As the end of 2020 nears we like to look back at the different network security trends which shaped this year and estimate what the upcoming year holds for us. When looking back at 2020, there was some tumult for organizations and users that were fighting different security challenges – such as ransomware, exploited VPNs, RDP attacks and exposed network attack surfaces.
Moving forward to 2021, it is crucial to look back on what we all experienced over the past year security-wise and use the lessons that were learned. We recently sat down with different security experts and discussed the top 2020 security trends and 2021 predictions they’ve identified and are expecting to see.
Due to COVID-19, most organizations were forced to require that their employees connect to corporate resources on the cloud or to the corporate network remotely, which created a massive surge of Cloud VPN usage and traffic across IoT devices.
“With the flood of folks working from home this year, there was a massive rise in Enterprise VPN usage and corporate devices on home networks. There was also more focus on Internet of Things (IoT) devices and device use cases not seen in prior years, with companies forced to adapt to a landscape with corporate IT devices sharing the same network with their users’ lightbulbs and washing machines”, said Kimber Dowsett, Director of Security Engineering at Truss.
Healthcare providers and financial firms were victims of cybercriminal attacks more than any other sector in 2020. This isn’t surprising, as hackers tend to exploit targets that are the right combination of vulnerable and profitable.
“Financial institutions, healthcare, and related supply chains will continue to see spikes in attacks. These verticals are deeply intertwined. Early in the pandemic, we experienced firsthand how a failure in any one link impacted the entire economy. A cyberattack against these verticals will begin to translate directly to increased loss of human life”, notes Mieng Lim, VP of Product Management at Digital Defense, Inc.
While working remotely isn’t a new idea, it transformed the way people worked in 2020 due to social distancing restrictions. Working from home also helped accelerate a digital transformation among organizations which moved to update their processes.
Avi Raichel, CIO at Zerto is of the same opinion. He says, “This past year found nearly everyone working from home at some point. Some loved it, some didn’t, but I don’t see us ever going back to exactly how it was before. Recent months have made it clear that companies are coming to the understanding (or at least they should be) that digital transformation is not an option but an absolute necessity. Stakes are higher than just 12 months ago, the risks are more widespread, and there are more opportunities for cybercriminals to succeed. This means that IT disruption caused by the threat of ransomware is something that should be near the top of the list of concerns for every CIO and every company.”
The biggest trend that highlighted the network security industry in 2020 was Secure Access Service Edge (SASE). SASE helps accelerate the adoption of and eases the consumption of cloud security and networking technologies.
Cloud adoption and remote work have been triggered by the pandemic, and the introduction of the SASE model brings network security up to speed. To be sure, security services that are cloud-based have grown and will continue to grow in 2021. SASE is a technology that unifies security and networking tools from the cloud, giving IT teams the tools they need to provide secure access to corporate resources. With SASE, security gaps will be minimized via a multilayer model, and latency will be reduced with the presence of encrypted gateways near the network edge. Security and networking will now become a single solution and natively inseparable from each other, says Amit Bareket, Co-Founder and CEO of Perimeter 81.
Hackers and cybercriminals are becoming more sophisticated, but breaches that occur from within the organization, whether intentionally or accidentally via misconfiguration or bad security hygiene, are some of the most popular attacks in 2020.
Steve Durbin, Managing Director of the Information Security Forum says, “One area that organizations need to deal with is the rise of insider threats, with so many unhappy employees who have been furloughed or let go from their jobs. The trust organizations are placing in insiders has grown with advances in information technology, increasing information risk and changing work environments. The insider threat is one of the greatest drivers of security risks that organizations face as a malicious insider utilizes credentials to gain access to critical assets. Many organizations are challenged to detect internal nefarious acts, often due to limited access controls and the inability to detect unusual activity once someone is already inside their network.”
Cloud misconfigurations will be one of the top causes of data breaches next year. The cloud played a huge role in enabling a swift shift to remote work in 2020.
“The lack of understanding of the shared responsibility model and the security hurdles in the cloud will cause serious problems in 2021. Indeed, the global shortage of IT pros skilled at cloud management and security, combined with lack of visibility into cloud design and workloads, will make cloud misconfigurations inevitable, leading to overexposed data and breaches”, said Ilia Sotnikov, VP of Product Management at Netwrix.
Ransomware will continue to be the biggest threat and financial risk to enterprises. Most organizations should be very concerned about ransomware as attacks designed to hijack networks and resources are becoming highly sophisticated.
“Ransomware is going to continue evolving, with it becoming not just a security incident but also a data breach as organized cybercrime groups also steal the data before it’s even encrypted. This means that companies are not just worried about getting their data back but also who it gets publicly shared with. Ransomware has proven to not be ethical in any way and will target anyone, any company and any government including hospitals and transportation industries at a time when they are under extreme pressure”, warns Joseph Carson, Chief Security Scientist and Advisory CISO at Thycotic.
Over the years, many mom and pop shops were always a bit behind when it came to security risks. In 2021 that will change, as everyone – no matter the size or business model – will look to increase their business security hygiene.
“2021 is going to be the year that SMBs finally start taking fundamental network security seriously. I am not talking about the latest AI-powered thing. There are still countless businesses running without a properly configured firewall, opening insecure ports to the internet, and leaving default passwords on devices. Attacks have become so automated that these mistakes are a guarantee to get discovered and result in a breach. You are already seeing device manufacturers pushing these changes, such as ISP modems coming with unique logins. This will start pulling IT along in the same direction as well,” says Dustin Bolander, CIO at Clear Guidance Partners.
In the upcoming year, the security industry will see an increase in deepfake campaigns and other AI-generated media designed to exploit victims with a more sophisticated style of attack.
“In 2021, threat actors will move on from basic ransomware attacks and will weaponize stolen information about an executive or business to create fraudulent content for extortion. From deepfakes to voice fakes, this new type of attack will be believable to victims, and therefore, effective. For example, imagine an attacker on a video system, silently recording a board meeting, then manipulating that private information to contain false and damning information that if leaked, would create business chaos, to compel a business to pay up,” says David “Moose” Wolpoff, CTO and Co-Founder at Randori.
Over the past few years, organizations have understood that protecting their resources from risks is essential. However, most are still using outdated solutions especially when it comes to threat hunting solutions.
“The key to steering toward a proactive security posture with better threat hunting procedures is to look at tactics or techniques known as TTPs. Instead of waiting for an incident to happen and setting off alerts or relying purely on IOCs, TTP monitoring looks for certain behaviors that are telltale signs of an impending attack. In 2021, we’ll see a steep rise in security analysts adopting this approach. By introducing analytics to the equation and pairing them with TTPs, security professionals will be able to filter out those everyday activities. Instead of monitoring for specific risks, analytics watch for changes in patterns, which can help prevent alert fatigue that comes from too many false positives. When a business is aware of the activities happening across its network, it’s better prepared to protect itself against security breaches”, notes Andy Skrei, VP of Worldwide Sales Engineering at Exabeam.
As we close the book on 2020 we must learn from all the security experiences and mistakes to understand what worked well and what could have been better. No matter if you are a security expert or a newbie, the entire security community needs to be aware of the new kinds of attacks, tactics and trends that will likely headline the upcoming year. Organizations should start implementing the right level of security inside their organizations based on how they’ve prepared relevant tools in the pre-2021 period. We wish everyone a happy and secure 2021!