Dubai, UAE, December 15, 2020 – HP released its 2021 predictions on how security threats – such as human-operated ransomware, thread hijacking and unintentional insider threats – are set to increase in the next 12 months.
HP’s cybersecurity experts including – Julia Voo, Global Lead Cybersecurity and Tech Policy; Joanna Burkey, CISO; Boris Balacheff, Chief Technologist for Security Research and Innovation at HP Labs; Dr Ian Pratt, Global Head of Security for Personal Systems – and from HP’s Security Advisory Board – Justine Bone, CEO at MedSec – all gave their predictions for 2021.
Weakened organisational security will lead to more unintentional insider threats
The dramatic changes to how we work in 2020 and the shift to remote working will continue to create challenges, says Julia Voo: “COVID-19 has weakened organisational security. Remote access inefficiencies, VPN vulnerabilities and a shortage of staff that can help the business adapt means data is now less secure.” From a cybercriminal’s perspective, the attack surface is widening, creating more opportunities, as Joanna Burkey explains: “We can expect to see hackers identifying and taking advantage of any holes in processes that were created, and still exist, after everyone left the office.”
Human-operated ransomware attacks will remain an acute threat
Ransomware has become the cybercriminal’s tool of choice, and this is likely to continue in the year ahead, comments Burkey: “What we’ll see is a rise in ransomware-as-service attacks where the threat is no longer the ‘kidnapping’ of data – it’s the public release of the data.”
The rise of ransomware has fuelled the growth of an ecosystem of criminal actors who specialise in different capabilities needed to pull off successful attacks. “To maximise the impact of an attack, threat actors use their access to compromised systems to deepen their foothold into a victims’ networks. Many crews use offensive security tools to gain control of a victim’s domain controllers, which are often the best point in a network to deploy ransomware,” explains Dr Ian Pratt.
Greater innovation in phishing will see thread hijacking
In 2021, there will be more innovative phishing lures designed to trick users and make attacks harder to identify. “The most innovative mass phishing technique we see is email thread hijacking, which is used by the Emotet botnet. The technique automates the creation of spear-phishing lures by stealing email data from compromised systems. This data is then used to reply to conversations with messages containing malware, making them appear very convincing,” explains Dr Ian Pratt. We can also expect to see more of these attacks targeting individuals working remotely, says Justine Bone: “Thanks to everything relying on strong authentication, as opposed to in-person presence, there is more opportunity for hackers to engage in social engineering to trick employees into divulging credentials”.
A new approach to security is needed
“2020 demonstrated that is has become critical to manage highly distributed endpoint infrastructure,” comments Balacheff. “Organisations need to accept that the future is distributed. To meet this challenge, organisations need to re-think their security architectures and controls, and embrace the necessary innovation in technology and processes to help them support this new environment. For example, modern hardware technology exists that can help not only protect but also recover employees remotely and securely in the face of destructive attack like those we have seen in the last few years”.