Industry executives and experts share their predictions for 2021. Read them in this 13th annual VMblog.com series exclusive.
How COVID-19 and the Remote World Will Shape 2021
By James Carder, Chief Security Officer for LogRhythm
COVID-19 caused a rapid shift for organizations operating
on-premise to remote operation, spiking cloud usage and large parts of the
workforce increasingly becoming users of SaaS-based services. This has, in
turn, created new pain points for CISOs, such as visibility and protection of
the remote workforce. In 2021, we'll see the impact on organizations that did
not adapt to the remote workforce shift or those that did not implement
technology accurately.
As cybercriminals capitalized on the COVID-19 pandemic in
2020, they will continue to use it to their advantage in 2021. As the timeline
for a vaccine approaches, threat actors will disguise phishing attacks as
COVID-19 vaccine emails. Below are additional realistic
expectations of what's to come next year.
1.
We'll see the consequences of employees
letting their guards down as work-from-home extends.
Many employees will
continue to work remotely in 2021 to slow the spread of COVID-19 until a
vaccine can be reliably distributed. Consequently, bad actors are no longer
following these employees "through the door" when looking to steal data.
Instead, they will seek to take advantage of workers who have been remote since
the start of the pandemic, as they may be more likely to be letting down their
guard when it comes to following security protocols. This relaxation on
security protocol - combined with threats that already exist in a rushed remote
work environment - will result in data loss rates exceeding what we saw in
2020.
2.
Attackers will leverage the COVID-19
vaccine to conduct the largest phishing effort of the year.
In 2020 we saw hackers leverage
COVID-19 to distribute a plethora of phishing scams to unsuspecting victims.
The number of legitimate emails sent on the topic allowed phishing emails to
hide in plain sight. As the race to secure and distribute a vaccine continues,
the public will once again seek information on new developments. Attackers will
purchase domains and craft emails with this in mind. The amount of content,
combined with the thirst for knowledge, will set the stage for a further
increase in phishing attacks.
3.
We will see a rise in internet policing
as misinformation reaches new heights following the U.S. elections.
Our lives have taken
place online more so this year than ever before. In the wake of rampant
misinformation efforts across social media platforms and news agencies during
the 2020 U.S. election, fear of further escalation will lead to a call for
tighter regulations on the internet. Large-scale spear phishing and
watering hole attacks will add to the mounting pressure on Congress to
introduce and pass legislation that forces tech giants and media organizations
alike to have better safeguards in place. 2021 will be a year of holding these
organizations accountable using regulation versus allowing them to
"self-police."
The biggest target for misinformation following the U.S.
election will be the COVID-19 vaccine.
The effort to develop and distribute a vaccine relies on cross-collaboration
across numerous countries. But as a vaccine gets closer to market, foreign and
domestic hackers will seek to sabotage or steal vital information. This year
the U.S. accused both Russia
and China
of trying to steal information related to vaccine development. However, the
greatest threat will occur when the vaccine enters the final approval stages
and is prepared for distribution. Malicious foreign actors will seek to gain
access to critical information that they can leverage for ransom and sensitive
patient information from vaccine trials they can sell.
4.
The board meeting of a major company
conducted using video conferencing software will be exposed, resulting in a
high-profile scandal.
With so much of the
world staying at home and finding new ways to communicate with others, people
are using collaboration tools for everything from highly confidential government
discussions to distanced learning in K-12 and university-level education. Both
scenarios are targets for bad actors looking to exploit vulnerabilities. In both the school and office
environment, Zoom has been battling a major influx in hacks since COVID-19 began, with bad actors
partaking in ‘Zoom Bombing' to sabotage calls with disruptive videos and commentary. As
these criminals' efforts continue to become more sophisticated, we will see a
threat actor gain access to a major public company's board meeting and leak
compromising business information that results in a high-profile scandal.
5.
Deepfakes will become a significant
threat to business integrity.
COVID-19
has forced in-person communication to go virtual, which means businesses are
relying on video conferencing to conduct meetings more than ever before. While
the notion of deepfakes may not be new, they are getting increasingly
sophisticated and are becoming remarkably easy to generate. Take ThisPersonDoesNotExist.com, for example, which leverages AI to create completely
believable images of people that don't exist in real life. If this process can
be conducted with relatively little information, then certainly hackers can
leverage work profiles used for video conferencing technology - which have
employees' names and pictures automatically associated with them - to
create convincing fakes.
The unprecedented
shift to remote work will lead to video and images of leaders inside an
organization being weaponized to exploit employees for financial gain. Outside
of being used to target employees internally, this technique will be used to
dramatically impact a specific stock by manipulating the public into thinking
the CEO of a public company has done something damaging.
6.
There will be a reckoning within the
growing API security market as API data breaches rise.
Earlier this year, Facebook pledged
to improve its security as it worked to resolve a lawsuit blaming the company
for a 2018 data breach where bad actors leveraged Facebook's developer APIs to
obtain sensitive user information. This is not a threat that is unique to
Facebook or any one industry.
In fact, this is a rising threat, as APIs are one of
the largest attack surfaces for organizations. More and more businesses across
industries are building out microservices that leverage APIs, but very few
companies know how to build them securely, and the growing API security market
is beginning to falter. This will result in a high-level breach and data loss
that will be directly traced back to unsecured APIs.
##
About the Author
James Carder brings more than 23 years of experience
working in corporate IT security and consulting for the Fortune 500 and U.S.
Government. At LogRhythm, he develops and maintains the company's security
governance model and risk strategies, protects the confidentiality, integrity,
and availability of information assets, oversees both threat and vulnerability
management as well as the security operations center (SOC). He also directs the
mission and strategic vision for the LogRhythm Labs threat research, compliance
research, and strategic integrations teams. James is a sought-after and
frequent speaker at cybersecurity events and is a noted author of several cyber
security publications. He is also an Advisory Board member for the University
of Colorado, NewCloud Networks, the Identity Defined Security Association
(IDSA), and Resurface Labs; a Certified Information Systems Security
Professional (CISSP); and a member of the Forbes Technology Council. He holds a
Bachelor of Science degree in Computer Information Systems from Walden
University and an MBA from the University of Minnesota's Carlson School of
Management.