Author: Gene tang - Head of Professional Services, Asia and India at Rackspace Technology

Last year, the world witnessed a significant rise in several cybersecurity threats driven by the advent of the pandemic. Savvy cybercriminals began exploiting vulnerabilities in new ways, because of the new work-from-home culture that the pandemic created. Unsecured home devices were hacked and new phishing schemes were launched leveraging keywords like “virus diagnosis” and “stimulus package.” Common tech tools were also exploited with Zoom's credentials being stolen. In Singapore, hackers hijacked the streaming of a lesson to show obscene pictures to some students. This led to a temporary ban of Zoom for home-based teaching.

One year later, where do we stand when it comes to our biggest security threats? Many of the same threats are still going strong as we move into 2021 and new vulnerabilities are emerging. Cybercriminals are doubling down on their successful schemes from 2020 and creating new ones to leverage today’s leading security vulnerabilities.

Threat #1: Perimeter expansion to employees’ homes

With the rise of a work-from-home culture in 2020, company perimeters now extend into employees’ homes. This makes it more challenging for security professionals to monitor their internal network through traditional perimeter monitoring and access controls, such as firewalling and network intrusion detection systems. A PWC report titled “2021 Global Digital Trust Insights" indicated that 78% of APAC respondents among 595 business, technology, and security executives felt that remote work revealed urgency to modernise identity and access management, mobile device management, and endpoint protection.

To combat these risks, IT teams will need to focus and improve on effective endpoint management solutions. These solutions enable better visibility and control over data, including on any third-party apps, like Zoom, Slack and Office 365. This will also extend to traditional endpoint security tooling by ensuring that security tools such as anti-malware are installed, patches are up-to-date, secure configurations are set, and endpoints are protected.

Threat #2: Third-party hacks gain criminals’ attention

With the successful hack of SolarWinds and, subsequently, its 300+ client base, and many other third-party-based breaches in the past, more companies are paying attention to their third-party risk management programmes. This speaks to the increased sophistication, complexity and persistence of threat actors.

To prevent a similar third-party breach from impacting their networks, corporate mergers and acquisitions (M&A) and licensing management functions need to become more closely aligned with their governance, risk and compliance teams. One critical step is conducting a thorough security audit of all third-party vendors. This intra-organisational collaboration will also better prepare organisations for the future of increased compliance regulations that will force a baseline for more comprehensive and robust third-party risk management programmes.

Threat #3: Ransomware attacks on the rise

Ransomware attacks are on track to continue being a leading threat in 2021.

One of the drivers is that more companies are purchasing ransomware insurance. This fact has not escaped cybercriminals’ attention. Because companies have insurance, they will pay off the ransoms to have their data decrypted quickly rather than try to fight it. As a result, the criminals received a quick win.

Preventing ransomware attacks is accomplished with a back-to-basics approach that includes stronger security hygiene. This includes tactics like timely patching, enforced least-privilege access policies and regular backups with safe storage.

Threat #4: New email phishing scams

2020 continued the trend of increasing the volume and complexity of email phishing attacks. Cybercriminals use phishing to distribute malware, steal credentials and scam users out of money.  In Singapore, the Singapore Police Force revealed that phishing scam cases in Singapore have seen a significant increase last year, with more than 190 cases reported between January 2020 to August 2020, with losses amounting to $304,000 in 2020. 

While 2020 did not introduce a fundamental change to phishing, cyber threat actors did adjust tactics to leverage different keywords throughout the year, as people gained interest in new topics. Keywords such as “pandemic” and “COVID” became popular in the earlier parts of the year, and as “vaccines” and “stimulus checks” became relief options, attackers added these emotionally-charged keywords to their phishing vocabulary.

There is no single solution to prevent malicious email from coming through, but combinations of well-tuned tools and well-educated staff will reduce your chances of falling victim to phishing emails:

• Implement the technical security controls built into your email platforms.
• Add an “external” banner to emails coming from outside your organisation.
• Apply email analytics tools that can detect emails coming from untrusted sources, or from newly created “burner” email accounts and domains.
• Establish a robust security awareness programme for employees, so they can serve as a last line of defence against phishing attacks.
• Consider implementing mock phishing tests against your own organisation, so employees know what to do when they receive something that looks phish-y.

Understanding the maturity of your organisation’s cybersecurity programme is critical — so businesses can make informed decisions to defend against threat actors and their tactics, techniques, and procedures (TTPs). Organisations need to assess the common security gaps in their environment that they may not be aware of.