their systems and software
only after deployment to production.
In such cases,
attackers may already have access to the gaps.
And these issues may not be immediately remediated
and may require considerable time,
effort and money
due to their quantity and complexity.

Secure hosting in the cloud

Cloud services adoption will continue to increase
over the next year
as multiple firms adapt to the much-requested remote working.
(Learn here about our experience.)
These firms should be aware of the flaws
(mainly related to unintended misconfigurations)
that are often reported regarding this type of service.
Defects that have many times resulted in significant data breaches.
On their side,
cloud service providers have the challenges
of keeping solutions up to date
and,
at the same time,
implementing methods for identifying configuration errors asap.

Employees educated in security

Concerns will remain in many companies
because some remote workers are not familiar
with proper security controls and practices.
We have already mentioned that
attackers are at this time paying too much attention
to the human factor to penetrate organizations’ systems.
And they’ll surely keep on doing so.
That’s why training staff
and creating a cybersecurity culture
will continue to be a priority
to protect data assets.

Cybersecurity with multidisciplinary teams

Linked to the previous trend appears another one
that will continue to be outstanding next year.
It refers to the formation of multidisciplinary teams
focused on cybersecurity.
We had already mentioned the lack of trained personnel in this area
and the number of vacancies not being filled.
However,
different professionals
from their particular skills and experiences
will provide companies with diverse contributions
to respond to cybersecurity challenges and opportunities.
Cybersecurity is no longer an issue
that only engineers will work on.
We’ll also have professionals in statistics,
economics, cognitive science, business, political science,
among other areas of knowledge.

Reevaluate cybersecurity

Companies will need to continually reevaluate their cybersecurity,
protect every endpoint
and maintain necessary security controls
after this digital transformation forced by the pandemic.
Many organizations concerned with their security,
following many decision-makers’ advice,
will begin to employ a zero-trust approach,
implementing a strict restriction of access
and verification of everything.
They should always recognize that
although in most cases the threats are external,
criminals can also be part of their staff.
A firm adequately prepared for cyber threats in 2021
will appreciate the benefit
of handling multi-factor authentication processes.
It will also ensure that
its employees create sufficiently complicated passwords
and change them with a specific frequency.
Some companies will even start
using biometric authentication methods,
such as face verification for their staff,
and why not,
for their customers or users.

A mixture of automatic and manual work

By 2021
the idea of valuing and recommending manual
more than automatic work
will be kept active,
just for a matter of results.
As discussed in part II,
the excess of false negatives and positives
in automatic tools’ operations
continues to make ethical hackers an essential factor
in evaluating IT security.
Following the x or y technique,
an automated procedure delivering results will always be insufficient
compared to a comprehensive process
covering a mixture of automatic and manual hacking.
The technological advances are quite useful to us
as they are to you.
However,
we recommend that
you do not let yourself be seduced
by the skills that many firms intend to confer
on their testing tools.

Conclusion

Finally,
hoping that we’ll see a more clear and promising future
amid so much uncertainty,
many businesses must continue their adaptation in cybersecurity.
With the help of experts,
each company persistently has to stay informed
about the risks and the best prevention strategies
to be implemented right away.
Besides,
every staff must be trained as a group
and maintain a collaborative effort
that in 2021 and the next years will allow their systems and assets
to be as protected as possible.

Do you have any questions?
Do not hesitate to contact us!